/** * {@inheritdoc} */ protected function getView(Request $request) { $view = parent::getView($request); $queryParams = $request->getQueryParams(); $page = max(1, array_get($queryParams, 'page')); $params = ['id' => (int) array_get($queryParams, 'id'), 'page' => ['near' => array_get($queryParams, 'near'), 'offset' => ($page - 1) * 20, 'limit' => 20]]; $document = $this->getDocument($request->getAttribute('actor'), $params); $getResource = function ($link) use($document) { return array_first($document->included, function ($key, $value) use($link) { return $value->type === $link->type && $value->id === $link->id; }); }; $url = function ($newQueryParams) use($queryParams, $document) { $newQueryParams = array_merge($queryParams, $newQueryParams); $queryString = http_build_query($newQueryParams); return $this->url->toRoute('discussion', ['id' => $document->data->id]) . ($queryString ? '?' . $queryString : ''); }; $posts = []; foreach ($document->included as $resource) { if ($resource->type === 'posts' && isset($resource->relationships->discussion) && isset($resource->attributes->contentHtml)) { $posts[] = $resource; } } $view->setTitle($document->data->attributes->title); $view->setDocument($document); $view->setContent(app('view')->make('flarum.forum::discussion', compact('document', 'page', 'getResource', 'posts', 'url'))); return $view; }
/** * @param Request $request * @return RedirectResponse */ public function handle(Request $request) { $input = $request->getParsedBody(); $token = PasswordToken::findOrFail(array_get($input, 'token')); $password = array_get($input, 'password'); $confirmation = array_get($input, 'password_confirmation'); if (!$password || $password !== $confirmation) { return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id])); } $token->user->changePassword($password); $token->user->save(); $token->delete(); return new RedirectResponse($this->url->toBase()); }
/** * @param RequestPasswordReset $command * @return \Flarum\Core\User * @throws ModelNotFoundException */ public function handle(RequestPasswordReset $command) { $user = $this->users->findByEmail($command->email); if (!$user) { throw new ModelNotFoundException(); } $token = PasswordToken::generate($user->id); $token->save(); $data = ['username' => $user->username, 'url' => $this->url->toRoute('resetPassword', ['token' => $token->id]), 'forumTitle' => $this->settings->get('forum_title')]; $this->mailer->send(['text' => 'flarum::emails.resetPassword'], $data, function (Message $message) use($user) { $message->to($user->email); $message->subject('Reset Your Password'); }); return $user; }
/** * @param PrepareApiData $event */ public function addMetaTags(PrepareApiData $event) { if ($this->clientView && ($this->openGraph || $this->twitterCard)) { $data = []; switch (true) { case $event->isController(ShowDiscussionController::class): $data['url'] = $this->urlGenerator->toRoute('discussion', ['id' => $event->data->id . '-' . $event->data->slug]); $data['title'] = $this->plainText($event->data->title, 80); $post_id = $event->request->getQueryParams()['page']['near']; if ($post_id === null) { $data['description'] = $event->data->startPost ? $this->plainText($event->data->startPost->content, 150) : ''; } else { $post = array_key_exists((int) $post_id - 1, $event->data->posts) ? $event->data->posts[(int) $post_id - 1] : null; $data['url'] .= '/' . $post_id; if ($post) { $data['description'] = $this->plainText($post->content, 150); } else { $data['description'] = $event->data->startPost ? $this->plainText($event->data->startPost->content, 150) : ''; } } break; // case $event->isController(ListDiscussionsController::class): // $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]); // $data['title'] = $this->plainText($event->data->username, 80); // $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : ''; // break; // case $event->isController(ShowUserController::class): // $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]); // $data['title'] = $this->plainText($event->data->username, 80); // $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : ''; // break; // case $event->isController(ListDiscussionsController::class): // $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]); // $data['title'] = $this->plainText($event->data->username, 80); // $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : ''; // break; // case $event->isController(ShowUserController::class): // $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]); // $data['title'] = $this->plainText($event->data->username, 80); // $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : ''; // break; default: break; } $this->addOpenGraph($data); $this->addTwitterCard($data); } }
/** * @param RequestPasswordReset $command * @return \Flarum\Core\User * @throws ModelNotFoundException */ public function handle(RequestPasswordReset $command) { $user = $this->users->findByEmail($command->email); if (!$user) { throw new ModelNotFoundException(); } $token = PasswordToken::generate($user->id); $token->save(); $data = ['{username}' => $user->username, '{url}' => $this->url->toRoute('resetPassword', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')]; $body = $this->translator->trans('core.email.reset_password.body', $data); $this->mailer->raw($body, function (Message $message) use($user, $data) { $message->to($user->email); $message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.reset_password.subject')); }); return $user; }
/** * @param Request $request * @return RedirectResponse */ public function handle(Request $request) { $input = $request->getParsedBody(); $token = PasswordToken::findOrFail(array_get($input, 'passwordToken')); $password = array_get($input, 'password'); $confirmation = array_get($input, 'password_confirmation'); $this->validator->assertValid(compact('password')); if (!$password || $password !== $confirmation) { return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id])); } $token->user->changePassword($password); $token->user->save(); $token->delete(); $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $token->user->id); return new RedirectResponse($this->url->toBase()); }
/** * Get the data that should be made available to email templates. * * @param User $user * @param string $email * * @return array */ protected function getEmailData(User $user, $email) { $token = $this->generateToken($user, $email); // TODO: Need to use AbstractUrlGenerator, but since this is part of core we // don't know that the forum routes will be loaded. Should the confirm // email route be part of core?? return ['username' => $user->username, 'url' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), 'forumTitle' => $this->settings->get('forum_title')]; }
/** * {@inheritdoc} */ public function handle(ServerRequestInterface $request) { $id = array_get($request->getQueryParams(), 'id'); $actor = $request->getAttribute('actor'); $this->assertRegistered($actor); if ($actor->id != $id || $actor->is_activated) { throw new PermissionDeniedException(); } $token = EmailToken::generate($actor->email, $actor->id); $token->save(); $data = ['{username}' => $actor->username, '{url}' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')]; $body = $this->translator->trans('core.email.activate_account.body', $data); $this->mailer->raw($body, function (Message $message) use($actor, $data) { $message->to($actor->email); $message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.activate_account.subject')); }); return new EmptyResponse(); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()); return $this->authenticate(compact('email'), compact('username')); }
/** * @return string */ public function getRedirectURI() { $path = $this->url->toRoute('auth.singleso'); // Strip off the redirect protocol if so configured. $authSettings = SingleSO::settingsAuth($this->settings, false); if ($authSettings['redirect_uri_noprotocol']) { $path = preg_replace('/^https?:\\/\\//', '', $path); } return $path; }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $server = new Twitter(array('identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $this->url->toRoute('auth.twitter'))); if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) { $temporaryCredentials = $server->getTemporaryCredentials(); $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); $user = $server->getUserDetails($tokenCredentials); return $this->authenticate(['twitter_id' => $user->uid], ['username' => $user->nickname]); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Qq(['clientId' => $this->settings->get('lazyboywu-auth-qq.client_id'), 'clientSecret' => $this->settings->get('lazyboywu-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $qqopenid = $owner->getOpenId(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getNickname()); $avatar_path = $owner->getFigureUrl(); return $this->authenticate(compact('qqopenid'), compact('username')); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new QQ(['clientId' => $this->settings->get('azonwan-auth-qq.client_id'), 'clientSecret' => $this->settings->get('azonwan-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['grant_type' => ['authorization_code']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $openid = $provider->getAccessOpenId('authorization_code', ['access_token' => $token->getToken(), 'code' => $_GET['code']]); $options = ['openid' => $openid, 'access_token' => $token->getToken(), 'oauth_consumer_key' => $this->settings->get('azonwan-auth-qq.client_id')]; $owner = $provider->getResourceOwner($token, $options); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()) . "_qq"; return $this->authenticate(compact('username')); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $server = new Magento(array('host' => $this->settings->get('vovayatsyuk-auth-magento.store_url'), 'identifier' => $this->settings->get('vovayatsyuk-auth-magento.api_key'), 'secret' => $this->settings->get('vovayatsyuk-auth-magento.api_secret'), 'callback_uri' => $this->url->toRoute('auth.magento'))); if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) { $temporaryCredentials = $server->getTemporaryCredentials(); $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); $user = $server->getUserDetails($tokenCredentials); $email = $user->email; $username = preg_replace('/[^a-z0-9-_]/i', '', $user->firstName . $user->lastName); return $this->authenticate(compact('email'), compact('username')); }
/** * @param Request $request * @return RedirectResponse */ public function handle(Request $request) { $input = $request->getParsedBody(); $token = PasswordToken::findOrFail(array_get($input, 'passwordToken')); $password = array_get($input, 'password'); try { // todo: probably shouldn't use the user validator for this, // passwords should be validated separately $this->validator->assertValid(compact('password')); $validator = $this->validatorFactory->make($input, ['password' => 'required|confirmed']); if ($validator->fails()) { throw new ValidationException($validator); } } catch (ValidationException $e) { $request->getAttribute('session')->set('error', $e->errors()->first()); return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id])); } $token->user->changePassword($password); $token->user->save(); $token->delete(); $session = $request->getAttribute('session'); $this->authenticator->logIn($session, $token->user->id); return new RedirectResponse($this->url->toBase()); }
/** * Get the data that should be made available to email templates. * * @param User $user * @param string $email * @return array */ protected function getEmailData(User $user, $email) { $token = $this->generateToken($user, $email); return ['{username}' => $user->username, '{url}' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')]; }
/** * @param ConfigureFormatterRenderer $event */ public function render(ConfigureFormatterRenderer $event) { $event->renderer->setParameter('PROFILE_URL', $this->url->toRoute('user', ['username' => ''])); }
/** * @param ConfigureFormatterRenderer $event */ public function render(ConfigureFormatterRenderer $event) { $event->renderer->setParameter('DISCUSSION_URL', $this->url->toRoute('discussion', ['id' => ''])); }
/** * @return null|string */ protected function getFaviconUrl() { $faviconPath = $this->settings->get('favicon_path'); return $faviconPath ? $this->url->toPath('assets/' . $faviconPath) : null; }