/** * Use for application to login directly */ public function authenticate() { //Do validation of App and user's login $this->load->library("form_validation"); $this->form_validation->set_rules('client_id', 'client_id', 'required'); $this->form_validation->set_rules('client_secret', 'client_secret', 'required'); $this->form_validation->set_rules('redirect_uri', 'redirect_uri', 'required'); $this->form_validation->set_rules('userid', 'userid', 'required'); $this->form_validation->set_rules('password', 'password', 'required'); $_POST['response_type'] = "code"; $_POST['grant_type'] = 'authorization_code'; $_POST['scope'] = ""; if ($this->form_validation->run()) { try { $params = $this->authserver->getGrantType('authorization_code')->checkAuthoriseParams($_POST); } catch (Oauth2\Exception\ClientException $e) { $jsonRet = array(); $jsonRet['ret'] = 1; $jsonRet['error'] = "incorrect app login info"; $jsonRet['response'] = ''; echo json_encode($jsonRet); return; } catch (Exception $e) { $jsonRet = array(); $jsonRet['ret'] = 5; $jsonRet['error'] = "Server internal error"; $jsonRet['response'] = ''; echo json_encode($jsonRet); return; } //Validate User Info if (1 != User::ValidUser($this->input->post('userid'), $this->input->post('password'))) { $jsonRet = array(); $jsonRet['ret'] = 2; $jsonRet['error'] = "incorrect user login info"; $jsonRet['response'] = ''; echo json_encode($jsonRet); return; } //validation pass, now issue the access token $user = User::GetUser($this->input->post('userid')); $userid = $user->id; $_POST['scopes'] = array(); $_POST['code'] = $this->authserver->getGrantType('authorization_code')->newAuthoriseRequest('user', $userid, $_POST); $response = $this->authserver->issueAccessToken($_POST); $response['ret'] = 0; $response['error'] = ''; unset($user->password); $response['user_info'] = $user; echo json_encode($response); return; } else { $jsonRet = array(); $jsonRet['ret'] = 3; $jsonRet['error'] = validation_errors(); $jsonRet['response'] = ''; echo json_encode($jsonRet); } }
/** * LogIn user, if success, user is kept logged in. * * @param username $username * @param string $password * @param string $isMd5 * @return bool */ function LogInUser($username, $password, $isMd5 = false, $isRememberMe = false) { if (1 == User::ValidUser($username, $password, $isMd5)) { $user = User::GetUser($username); return User::LogInUserObj($user, $isRememberMe); } return false; }