/**
* @param AuthorizedPage $Page
* @param string $Email
* @param string $AccessCode
* @param string $ClientKey
* @param string $ClientInfo
* @return Authorization|boolean
*/
public static function Fetch(AuthorizedPage $Page, $Email, $AccessCode, $ClientKey = null, $ClientInfo = null)
{
if (!$Page || !$Page->ID || !$Page->IsAllowedEmail(strtolower($Email))) {
return false;
}
return Authorization::get()->filter(array('PageID' => $Page->ID, 'Email' => strtolower($Email), 'AccessCode' => strtoupper($AccessCode), 'ClientKey' => $ClientKey ? $ClientKey : Authorization::generateClientKey(), 'ClientInfo' => $ClientInfo ? $ClientInfo : Authorization::generateClientInfo()))->First();
}
/**
* Validates the OneTimeCode against Authorization.
* Valid requests need tobe sent as POST with ott=OneTimeCode
* @return JSON
*/
public function validateOneTimeCode()
{
$return = array('valid' => false);
if ($this->request->postVar('ott')) {
if ($OTCcheck = Authorization::get()->filter('OneTimeCode', $this->request->postVar('ott'))->last()) {
$return['valid'] = true;
//Log that this token has been used
$OTCcheck->logOTC();
//As this token as been found we'll remove it and write the Authorization.
$OTCcheck->OneTimeCode = null;
$OTCcheck->write();
}
}
return $this->renderWith('json', array('json' => json_encode($return)));
}
