/**
* Static Functions
*/
public static function processExternal($provider, $user_profile, User $user = null)
{
$external = self::getRepository()->findOneBy(array('provider' => $provider, 'external_id' => $user_profile->identifier));
// Locate a user account to associate.
if ($user instanceof User) {
// No additional processing.
} elseif ($external instanceof self && $external->user instanceof User) {
$user = $external->user;
} elseif (!empty($user_profile->email)) {
$user = User::getRepository()->findOneBy(array('email' => $user_profile->email));
if (!$user instanceof User) {
$user = new User();
$user->email = $user_profile->email;
$user->name = $user_profile->displayName;
$user->avatar_url = $user_profile->photoURL;
$user->generateRandomPassword();
$user->save();
}
} else {
// Not enough information to auto-create account; throw exception.
throw new \PVL\Exception\AccountNotLinked();
}
// Create new external record (if none exists)
if (!$external instanceof self) {
// Create new external account and associate with the specified user.
$external = new self();
$external->provider = $provider;
$external->external_id = $user_profile->identifier;
}
$external->user = $user;
$external->name = $user_profile->displayName;
$external->avatar_url = $user_profile->photoURL;
$external->save();
return $user;
}
public function verifyAction()
{
$id = (int) $this->getParam('id');
$code = trim($this->getParam('code'));
if ($id == 0 || empty($code)) {
throw new \FA\Exception('This page requires a valid user ID and recovery code.');
}
$user = User::getRepository()->findOneBy(array('id' => $id, 'lostpw' => $code));
if (!$user instanceof User) {
throw new \FA\Exception('Invalid ID or recovery code provided!');
}
// Reset the "lost password" code.
$user->lostpw = NULL;
$user->save();
$this->auth->setUser($user);
}
public function recoverAction()
{
$id = (int) $this->getParam('id');
$code = $this->getParam('code');
$user = User::getRepository()->findOneBy(array('id' => $id, 'auth_recovery_code' => $code));
if (!$user instanceof User) {
throw new \DF\Exception\DisplayOnly('Invalid ID or recovery code provided!');
}
$temp_pw = substr(sha1(mt_rand()), 0, 8);
$user->setAuthPassword($temp_pw);
$user->auth_recovery_code = '';
$user->save();
$this->auth->authenticate(array('username' => $user->email, 'password' => $temp_pw));
$this->alert('<b>Logged in successfully.</b><br>Your account password has been reset. Please change your password using the form below.', 'green');
$this->redirectToRoute(array('controller' => 'profile', 'action' => 'edit'));
return;
}
/**
* Creates or returns an existing user with the specified e-mail address.
*
* @param $email
* @return User
*/
public static function getOrCreate($email)
{
$user = User::getRepository()->findOneBy(array('email' => $email));
if (!$user instanceof User) {
$user = new User();
$user->email = $email;
$user->name = $email;
}
return $user;
}
/**
* Masquerading
*/
public function masqueradeAsUser($user_info)
{
if (!$user_info instanceof User) {
$user_info = User::getRepository()->findOneByUsername($user_info);
}
$this->_session->masquerade_user_id = $user_info->id;
$this->_masqueraded_user = $user_info;
}
/**
* Validate a username against all availability requirements.
*
* @param $username
* @return array [ valid: true/false, message: 'Reason why invalid' ]
*/
protected function _checkUsername($username)
{
$username = trim($username);
$lower = User::getLowerCase($username);
// Username must exist.
if (empty($username)) {
return array('valid' => FALSE, 'message' => 'Username not specified.');
}
// Username must only contain letters, numbers, -_~.
if (!preg_match('/^([a-zA-Z0-9_.~-]+)$/', $username)) {
return array('valid' => FALSE, 'message' => 'Username contains invalid characters. Only letters and numbers, dash, underscore, tilde and a period are allowed.');
}
// Username must be at least 3 characters long.
if (strlen($lower) < 3) {
return array('valid' => FALSE, 'message' => 'Username must contain at least three alphanumeric characters.');
}
// Username must not start with a period.
if ($lower[0] == '.') {
return array('valid' => FALSE, 'message' => 'Usernames must not start with a period.');
}
// Username must not contain forbidden words.
$fa_settings = $this->di->get('fa')->settings;
$blocked_words = explode(' ', strtolower(str_replace(array("\n", "\r"), array(' ', ''), $fa_settings['Account_Name_Blocklist'])));
$found = FALSE;
$word = null;
foreach ($blocked_words as $word) {
if (trim($word) and strpos($username, $word) !== FALSE || strpos(strtolower($username), $word) !== FALSE) {
$found = TRUE;
break;
}
}
if ($found) {
return array('valid' => FALSE, 'message' => 'The word "' . $word . '" is forbidden in usernames.');
}
// Check if account exists.
$existing_user = User::getRepository()->findOneBy(array('lower' => $lower));
if ($existing_user instanceof User) {
if ($existing_user->accesslevel == User::LEGACY_ACL_BANNED) {
return array('valid' => FALSE, 'message' => 'This username already exists and is banned.');
} else {
return array('valid' => FALSE, 'message' => 'This username already exists!');
}
}
// Check if reservation exists.
$existing_reservation = RegistrationRequest::getRepository()->findOneBy(array('lower' => $lower));
if ($existing_reservation instanceof RegistrationRequest) {
// Reservations more than 24 hours old are expired.
if ($existing_reservation->created_at >= time() - 86400) {
return array('valid' => FALSE, 'message' => 'A registration request already exists for this username. Check your e-mail for more information!');
}
}
// Return valid if none of the above checks failed!
return array('valid' => TRUE, 'message' => '');
}
