function get_xhr($email)
{
if ($this->checkAuth()) {
if (!AuthUserData::emailExist(mb_strtolower($email))) {
echo json_encode(StatusReturn::S200());
} else {
echo json_encode(StatusReturn::E400('Email Already Being Used!'));
}
}
}
function post_xhr($userID = null)
{
if ($this->checkAuth()) {
if (is_null($userID)) {
$userExists = AuthUserData::userExist(mb_strtolower($_POST['userName']));
$emailExists = AuthUserData::emailExist(mb_strtolower($_POST['email']));
if (mb_strlen($_POST['userName']) >= _USERNAME_MIN_LENGTH_ && !$userExists && !empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && !$emailExists && !empty($_POST['password']) && is_numeric($_POST['twoFactorType'])) {
$headers = getallheaders();
$subUser = new AuthSubUser(mb_strtolower($headers['Auth-User']));
$roles = array();
if (isset($_POST['roles']) && is_array($_POST['roles'])) {
$roles = $_POST['roles'];
}
if ($newUserId = $subUser->createSubUser(mb_strtolower($_POST['userName']), mb_strtolower($_POST['email']), $_POST['password'], $_POST['twoFactorType'], $roles)) {
echo json_encode(StatusReturn::S200(array('id' => $newUserId)), JSON_NUMERIC_CHECK);
} else {
echo json_encode(StatusReturn::E400('Unknown Error!'));
}
} else {
if ($userExists) {
echo json_encode(StatusReturn::E400('User Exists!'));
} else {
if ($emailExists) {
echo json_encode(StatusReturn::E400('Email Exists!'));
} else {
echo json_encode(StatusReturn::E400('Missing roles or twoFactorType'));
}
}
}
} else {
if (AuthUserData::userExistByID($userID)) {
$headers = getallheaders();
$subUser = new AuthSubUser(mb_strtolower($headers['Auth-User']), (int) $userID);
$allSuccess = true;
if (isset($_POST['newPassword'])) {
$allSuccess = $allSuccess && $subUser->updateSubUserPassword($_POST['newPassword']);
}
if (isset($_POST['twoFactorType']) && TwoFactor::isValidValue((int) $_POST['twoFactorType'])) {
$allSuccess = $allSuccess && $subUser->updateSubUserFactor($_POST['twoFactorType']);
}
if (isset($_POST['roles']) && is_array($_POST['roles'])) {
$allSuccess = $allSuccess && $subUser->updateSubUserRoles($_POST['roles']);
}
if ($allSuccess) {
echo json_encode(StatusReturn::S200(array('id' => $userID)), JSON_NUMERIC_CHECK);
} else {
echo json_encode(StatusReturn::E400('Some or All Changes Failed to Save!'));
}
} else {
echo json_encode(StatusReturn::E400('User Name is not a child of this account!'));
}
}
}
}
public function forgotPassword($userOrEmail, $secondFactor, $answer, $newPassword)
{
if (AuthUserData::emailExist($userOrEmail)) {
$userAuth = AuthUserData::getUserNameByEmail($userOrEmail);
$this->loadUserForced($userAuth);
} else {
if (AuthUserData::userExist($userOrEmail)) {
$userAuth = $userOrEmail;
$this->loadUserForced($userAuth);
} else {
return array("continue" => false);
}
}
if ($secondFactor != '') {
if ($this->checkKey($_POST['secondFactor'], 'forgotPassword')) {
if ($answer != '') {
if ($answer == $this->userData['securityAnswer']) {
if ($newPassword != '' && $newPassword != hash('sha512', '')) {
$this->createAndUpdatePassword($newPassword);
AuthUserData::clearExtraKey($this->userData['userID']);
return array("continue" => true, "flowDone" => true);
} else {
return array("continue" => true, "askForNewPassword" => true);
}
}
} else {
return array("continue" => true, "question" => $this->userData['securityQuestion']);
}
} else {
AuthUserData::clearExtraKey($this->userData['userID']);
}
} else {
$newExtraKey = $this->createPin(_PIN_FORGOT_PASSWORD_PLUS_CHARS_);
AuthUserData::updateExtraKey($this->userData['userID'], $newExtraKey, 'forgotPassword');
$this->sendNotification('ForgotPassword', array(array('{{PIN}}'), array($newExtraKey)));
return array("continue" => true, "secondFactor" => true);
}
return array("continue" => false);
}
