/**
* Checking user existing in system
*
* @param string $email
* @param string $password
* @param boolean $cookie
* @param boolean $log
* @return boolean
*/
public function check($name, $password, $cookie = false, $log = false)
{
$me = new \stdClass();
$myUser = UserModel::findFirst(['name = :fname: AND status = :status:', 'bind' => ['fname' => $name, 'status' => UserModel::STATUS_ENABLE]]);
if ($myUser) {
if ($this->security->checkHash($password, $myUser->password)) {
$me->id = $myUser->id;
$me->email = $myUser->email;
$me->name = $myUser->name;
$me->role = $myUser->role;
$me->roleName = $myUser->getRoleName();
$me->avatar = $myUser->avatar;
// create session for user
$this->session->set('me', $me);
// store cookie if chosen
if ($cookie == true) {
$this->cookie->set('remember-me', $me->id, time() + 15 * 86400);
}
return true;
} else {
$this->flash->error('Wrong password!');
}
} else {
$this->flash->error('Wrong user information!');
}
}
/**
* Login action
*/
public function loginAction()
{
$this->view->setLayout('empty-layout');
$form = new Login();
if ($this->request->isPost()) {
try {
if ($form->isValid($this->request->getPost())) {
$user = User::findFirst(1);
/**
* @var $authService \App\Service\Auth
*/
$authService = $this->di->get('auth');
/**
* @todo Rewrite for AuthService with check
*/
$authService->authByUser($user);
$this->response->redirect(array('for' => 'admin'));
} else {
//@todo Implement it
}
} catch (\Exception $e) {
$this->flash->error($e->getMessage());
}
}
$this->view->form = $form;
}
public function getAction($id)
{
if ($id <= 0) {
throw new Exception('Wrong id passed', 500);
}
/**
* @var $user User|boolean
*/
$user = User::findFirst($id);
if (!$user) {
throw new Exception('User not found', 404);
}
return array('success' => true, 'result' => array('id' => $user->id, 'nick' => $user->nick, 'firstname' => $user->firstname, 'lastname' => $user->lastname));
}
/**
* @param integer $id
* @throws \Phalcon\Exception
*/
public function viewAction($id)
{
if ($id <= 0) {
throw new Exception('Wrong id passed', 404);
}
/**
* @var bool|User $user
*/
$user = User::findFirst($id);
if (!$user) {
throw new Exception('Can`t find user by id = ' . $id, 404);
}
if (!$user->publish) {
throw new Exception('User is not published', 404);
}
if ($user->deleted) {
throw new Exception('User was deleted', 404);
}
$this->view->user = $user;
}
/**
* Get identity
*
* @return bool|User
*/
public function getIdentity()
{
if (!is_null($this->identity)) {
return $this->identity;
}
/**
* @var $session \Phalcon\Session\Adapter
*/
$session = $this->getDI()->get('session');
if (!$session->isStarted()) {
$session->start();
}
if ($session->get('id')) {
/**
* @todo check user after getting
*/
return $this->identity = User::findFirst($session->get('id'));
}
return $this->identity = false;
}
/**
* Login action.
*
* @return mixed
*
* @Route("/login", methods={"GET", "POST"}, name="login")
*/
public function loginAction()
{
if (User::getViewer()->id) {
return $this->response->redirect();
}
$form = new LoginForm();
if (!$this->request->isPost() || !$form->isValid()) {
$this->view->form = $form;
return;
}
$login = $this->request->getPost('login', 'string');
$password = $this->request->getPost('password', 'string');
$user = User::findFirst(["email = ?0 OR username = ?0", "bind" => [$login], "bindTypes" => [Column::BIND_PARAM_STR]]);
if ($user) {
if ($this->security->checkHash($password, $user->password)) {
$this->core->auth()->authenticate($user->id);
return $this->response->redirect();
}
}
$form->addError('Incorrect email or password!');
$this->view->form = $form;
}
/**
* Delete user.
*
* @param int $id User identity.
*
* @return mixed
*
* @Get("/delete/{id:[0-9]+}", name="admin-users-delete")
*/
public function deleteAction($id)
{
$item = User::findFirst($id);
if ($item) {
if ($item->delete()) {
$this->flashSession->notice('Object deleted!');
} else {
$this->flashSession->error($item->getMessages());
}
}
return $this->response->redirect(['for' => 'admin-users']);
}
/**
* This action is executed before execute any action in the application.
*
* @param PhalconEvent $event Event object.
* @param Dispatcher $dispatcher Dispatcher object.
*
* @return mixed
*/
public function beforeDispatch(PhEvent $event, Dispatcher $dispatcher)
{
$me = null;
$config = $this->getDI()->get('config');
$cookie = $this->getDI()->get('cookie');
$session = $this->getDI()->get('session');
// check exsited cookie
if ($cookie->has('remember-me')) {
$rememberMe = $cookie->get('remember-me');
$userId = $rememberMe->getValue();
$myUser = UserModel::findFirst(['id = :id: AND status = :status:', 'bind' => ['id' => $userId, 'status' => UserModel::STATUS_ENABLE]]);
if ($myUser) {
$me = new \stdClass();
$me->id = $myUser->id;
$me->email = $myUser->email;
$me->name = $myUser->name;
$me->role = $myUser->role;
$me->roleName = $myUser->getRoleName();
$me->avatar = $myUser->avatar;
}
$this->session->set('me', $me);
$role = $myUser->role;
} else {
//Get role name from session
if ($session->has('me')) {
$me = $session->get('me');
$role = $me->role;
} else {
$role = ROLE_GUEST;
}
}
$current_resource = $dispatcher->getModuleName() . '/' . strtolower($dispatcher->getControllerName());
$current_action = $dispatcher->getActionName();
$acl = $this->getAcl($config);
$allowed = $acl->isAllowed($role, $current_resource, $current_action);
// var_dump($current_resource, $current_action, $allowed);die;
if ($allowed === false && $me == null) {
echo '<script type="text/javascript">self.location.href = "' . $this->getDI()->get('config')->global->baseUrl . 'login?redirect=' . base64_encode($this->getCurrentUrl()) . '"; </script>';
exit;
} elseif ($allowed === false && $me->id > 0) {
// khong co quyen + dang nhap roi
echo '<script type="text/javascript">self.location.href = "' . $this->getDI()->get('config')->global->baseUrl . 'notfound' . '"; </script>';
exit;
}
return !$event->isStopped();
}
public function callbackAction()
{
$providerName = strtolower($this->request->get('provider', array('trim'), false));
switch ($providerName) {
case 'facebook':
case 'github':
case 'vk':
$provider = $this->getService()->getProvider($providerName);
break;
default:
throw new \Exception('Wrong $provider passed in url : ' . $providerName);
break;
}
$code = $this->request->get('code', ['trim']);
$accessToken = $provider->getAccessToken($code);
try {
/**
* @var $socialUser \SocialConnect\Common\Entity\User
*/
$socialUser = $provider->getIdentity($accessToken);
$socialId = $this->getProviderType($providerName);
/**
* @var $oauthRelation \OAuth\Model\User
*/
$oauthRelation = OAuthUser::findFirst(array('socialId = ?0 AND identifier = ?1', 'bind' => array($socialId, $socialUser->id)));
/**
* @var $auth \App\Service\Auth
*/
$auth = $this->di->get('auth');
if ($oauthRelation) {
$user = $oauthRelation->getUser();
if (!$user) {
throw new \Exception('Can`t find user with id = ' . $oauthRelation->userId);
}
} else {
$user = User::findFirst(array('email = ?0', 'bind' => array($socialUser->email)));
if (!$user) {
$userValues = [];
if ($socialUser->email) {
$userValues['email'] = $socialUser->email;
}
if ($socialUser->firstname) {
$userValues['firstname'] = $socialUser->firstname;
}
if ($socialUser->lastname) {
$userValues['lastname'] = $socialUser->lastname;
}
if ($socialUser->name) {
list($fistname, $lastname) = explode(' ', trim($socialUser->name));
if ($fistname) {
$userValues['firstname'] = $fistname;
}
if ($lastname) {
$userValues['lastname'] = $lastname;
}
}
$user = $auth->registerUser($userValues);
$user->refresh();
}
$oauthRelation = new OAuthUser();
$oauthRelation->identifier = $socialUser->id;
$oauthRelation->socialId = $socialId;
$oauthRelation->userId = $user->id;
$oauthRelation->save();
}
$auth->authByUser($user);
$this->successAction();
} catch (\Exception $e) {
/**
* @var $logger \Phalcon\Logger\Adapter
*/
$logger = $this->getDI()->get('logger');
$logger->critical($e->getMessage());
$this->failedAction();
}
}
/**
* Delete user action.
*
* @return void
*
* @Get("/delete/{id:[0-9]+}", name="admin-user-delete")
*/
public function deleteAction($id = 0)
{
$message = '';
$myUser = UserModel::findFirst(['id = :id:', 'bind' => ['id' => (int) $id]])->delete();
if ($myUser) {
$this->flash->success(str_replace('###id###', $id, $this->lang->_('message-delete-success')));
} else {
foreach ($myUser->getMessages() as $msg) {
$message .= $this->lang->_($msg->getMessage()) . "</br>";
}
$this->flashSession->error($message);
}
return $this->response->redirect('admin/user');
}
