Exemplo n.º 1
0
 /**
  * Generate a key to be stored in a cookie so users who are not logged in
  * can edit / delete the image.
  *
  * @param PasswordHasher $passwordHasher
  *
  * @return string
  */
 public function generateKey(PasswordHasher $passwordHasher)
 {
     $key = $passwordHasher->generateKey();
     $this->sessionKey = $key;
     //$passwordHasher->generateHash($key);
     return $key;
 }
Exemplo n.º 2
0
 /**
  * @api            {post} /sessions Start a Session (Login)
  * @apiGroup       User Sessions
  * @apiDescription Validates login credentials and returns a new session if valid.
  * @apiParam {string} username Username to login as.
  * @apiParam {string} password The user's password.
  *
  * @param PasswordHasher $passwordHasher
  *
  * @throws HttpException
  * @return \Response
  */
 public function store(PasswordHasher $passwordHasher)
 {
     $this->validate($this->request, ['username' => 'required', 'password' => 'required']);
     $username = $this->request->input('username');
     $password = $this->request->input('password');
     /** @var User $user */
     $user = User::whereUsername($username)->first();
     if (!$user) {
         throw new InputException(404, ['username' => ["Couldn't find a user with that username."]]);
     }
     if ($passwordHasher->verify($password, $user, 'password')) {
         $this->auth->setUser($user);
         // Start a new session
         $session = new UserSession(['userId' => $user->userId, 'ip' => $this->request->getClientIp()]);
         $sessionKey = $session->generateKey($passwordHasher);
         $session->save();
         return $this->response(['session' => $session, 'sessionKey' => $sessionKey, 'success' => true]);
     } else {
         throw new InputException(401, ['password' => ["That password is not correct."]]);
     }
 }
Exemplo n.º 3
0
 /**
  * @api            {put} /albums/{albumId} Update Album Info
  * @apiGroup       Albums
  * @apiDescription Update the stored metadata for an album.
  * @apiParam {string} [title] New title of the album.
  * @apiParam {boolean=0,1} [anonymous=0] Hide the name of the album owner?
  * @apiParam {string=""} [password] Password that will be needed to view the album and any images in it.
  *     Give a blank value to clear.
  *     <br/>**If an image is in an album the anonymous setting and password for the album apply instead of
  *     the images own settings.**
  * @apiUse         RequiresAuthentication
  * @apiUse         AlbumSuccessResponse
  *
  * @param Album          $album
  * @param PasswordHasher $passwordHasher
  *
  * @return Response
  */
 public function update(Album $album, PasswordHasher $passwordHasher)
 {
     $user = $this->requireAuthentication($album->userId);
     $this->validate($this->request, ['title' => 'string|max:100|unique:albums,title,' . $album->albumId . ',albumId,userId,' . $user->userId, 'anonymous' => 'boolean', 'password' => '']);
     if ($title = $this->request->input('name')) {
         $album->title = $title;
     }
     if ($this->request->exists('anonymous')) {
         $album->anonymous = (bool) $this->request->input('anonymous');
     }
     if ($this->request->exists('password')) {
         if ($password = $this->request->input('password')) {
             $album->password = $passwordHasher->generateHash($password);
         } else {
             $album->password = null;
         }
     }
     if ($album->save()) {
         return $this->response(['album' => $album->fresh(), 'success' => true]);
     }
     throw new HttpException(500, "Unable to update album.");
 }
Exemplo n.º 4
0
 /**
  * @api            {put} /images/{imageId} Update Image Info
  * @apiGroup       Images
  * @apiDescription Update the stored metadata for an image.
  * @apiParam {string} [title] Title for the image. Give a blank value to clear.
  * @apiParam {boolean=0,1} [anonymous=0] Hide the name of the uploader? (Requires authentication)
  * @apiParam {string=""} [password] Password that will be needed to view the image. Give a blank value to clear.
  *      (Requires authentication)
  * @apiParam {int} [albumId] An album that the image should be moved to. Give a blank value to remove from album.
  *      (Requires authentication)
  * @apiUse         RequiresEditableImage
  * @apiUse         ImageSuccessResponse
  *
  * @param Image          $image
  * @param PasswordHasher $passwordHasher
  *
  * @return Response
  */
 public function update(Image $image, PasswordHasher $passwordHasher)
 {
     $this->requireEditableImage($image);
     $this->validate($this->request, ['title' => 'max:10', 'anonymous' => 'boolean', 'password' => '', 'sessionKey' => 'required_with:anonymous,password,albumId']);
     if ($this->request->exists('albumId')) {
         if ($albumId = $this->request->input('albumId')) {
             $this->validate($this->request, ['albumId' => 'exists:albums,albumId,userId,' . $this->user->getId()]);
             $image->albumId = $albumId;
         } else {
             $image->albumId = null;
         }
     }
     if ($this->request->exists('title')) {
         $image->title = $this->request->input('title');
     }
     if ($this->request->exists('anonymous')) {
         $image->anonymous = (bool) $this->request->input('anonymous');
     }
     if ($this->request->exists('password')) {
         if ($password = $this->request->input('password')) {
             $image->password = $passwordHasher->generateHash($password);
         } else {
             $image->password = null;
         }
     }
     $success = $image->isDirty() ? $image->save() : false;
     return $this->response(['success' => $success, 'image' => $image->fresh()]);
 }
Exemplo n.º 5
0
 /**
  * @api            {put} /users/{username} Update User Info
  * @apiGroup       Users
  * @apiDescription Update a user's account information.
  * @apiParam {string} sessionKey A session key belonging to this user.
  * @apiParam {string} [username] A new username for the user.
  * @apiParam {string} [email] A new email address for the user.
  * @apiParam {string} [password] A new password for the user. Minimum 3 characters.
  * @apiParam {boolean=0,1} [defaultAnonymous=0] Display the username on images uploaded by this user?
  * @apiParam {string} [defaultPassword] A password that will be required to view newly uploaded images.
  *     (Can be changed per image after uploading, see "Update Image Info").
  * @apiUse         UserSuccessResponse
  *
  * @param User           $user
  * @param PasswordHasher $passwordHasher
  *
  * @return Response
  */
 public function update(User $user, PasswordHasher $passwordHasher)
 {
     $this->requireAuthentication($user->userId);
     $validationRules = ['username' => 'unique:users,username,' . $user->userId . ',userId', 'email' => 'unique:users,email,' . $user->userId . ',userId', 'password' => 'min:3', 'defaultAnonymous' => 'boolean', 'defaultPassword' => 'string'];
     $this->validate($this->request, $validationRules);
     if ($this->request->has('username')) {
         $user->username = $this->request->input('username');
     }
     if ($this->request->has('email')) {
         $user->email = $this->request->input('email');
     }
     if ($this->request->has('password')) {
         $user->password = $passwordHasher->generateHash($this->request->input('password'));
     }
     if ($this->request->has('defaultAnonymous')) {
         $user->defaultAnonymous = (bool) $this->request->input('defaultAnonymous');
     }
     if ($this->request->exists('defaultPassword')) {
         if ($password = $this->request->input('defaultPassword')) {
             $user->defaultPassword = $passwordHasher->generateHash($password);
         } else {
             $user->defaultPassword = null;
         }
     }
     $success = $user->isDirty() ? $user->save() : false;
     return $this->response(['success' => $success, 'user' => $user->fresh()]);
 }