示例#1
0
 public function testNameOfApplicationIntoTheOutput()
 {
     ob_start();
     $this->application->run();
     $content = ob_get_clean();
     $this->assertRegExp("/this is my app/", $content);
 }
 public function login(Request $request)
 {
     $employeeRepository = $this->getEmployeeRepository();
     $customerRepository = $this->getCustomerRepository();
     if (!isset($request->headers['PHP_AUTH_USER'])) {
         return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_BASIC_AUTHORIZATION_HEADER);
     }
     $email = $request->headers['PHP_AUTH_USER'];
     $password = $request->headers['PHP_AUTH_PW'];
     $employee = $employeeRepository->getEmployeeByEmail($email);
     $customer = $customerRepository->getCustomerByEmail($email);
     if (is_null($employee) && is_null($customer)) {
         return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_USERNAME_PASSWORD);
     }
     $user = is_null($employee) ? $customer : $employee;
     if ($user->status == 'pending') {
         return JsonErrorResponse::fromKey(JsonErrorResponse::ACCOUNT_NOT_ACTIVATED);
     }
     if (is_a($user, 'App\\Rest\\Models\\Employee')) {
         $credentials = $employeeRepository->getEmployeeCredentials($employee);
     } else {
         $credentials = $customerRepository->getCustomerCredentials($customer);
     }
     if (Helper::hashPassword($password, $credentials['salt']) !== $credentials['password']) {
         if (is_a($user, 'App\\Rest\\Models\\Employee')) {
             $count = $employeeRepository->incrementAndGetFailedLoginCount($employee->id);
         } else {
             $count = $customerRepository->incrementAndGetFailedLoginCount($customer->id);
         }
         if ($count >= AuthorizationController::MAX_FAILED_LOGIN) {
             if (is_a($user, 'App\\Rest\\Models\\Employee')) {
                 $employeeRepository->disableAccount($employee->id);
             } else {
                 $customerRepository->disableAccount($customer->id);
             }
             return JsonErrorResponse::fromKey(JsonErrorResponse::TOO_MANY_LOGIN_TRIES);
         }
         return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_USERNAME_PASSWORD);
     }
     $token = new Token();
     $token->value = Helper::randomString(32);
     $token->validUntil = time() + Application::getInstance()->config('token.valid');
     $token->scope = is_a($user, 'App\\Rest\\Models\\Employee') ? AuthorizationController::EMPLOYEE_SCOPE : AuthorizationController::CUSTOMER_SCOPE;
     $token->ip = $request->getClientIp();
     if ($this->getTokenRepository()->saveToken($token, is_a($user, 'App\\Rest\\Models\\Customer') ? $user->id : null, is_a($user, 'App\\Rest\\Models\\Employee') ? $user->id : null)) {
         if (is_a($user, 'App\\Rest\\Models\\Employee')) {
             $employeeRepository->resetFailedLoginCount($employee->id);
         } else {
             $customerRepository->resetFailedLoginCount($customer->id);
         }
         return new JsonResponse(array('value' => $token->value, 'expiresIn' => $token->getExpireTimeInSeconds(), 'scope' => $token->scope, 'id' => $user->id));
     }
     return JsonErrorResponse::fromKey(JsonErrorResponse::TOKEN_CREATION_ERROR);
 }
示例#3
0
 private function getDatabaseHandler()
 {
     return Application::getInstance()->getDatabaseConnection();
 }