private static function login_validateFoundUser($post) { $user = AuthData::selectUserAndPasswordByEmail($post['email']); if (!$user) { // Validate existing user // TODO: Maxe max login a config variable return array('authenticated' => false, 'maxattempts' => self::$maxattempts, 'msg' => 'Login failed. A user with that email could not be found.'); } else { if (!password_verify($post['password'], $user->password)) { // Validate Password return array('authenticated' => false, 'maxattempts' => self::$maxattempts, 'msg' => 'Login failed. Username and password combination did not match.'); } } // Safty first unset($user->password); return array('authenticated' => true, 'user' => $user); }
static function signup($app) { // Get Post Data $post = $app->request->post(); // Validate Sent Input $valid = self::validateFacebookProfile($post); if ($valid !== true) { return array('registered' => false, 'msg' => 'Facebook signup failed. Check your parameters and try again.'); } /* $token = self::getActiveAccessToken(); $profile = self::getProfile($post['accessToken']); if(true || !$token) { return array('registered' => false, 'msg' => 'Facebook signup failed. You are not logged into Facebook.', 'token' => $token, 'profile' => $profile, 'post' => $post, 'cookie' => $_COOKIE); } */ // Look for user with that email $existing = AuthData::selectUserAndPasswordByEmail($post['email']); if ($existing) { /// FAIL - If a user with that email already exists return array('registered' => false, 'msg' => 'Facebook signup failed. A user with that email already exists.'); } $validUser = array(':email' => $post['email'], ':name_first' => $post['nameFirst'], ':name_last' => $post['nameLast'], ':facebook_id' => $post['facebookId']); $userId = AuthData::insertFacebookUser($validUser); if (!$userId) { /// FAIL - If Inserting the user failed return array('registered' => false, 'msg' => 'Facebook signup failed. Could not save user.'); } // Select our new user $user = AuthData::selectUserById($userId); if (!$user) { /// FAIL - If Inserting the user failed (hopefully this is redundant) return array('registered' => false, 'msg' => 'Facebook signup failed. Could not select user.'); } // Save "Where did you hear about us" and any other additional questions // This is "quiet" in that it may not execute if no paramters match // And it doesnt set the response for the api call InfoController::quietlySaveAdditional($post, $user->id); // Create an authorization $token = AuthControllerNative::createAuthToken($app, $user->id); if ($token) { // Create the return object $found = array('user' => $user); $found['user']->apiKey = $token['apiKey']; $found['user']->apiToken = $token['apiToken']; $found['sessionLifeHours'] = $token['sessionLifeHours']; $found['registered'] = true; return $found; } else { return array('registered' => false, 'msg' => 'Facebook Signup failed to creat auth token.'); } }