public function githubLogin() { $access_token = Input::get('access_token'); $ch = curl_init('https://api.github.com/user'); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$access_token}")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP'); $response = curl_exec($ch); $user = json_decode($response); $account = LinkedAccount::where('user_external_id', '=', $user->id)->first(); if ($account) { Session::set('github_access_token', $access_token); $user = User::getIndex($account->user_uid); if ($user) { if ($user->isEnabled()) { $res = Response::json(array('user_uid' => $user->user_uid)); Session::set('timestamp', time()); Session::set('user_uid', $user->user_uid); return $res; } else { return Response::make('User has not been approved.', 401); } } else { return Response::make('Incorrect username or password.', 401); } } else { return Response::make('Account not found.', 401); } }
public function setEnabledFlag($linkedAccountId) { $value = Input::get('enabled_flag'); $active_user = User::getIndex(Session::get('user_uid')); $account = LinkedAccount::where('linked_account_id', '=', $linkedAccountId)->first(); $user = User::getIndex($account->user_uid); if ($user->user_uid == $active_user->user_uid || $active_user->isAdmin()) { $account->enabled_flag = $value ? 1 : 0; $account->save(); $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountToggled', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR'], 'enabled' => $account->enabled_flag)))); $userEvent->save(); return Response::make('The status of this linked account has been updated.'); } else { return Response::make('Unable to update this linked account. Insufficient privileges.', 500); } }
public function githubLogin() { // Attempt to load the github account the user is currently logged in as. // if (!Session::has('github_access_token')) { return Response::make('Unauthorized GitHub access.', 401); } $token = Session::get('github_access_token'); $ch = curl_init('https://api.github.com/user'); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP'); $response = curl_exec($ch); $github_user = json_decode($response); if (!property_exists($github_user, 'id')) { return Response::make('Unable to authenticate with GitHub.', 401); } $account = LinkedAccount::where('user_external_id', '=', $github_user->id)->first(); if ($account) { $user = User::getIndex($account->user_uid); if ($user) { if ($user->hasBeenVerified()) { if ($user->isEnabled()) { $userAccount = $user->getUserAccount(); $userAccount->penultimate_login_date = $userAccount->ultimate_login_date; $userAccount->ultimate_login_date = gmdate('Y-m-d H:i:s'); $userAccount->save(); $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountSignIn', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR'])))); $userEvent->save(); $res = Response::json(array('user_uid' => $user->user_uid, 'access_token' => $token)); Session::set('timestamp', time()); Session::set('user_uid', $user->user_uid); return $res; } else { return Response::make('User has not been approved.', 401); } } else { return Response::make('User email has not been verified.', 401); } } else { return Response::make('Incorrect username or password.', 401); } } else { return Response::make('Account not found.', 401); } }