public function save()
{
// TODO: use a remote API to save to external sources if we have permission to
// return false;
// BUT for now, we still need to save some stub information in case we've just followed them
return parent::save();
}
function registerEventHooks()
{
\Idno\Core\site()->template()->extendTemplate('account/settings/notifications/methods', 'subscriptions/settings');
\Idno\Core\site()->addEventHook('saved', function (\Idno\Core\Event $event) {
if (!empty($event->data()['object'])) {
$object = $event->data()['object'];
if (!$object instanceof ActivityStreamPost) {
/* @var Idno\Common\Entity $object ; */
$owner = $object->getOwner();
if ($users = User::get([], [], 9999)) {
//$email = new Email();
//$email->setSubject($object->getTitle());
//$email->setHTMLBodyFromTemplate('subscriptions/email', ['object' => $object, 'owner' => $owner]);
$title = implode(' ', array_slice(explode(' ', $object->getTitle()), 0, 10));
foreach ($users as $user) {
if (!empty($user->email) && $user->email != $owner->email && $user->notifications['subscriptions'] != 'none') {
$email = new Email();
$email->setSubject($title);
$email->setHTMLBodyFromTemplate('subscriptions/email', ['object' => $object, 'owner' => $owner]);
$email->addTo($user->email);
$email->send();
}
}
}
}
}
});
}
function postContent()
{
$fwd = $this->getInput('fwd');
// Forward to a new page?
if (empty($fwd)) {
$fwd = \Idno\Core\site()->config()->url;
}
if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
} else {
if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
} else {
\Idno\Core\site()->triggerEvent('login/failure/nouser', array('method' => 'password', 'credentials' => array('email' => $this->getInput('email'))));
$this->setResponse(401);
}
}
if ($user instanceof \Idno\Entities\User) {
if ($user->checkPassword(trim($this->getInput('password')))) {
\Idno\Core\site()->triggerEvent('login/success', array('user' => $user));
// Trigger an event for auditing
\Idno\Core\site()->session()->logUserOn($user);
$this->forward($fwd);
} else {
\Idno\Core\site()->session()->addErrorMessage("Oops! It looks like your password isn't correct. Please try again.");
\Idno\Core\site()->triggerEvent('login/failure', array('user' => $user));
$this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
}
} else {
\Idno\Core\site()->session()->addErrorMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
$this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
}
}
function postContent()
{
$this->createGatekeeper();
// Logged-in only please
$user = \Idno\Core\site()->session()->currentUser();
$name = $this->getInput('name');
$email = $this->getInput('email');
$password = trim($this->getInput('password'));
$username = trim($this->getInput('handle'));
if (!empty($name)) {
$user->setTitle($name);
}
if (!empty($username) && $username != $user->getHandle()) {
$user->setHandle($username);
}
if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!\Idno\Entities\User::getByEmail($email)) {
$user->email = $email;
} else {
\Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
}
}
if (!empty($password)) {
$user->setPassword($password);
}
if ($user->save()) {
\Idno\Core\site()->session()->refreshSessionUser($user);
\Idno\Core\site()->session()->addMessage("Your details were saved.");
}
$this->forward($_SERVER['HTTP_REFERER']);
}
function post()
{
$this->flushBrowser();
\Idno\Core\site()->logging->log("Loading the user registration callback", LOGLEVEL_DEBUG);
$contents = $this->getInput('content');
$auth_token = $this->getInput('auth_token');
$time = $this->getInput('time');
$signature = $this->getInput('signature');
$secret = \Idno\Core\site()->hub()->secret;
$hmac = hash_hmac('sha1', $contents . $time . $auth_token, $secret);
if ($hmac == $signature) {
if ($contents = json_decode($contents)) {
if (!empty($contents->user)) {
if ($user = \Idno\Entities\User::getByUUID($contents->user)) {
$user->hub_settings = array('token' => $contents->auth_token, 'secret' => $contents->secret);
$user->save();
$result = array('status' => 'ok', 'message' => 'Credentials were stored.');
} else {
$result = array('status' => 'fail', 'message' => 'Couldn\'t find user: '******'status' => 'fail', 'message' => 'No user was sent');
}
} else {
$result = array('status' => 'fail', 'message' => 'Contents were invalid');
}
}
if (empty($result)) {
$result = array('status' => 'fail', 'message' => 'Signature does not match: ' . $signature . ', ' . $hmac);
}
echo json_encode($result);
exit;
}
function postContent()
{
$this->reverseGatekeeper();
$name = $this->getInput('name');
$handle = trim($this->getInput('handle'));
$password = trim($this->getInput('password'));
$email = trim($this->getInput('email'));
if (empty($handle) && empty($email)) {
\Idno\Core\site()->session()->addErrorMessage("Please enter a username and email address.");
} else {
if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/') && \Idno\Entities\User::checkNewPasswordStrength($password)) {
$user = new Application();
$user->email = $email;
$user->handle = strtolower(trim($handle));
// Trim the handle and set it to lowercase
$user->setPassword($password);
$user->notifications['email'] = 'all';
if (empty($name)) {
$name = $user->handle;
}
$user->setTitle($name);
if ($user->save()) {
$t = clone \Idno\Core\site()->template();
$t->setTemplateType('email');
foreach (\Idno\Core\site()->getAdmins() as $admin) {
$email_message = new Email();
$email_message->setSubject("You have a new membership application!");
$email_message->addTo($admin->email);
$email_message->setHTMLBodyFromTemplate('applytojoin/new', ['user' => $user]);
$email_message->send();
}
$this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/thanks/');
} else {
var_export(\Idno\Core\site()->session()->messages);
}
} else {
if (empty($handle)) {
\Idno\Core\site()->session()->addErrorMessage("Please create a username.");
}
if (strlen($handle) > 32) {
\Idno\Core\site()->session()->addErrorMessage("Your username is too long.");
}
if (substr_count($handle, '/')) {
\Idno\Core\site()->session()->addErrorMessage("Usernames can't contain a slash ('/') character.");
}
if (!empty($handleuser)) {
\Idno\Core\site()->session()->addErrorMessage("Unfortunately, someone is already using that username. Please choose another.");
}
if (!empty($emailuser)) {
\Idno\Core\site()->session()->addErrorMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
}
if (!\Idno\Entities\User::checkNewPasswordStrength($password)) {
\Idno\Core\site()->session()->addErrorMessage("Please check that your password is at least 7 characters long.");
}
}
}
}
$this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/');
}
function getActor()
{
if (is_string($this->actor)) {
return User::getByUUID($this->actor);
}
return $this->actor;
}
function postContent()
{
// TODO: change this to actual basic login, of course
if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
} else {
if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
} else {
\Idno\Core\site()->triggerEvent('login/failure/nouser', ['method' => 'password', 'credentials' => ['email' => $this->getInput('email')]]);
$this->setResponse(401);
$this->forward('/session/login');
}
}
if ($user instanceof \Idno\Entities\User) {
if ($user->checkPassword($this->getInput('password'))) {
\Idno\Core\site()->triggerEvent('login/success', ['user' => $user]);
// Trigger an event for auditing
\Idno\Core\site()->session()->logUserOn($user);
\Idno\Core\site()->session()->addMessage("You've signed in as {$user->getTitle()}.");
$this->forward();
} else {
\Idno\Core\site()->session()->addMessage("Oops! It looks like your password isn't correct. Please try again.");
\Idno\Core\site()->triggerEvent('login/failure', ['user' => $user]);
}
} else {
\Idno\Core\site()->session()->addMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
}
}
function postContent()
{
$this->adminGatekeeper();
// Admins only
$action = $this->getInput('action');
switch ($action) {
case 'add_rights':
$uuid = $this->getInput('user');
if ($user = User::getByUUID($uuid)) {
$user->setAdmin(true);
$user->save();
\Idno\Core\site()->session()->addMessage($user->getTitle() . " was given administration rights.");
}
break;
case 'remove_rights':
$uuid = $this->getInput('user');
if ($user = User::getByUUID($uuid)) {
$user->setAdmin(false);
$user->save();
\Idno\Core\site()->session()->addMessage($user->getTitle() . " was stripped of their administration rights.");
}
break;
case 'delete':
$uuid = $this->getInput('user');
if ($user = User::getByUUID($uuid)) {
if ($user->delete()) {
\Idno\Core\site()->session()->addMessage($user->getTitle() . " was removed from your site.");
}
}
break;
case 'invite_users':
$emails = $this->getInput('invitation_emails');
preg_match_all('/[a-z\\d._%+-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
$invitation_count = 0;
if (!empty($matches[0])) {
if (is_array($matches[0])) {
foreach ($matches[0] as $email) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!($user = User::getByEmail($email))) {
if ((new Invitation())->sendToEmail($email) !== 0) {
$invitation_count++;
}
}
}
}
}
}
if ($invitation_count > 1) {
\Idno\Core\site()->session()->addMessage("{$invitation_count} invitations were sent.");
} else {
if ($invitation_count == 1) {
\Idno\Core\site()->session()->addMessage("Your invitation was sent.");
} else {
\Idno\Core\site()->session()->addMessage("No email addresses were found or all the people you invited are already members of this site.");
}
}
break;
}
$this->forward(\Idno\Core\site()->config()->getURL() . 'admin/users');
}
/**
* Check that this token is either a user token or the
* site's API token, and auth the current request for that user if so.
*
* @return \Idno\Entities\User user on success
*/
private static function authenticate()
{
$access_token = \Idno\Core\Input::getInput('access_token');
$headers = \Idno\Common\Page::getallheaders();
if (!empty($headers['Authorization'])) {
$token = $headers['Authorization'];
$token = trim(str_replace('Bearer', '', $token));
} else {
if ($token = \Idno\Core\Input::getInput('access_token')) {
$token = trim($token);
}
}
if (!empty($token)) {
$found = Token::findUserForToken($token);
if (!empty($found)) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
$user = $found['user'];
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
$user = \Idno\Entities\User::getOne(array('admin' => true));
if ($token == $user->getAPIkey()) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
}
return false;
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
\Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => 1]));
}
});
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
\Idno\Core\site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
}
});
\Idno\Core\site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
}
function getContent()
{
$this->adminGatekeeper();
// Admins only
$users = User::get(array('admin' => true));
$t = \Idno\Core\Idno::site()->template();
$t->body = $t->__(array('users' => $users))->draw('admin/cherwell');
$t->title = 'Theme Settings';
$t->drawPage();
}
function getContent()
{
if (!empty($this->arguments[0])) {
$user = \Idno\Entities\User::getByHandle($this->arguments[0]);
}
if (empty($user)) {
$this->forward();
}
// TODO: 404
$t = \Idno\Core\site()->template();
$t->__(array('title' => 'Edit profile: ' . $user->getTitle(), 'body' => $t->__(array('user' => $user))->draw('entity/User/edit')))->drawPage();
}
function getContent()
{
$results = [];
$username = $this->getInput('username');
if ($users = User::get([], [], 9999)) {
//User::getByHandle($username)) {
foreach ($users as $user) {
/* @var \Idno\Entities\User $user */
$results[] = ['username' => $user->getHandle(), 'name' => $user->getTitle(), 'image' => $user->getIcon()];
}
}
header('Content-type: text/json');
echo json_encode($results);
}
function canEdit($user_id = '')
{
if (empty($user_id)) {
$user = \Idno\Core\site()->session()->currentUser();
} else {
$user = User::getByUUID($user_id);
}
if (!$user instanceof User) {
return false;
}
if (!$user->isAdmin()) {
return false;
}
return true;
}
function getContent()
{
$acct = $this->getInput('resource');
if (!empty($acct)) {
if (substr($acct, 0, 5) == 'acct:' && strlen($acct) > 8) {
$handle = str_replace('@' . \Idno\Core\site()->config()->host, '', substr($acct, 5));
if ($user = \Idno\Entities\User::getByHandle($handle)) {
$links = \Idno\Core\site()->triggerEvent('webfinger', array('object' => $user));
}
}
}
$t = \Idno\Core\site()->template();
$t->setTemplateType('json');
$t->__(array('subject' => $acct, 'links' => $links))->drawPage();
}
function postContent()
{
if (!empty($this->arguments[0])) {
$user = \Idno\Entities\User::getByHandle($this->arguments[0]);
}
if (empty($user)) {
$this->forward();
}
// TODO: 404
if ($user->saveDataFromInput($this)) {
\Idno\Core\site()->session()->addMessage($user->getTitle() . ' was saved.');
$this->forward($user->getURL());
}
$this->forward($_SERVER['HTTP_REFERER']);
}
/**
* Sets the page owner on the homepage
*/
function init()
{
\Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
if (!empty(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
if ($profile_user = User::getByHandle(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
\Idno\Core\Idno::site()->currentPage()->setOwner($profile_user);
}
}
if (empty($profile_user)) {
\Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
}
}
});
\Idno\Core\Idno::site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
}
static function findUserForToken($token)
{
// find a user by their code
for ($offset = 0;; $offset += 10) {
$users = \Idno\Entities\User::get(array(), array(), 10, $offset);
if (empty($users)) {
break;
}
foreach ($users as $user) {
$indieauth_tokens = $user->indieauth_tokens;
if (!empty($indieauth_tokens) && isset($indieauth_tokens[$token])) {
return array('user' => $user, 'data' => $indieauth_tokens[$token]);
}
}
}
return array();
}
function postContent()
{
$name = $this->getInput('name');
$handle = $this->getInput('handle');
$password = $this->getInput('password');
$password2 = $this->getInput('password2');
$email = $this->getInput('email');
$user = new \Idno\Entities\User();
if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && $password == $password2 && strlen($password) > 4 && !empty($name)) {
$user = new \Idno\Entities\User();
$user->email = $email;
$user->handle = $handle;
$user->setPassword($password);
$user->setTitle($name);
if (!\Idno\Entities\User::get()) {
$user->setAdmin(true);
}
$user->save();
} else {
if (empty($handle)) {
\Idno\Core\site()->session()->addMessage("You can't have an empty handle.");
} else {
if (!empty($handleuser)) {
\Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that handle. Please choose another.");
}
}
if (!empty($emailuser)) {
\Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that email address. Please choose another.");
}
if ($password != $password2 || strlen($password) <= 4) {
\Idno\Core\site()->session()->addMessage("Please check that your passwords match and that your password is over four characters long.");
}
}
} else {
\Idno\Core\site()->session()->addMessage("That doesn't seem to be a valid email address.");
}
if (!empty($user->_id)) {
\Idno\Core\site()->session()->addMessage("You've registered! Well done.");
\Idno\Core\site()->session()->logUserOn($user);
} else {
\Idno\Core\site()->session()->addMessage("We couldn't register you.");
$this->forward($_SERVER['HTTP_REFERER']);
}
}
static function findUserForCode($code)
{
// TODO encode user id in the auth code? or otherwise do a reverse lookup
// to avoid checking every user
for ($offset = 0;; $offset += 10) {
$users = \Idno\Entities\User::get(array(), array(), 10, $offset);
if (empty($users)) {
break;
}
foreach ($users as $user) {
$indieauth_codes = $user->indieauth_codes;
if (!empty($indieauth_codes) && isset($indieauth_codes[$code])) {
return array('user' => $user, 'data' => $indieauth_codes[$code]);
}
}
}
return array();
}
function postContent()
{
$this->gatekeeper();
// Logged-in only please
$user = \Idno\Core\site()->session()->currentUser();
$name = $this->getInput('name');
//$handle = $this->getInput('handle');
$email = $this->getInput('email');
$password = $this->getInput('password');
$password2 = $this->getInput('password2');
if (!empty($name)) {
$user->setTitle($name);
}
if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!\Idno\Entities\User::getByEmail($email)) {
$user->email = $email;
} else {
\Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
}
}
if (!empty($password) && $password == $password2) {
$user->setPassword($password);
}
if (!empty($_FILES['avatar'])) {
if (in_array($_FILES['avatar']['type'], array('image/png', 'image/jpg', 'image/jpeg', 'image/gif'))) {
if (getimagesize($_FILES['avatar']['tmp_name'])) {
if ($icon = \Idno\Entities\File::createThumbnailFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'], 300)) {
$user->icon = (string) $icon;
} else {
if ($icon = \Idno\Entities\File::createFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'])) {
$user->icon = (string) $icon;
}
}
}
}
}
if ($user->save()) {
\Idno\Core\site()->session()->addMessage("Your details were saved.");
}
$this->forward($_SERVER['HTTP_REFERER']);
}
function postContent()
{
$this->adminGatekeeper();
$user_uuid = $this->getInput('user');
$action = $this->getInput('action');
$user = Application::getByUUID($user_uuid);
if ($user instanceof Application) {
$name = $user->getTitle();
$handle = $user->handle;
$email = $user->email;
switch ($action) {
case 'approve':
if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/')) {
$real_user = new \Idno\Entities\User();
$real_user->setHandle($user->handle);
$real_user->email = $user->email;
$real_user->password = $user->password;
$real_user->setTitle($user->getTitle());
if ($real_user->save()) {
$user->delete();
$email_message = new Email();
$email_message->setSubject("Your membership was approved!");
$email_message->addTo($real_user->email);
$email_message->setHTMLBodyFromTemplate('applytojoin/approved', ['user' => $real_user]);
$email_message->send();
\Idno\Core\site()->session()->addMessage("{$name}'s membership application was approved. They can now log into the site.");
} else {
\Idno\Core\site()->session()->addMessage("Something went wrong and we weren't able to approve {$name}'s membership application.");
}
} else {
\Idno\Core\site()->session()->addMessage("We couldn't approve {$name}'s application. Either their handle or their email was invalid or in use.");
}
break;
case 'delete':
$user->delete();
\Idno\Core\site()->session()->addMessage("{$name}'s membership application was deleted.");
break;
}
}
$this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'admin/applytojoin/');
}
function postContent()
{
$this->reverseGatekeeper();
$code = $this->getInput('code');
$email = $this->getInput('email');
$password = trim($this->getInput('password'));
$password2 = trim($this->getInput('password2'));
if ($password == $password2 && !empty($password2)) {
if ($user = \Idno\Entities\User::getByEmail($email)) {
if ($code = $user->getPasswordRecoveryCode()) {
/* @var \Idno\Entities\User $user */
$user->setPassword($password);
$user->save();
\Idno\Core\site()->session()->addMessage("Your password was reset!");
}
}
} else {
\Idno\Core\site()->session()->addMessage("Your passwords need to match!");
$this->forward($_SERVER['HTTP_REFERER']);
}
}
function postContent()
{
$this->reverseGatekeeper();
$email_address = $this->getInput('email');
if ($user = User::getByEmail($email_address)) {
if ($auth_code = $user->addPasswordRecoveryCode()) {
$user->save();
// Save the recovery code to the user
$t = clone \Idno\Core\site()->template();
$t->setTemplateType('email');
$email = new Email();
$email->setSubject("Password reset");
$email->addTo($user->email);
$email->setHTMLBody($t->__(array('email' => $email_address, 'code' => $auth_code))->draw('account/password'));
$email->send();
$this->forward(\Idno\Core\site()->config()->getURL() . 'account/password/?sent=true');
}
}
\Idno\Core\site()->session()->addErrorMessage("Oh no! We couldn't find an account associated with that email address.");
$this->forward(\Idno\Core\site()->config()->getURL() . 'account/password');
}
function postContent()
{
$this->reverseGatekeeper();
$code = $this->getInput('code');
$email = $this->getInput('email');
$password = trim($this->getInput('password'));
$password2 = trim($this->getInput('password2'));
if (\Idno\Entities\User::checkNewPasswordStrength($password) && $password == $password2) {
if ($user = \Idno\Entities\User::getByEmail($email)) {
if ($code = $user->getPasswordRecoveryCode()) {
/* @var \Idno\Entities\User $user */
$user->setPassword($password);
$user->clearPasswordRecoveryCode();
$user->save();
\Idno\Core\site()->session()->addMessage("Your password was reset!");
}
}
} else {
\Idno\Core\site()->session()->addErrorMessage('Sorry, your passwords either don\'t match, or are too weak', 'alert-error');
$this->forward($_SERVER['HTTP_REFERER']);
}
}
function postContent()
{
if (!empty($this->arguments[0])) {
$user = \Idno\Entities\User::getByHandle($this->arguments[0]);
}
if (empty($user)) {
$this->forward();
}
// TODO: 404
if ($user->saveDataFromInput($this)) {
if ($onboarding = $this->getInput('onboarding')) {
$services = \Idno\Core\site()->syndication()->getServices();
if (!empty($services) || !empty(\Idno\Core\site()->config->force_onboarding_connect)) {
$this->forward(\Idno\Core\site()->config()->getURL() . 'begin/connect');
} else {
$this->forward(\Idno\Core\site()->config()->getURL() . 'begin/publish');
}
}
$this->forward($user->getURL());
}
$this->forward($_SERVER['HTTP_REFERER']);
}
function postContent()
{
$this->createGatekeeper();
// Logged-in only please
$user = \Idno\Core\site()->session()->currentUser();
$name = $this->getInput('name');
$email = $this->getInput('email');
$password = trim($this->getInput('password'));
$username = trim($this->getInput('handle'));
/*if (!\Idno\Common\Page::isSSL() && !\Idno\Core\site()->config()->disable_cleartext_warning) {
\Idno\Core\site()->session()->addErrorMessage("Warning: Access credentials were sent over a non-secured connection! To disable this warning set disable_cleartext_warning in your config.ini");
}*/
if (!empty($name)) {
$user->setTitle($name);
}
if (!empty($username) && $username != $user->getHandle()) {
$user->setHandle($username);
}
if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!\Idno\Entities\User::getByEmail($email)) {
$user->email = $email;
} else {
\Idno\Core\site()->session()->addErrorMessage('Someone is already using ' . $email . ' as their email address.');
}
}
if (!empty($password)) {
if (\Idno\Entities\User::checkNewPasswordStrength($password)) {
\Idno\Core\site()->session()->addMessage("Your password has been updated.");
$user->setPassword($password);
} else {
\Idno\Core\site()->session()->addErrorMessage('Sorry, your password is too weak');
}
}
if ($user->save()) {
\Idno\Core\site()->session()->addMessage("Your details were saved.");
}
$this->forward($_SERVER['HTTP_REFERER']);
}
function post()
{
// Get parameters
$code = $this->getInput('code');
$me = $this->getInput('me');
$redirect_uri = $this->getInput('redirect_uri');
$state = $this->getInput('state');
$client_id = $this->getInput('client_id');
// Verify code
$response = Webservice::post('https://indieauth.com/auth', array('me' => $me, 'code' => $code, 'redirect_uri' => $redirect_uri, 'state' => $state, 'client_id' => $client_id));
if ($response['response'] == 200) {
parse_str($response['content'], $content);
if (!empty($content['me']) && (parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST) || 'www.' . parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST))) {
// Get user & existing tokens
$user = \Idno\Entities\User::getOne(array('admin' => true));
$indieauth_tokens = $user->indieauth_tokens;
if (empty($indieauth_tokens)) {
$indieauth_tokens = array();
}
// Generate access token and save it to the user
$token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999));
$indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30)));
$user->indieauth_tokens = $indieauth_tokens;
$user->save();
if (\Idno\Core\site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\site()->session()->currentUser()->getUUID()) {
\Idno\Core\site()->session()->refreshSessionUser($user);
}
// Output to the browser
$this->setResponse(200);
header('Content-Type: application/x-www-form-urlencoded');
echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me));
exit;
} else {
$this->setResponse(404);
echo "Client mismatch.";
}
}
}
