/**
*
* @param $username
* @param $auth_hash
* @return bool|int
*/
public function renewTokenSession($username, $auth_hash)
{
$this->initAuthModel();
$user = $this->authMdl->get(null, $username, null, null, true)[0];
if (is_array($user)) {
// check disabled
if ($user['disabled'] == 1) {
// log data
Logger::write("Session renew failed for " . $username . ", the user has been disabled.", "AUTH");
return -1;
// the user is disabled
}
// check tokens
$validation_hash = hash('sha256', $user['hash'] . $user['token']);
if ($auth_hash == $validation_hash) {
// set session values
$_SESSION['username'] = $username;
$_SESSION['userId'] = $user['id'];
$_SESSION['isadmin'] = $user['admin'];
$_SESSION['permissions'] = json_decode($user['permissions'], true);
//$this->hash = $user['hash'];
$this->setNewSessionToken($user['id'], $user['hash']);
// log data
Logger::write("Authentication successful for user:"******"AUTH");
// Send to node JS
$socket = new WposSocketIO();
$socket->sendSessionData(session_id());
/*if (!$socket->sendSessionData(session_id())){
return -2;
}*/
return true;
} else {
// log data
Logger::write("Session renew failed for " . $username . ", token mismatch.", "AUTH");
}
} else {
// log data
Logger::write("Session renew failed for " . $username . ", user not found.", "AUTH");
}
return false;
}
private function getRecords()
{
// get items
$itemMdl = new StoredItemsModel();
$this->items = $itemMdl->get();
// get items
$authMdl = new AuthModel();
$this->users = $authMdl->get(null, null, null, false);
// get locations
$devMdl = new WposPosData();
$this->devices = $devMdl->getPosDevices([])['data'];
}
/**
* Update user
* @param $result
* @return mixed
*/
public function updateUser($result)
{
// prevent updating of master admin username
if ($this->data->id == 1 && !isset($this->data->pass)) {
$result['error'] = "Only the master admin password may be updated.";
return $result;
}
// validate input
$jsonval = new JsonValidate($this->data, '{"id":1, "username":"", "admin":1}');
if (($errors = $jsonval->validate()) !== true) {
$result['error'] = $errors;
return $result;
}
$authMdl = new AuthModel();
if ($this->data->id == 1) {
// Only rhe admin users password can be updated
$qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass);
unset($this->data->permissions);
unset($this->data->admin);
} else {
$dupitems = $authMdl->get(0, 0, null, $this->data->username);
if (sizeof($dupitems) > 0) {
$dupitem = $dupitems[0];
if ($dupitem['id'] != $this->data->id) {
$result['error'] = "The username specified is already taken";
return $result;
}
}
// generate permissions object
$permObj = ["sections" => $this->data->permissions, "apicalls" => []];
foreach ($this->data->permissions as $key => $value) {
switch ($key) {
case "access":
if ($value != "no") {
$permObj['apicalls'][] = "adminconfig/get";
}
break;
case "dashboard":
if ($value == "both" || $value == "standard") {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['dashboard']);
}
if ($value == "both" || $value == "realtime") {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['realtime']);
}
break;
default:
switch ($value) {
case 2:
// add write api calls
if (isset($this->permissionMap['editapicalls'][$key])) {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['editapicalls'][$key]);
}
case 1:
// add read api calls
if (isset($this->permissionMap['readapicalls'][$key])) {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls'][$key]);
}
break;
}
}
}
if ($this->data->pass == "") {
$qresult = $authMdl->edit($this->data->id, $this->data->username, null, $this->data->admin, json_encode($permObj));
} else {
$qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass, $this->data->admin, json_encode($permObj));
}
}
if ($qresult === false) {
$result['error'] = "Could not update the user";
} else {
$result['data'] = true;
// log data
unset($this->data->pass);
Logger::write("User updated with id:" . $this->data->id, "USER", json_encode($this->data));
}
return $result;
}
/**
* Retrieve users
* @return array|bool
*/
private function getUsers()
{
$authMdl = new AuthModel();
$users = $authMdl->get();
if ($users === false) {
return false;
}
$result = [];
foreach ($users as $user) {
unset($user['password']);
unset($user['permissions']);
$result[$user['id']] = $user;
}
return $result;
}
/**
* @param $result
* @return mixed an array of users without their password hash
*/
public function getUsers($result)
{
$authMdl = new AuthModel();
$users = $authMdl->get();
$data = [];
foreach ($users as $user) {
unset($user['password']);
$user['permissions'] = json_decode($user['permissions']);
$data[$user['id']] = $user;
}
$result['data'] = $data;
return $result;
}
