private function __construct($session)
{
$this->userRepo = UserRepository::create();
$this->sessionRepo = SessionsRepository::create();
$this->rolesRepo = UserRolesRepository::create();
$this->isLogged = self::checkSessionsForLogging($session);
}
public function login()
{
if (isset($_POST['register'])) {
$this->redirect('users', 'register');
exit;
}
if (isset($_POST['login'])) {
$username = $_POST['username'];
$passwordHash = md5($_POST['password']);
$info = UserRepository::create()->loginCheck($username, $passwordHash);
if ($info) {
$_SESSION['userId'] = $info['id'];
$_SESSION['username'] = $info['username'];
$_SESSION['email'] = $info['email'];
$_SESSION['roleId'] = $info['roleId'];
$_SESSION['cash'] = $info['cash'];
$_SESSION['userCart'] = CartRepository::create()->getUserCard($info['id']);
if ($info['roleId'] == 1) {
$this->redirect('home', 'userHome');
}
if ($info['roleId'] == 2) {
$this->redirect('home', 'editorHome');
}
$this->redirect('home', 'editorHome');
}
echo 'Invalid details';
}
}
protected function onLoad()
{
$token = time();
$_SESSION['token'] = $token;
echo '<form method="post"><input id="token" type="hidden" name="token" value="' . $token . '"></form>';
$uriParts = explode('/', $_SERVER['REQUEST_URI']);
$action = $uriParts[count($uriParts) - 1];
if (!isset($_SESSION['userId']) && $action != 'guestHome') {
$this->redirect('home', 'guestHome');
exit;
}
if (isset($_SESSION['userId'])) {
if ($this->loggedUser == null) {
$this->loggedUser = UserRepository::create()->getOne($_SESSION['userId']);
}
}
}
public function getUserCard($userId)
{
$query = "SELECT * FROM carts WHERE carts.ownerId = ?";
$this->db->query($query, [$userId]);
$result = $this->db->row();
$query = "SELECT * FROM cartsproducts where cartId = ?";
$this->db->query($query, [$result['id']]);
$cartProducts = $this->db->fetchAll();
$productRepo = ProductRepository::create();
foreach ($cartProducts as $key => $value) {
$cartProducts[$key]['product'] = $productRepo->getProduct(intval($value['productId']));
}
$user = UserRepository::create()->getOne($userId);
$_SESSION['cash'] = $user['cash'];
$result['cartProducts'] = $cartProducts;
return $result;
}
public function save()
{
return UserRepository::create()->save($this);
}
/**
* log the buy
*
* @param $user \App\User
* @param $offer \App\Offer
* @return Response the image download
*/
public function logBuy(User $user, Offer $offer)
{
if ($user->toArray() == [] || $offer->toArray() == []) {
\App::abort(404, 'The API doesn\'t exist');
}
$userRepo = new UserRepository($user);
$userRepo->logBuy($offer);
return json_encode(["points" => $userRepo->getUserPoints(), "level" => $userRepo->getUserLevel()->id]);
}
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
use Repositories\UserRepository;
Route::bind('uuid', function ($uuid) {
$userRepo = new UserRepository();
return $userRepo->getUserBasedOnUuid($uuid);
});
Route::bind('email', function ($email) {
$userRepo = new UserRepository();
return $userRepo->getUserBasedOnEmail($email);
});
Route::bind('country_id', function ($country_id) {
return $country_id;
});
Route::bind('partner_id', function ($partner_id) {
return $partner_id;
});
//caa126a6-b0b8-440c-8512-9c506264bf61
//Route::pattern('uuid','/\w{8}-\w{4}-\w{4}-\w{4}-\w{12}/');
//TODO Needs Check
Route::post('api/users', 'UsersController@storePlusVox');
Route::post('api/users/{uuid}', 'UsersController@update');
Route::put('api/users/{uuid}', 'UsersController@update');
Route::post('api/users/{uuid}/presence', 'UsersController@changePresence');
/**
* Get the image of the user
*
* @param Request $request the username and password of the user
* @return Response the image download
*/
public function getSession(Request $request)
{
//get the email and password from the input
$email = "";
$password = "";
if ($request->get('email') && $request->get('password')) {
$password = $request->get('password');
if (Libraries\InputValidator::isEmailValid($request->get('email'))) {
$email = $request->get('email');
} else {
\App::abort(400, 'The contract of the api was not met');
}
} else {
\App::abort(400, 'The contract of the api was not met');
}
//get the user based on the email
$userRepo = new UserRepository(new User());
$user = $userRepo->getUserBasedOnEmail($email);
//fill the information of the user
//if the user didn't exist
$userInfo = [];
if (!isset($user->password)) {
\App::abort(404, 'The user doesn\'t exist in the database');
} else {
if ($user->password != sha1($password)) {
\App::abort(404, 'The user doesn\'t exist in the database');
}
$imageUrl = \Request::getRequestUri() . $user->uuid . "/image";
$userInfo = ["first_name" => $user->first_name, "last_name" => $user->last_name, "birth_date" => $user->date_of_birth, "gender" => $user->gender, "country_iso" => $user->country->iso_code, "profile_image" => $imageUrl, "user_id" => $user->uuid, "role" => $userRepo->getUserRole()->role, "email" => $user->email];
}
//send the results back to the user
return json_encode($userInfo);
}
