public function testNameOfApplicationIntoTheOutput()
{
ob_start();
$this->application->run();
$content = ob_get_clean();
$this->assertRegExp("/this is my app/", $content);
}
public function login(Request $request)
{
$employeeRepository = $this->getEmployeeRepository();
$customerRepository = $this->getCustomerRepository();
if (!isset($request->headers['PHP_AUTH_USER'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_BASIC_AUTHORIZATION_HEADER);
}
$email = $request->headers['PHP_AUTH_USER'];
$password = $request->headers['PHP_AUTH_PW'];
$employee = $employeeRepository->getEmployeeByEmail($email);
$customer = $customerRepository->getCustomerByEmail($email);
if (is_null($employee) && is_null($customer)) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_USERNAME_PASSWORD);
}
$user = is_null($employee) ? $customer : $employee;
if ($user->status == 'pending') {
return JsonErrorResponse::fromKey(JsonErrorResponse::ACCOUNT_NOT_ACTIVATED);
}
if (is_a($user, 'App\\Rest\\Models\\Employee')) {
$credentials = $employeeRepository->getEmployeeCredentials($employee);
} else {
$credentials = $customerRepository->getCustomerCredentials($customer);
}
if (Helper::hashPassword($password, $credentials['salt']) !== $credentials['password']) {
if (is_a($user, 'App\\Rest\\Models\\Employee')) {
$count = $employeeRepository->incrementAndGetFailedLoginCount($employee->id);
} else {
$count = $customerRepository->incrementAndGetFailedLoginCount($customer->id);
}
if ($count >= AuthorizationController::MAX_FAILED_LOGIN) {
if (is_a($user, 'App\\Rest\\Models\\Employee')) {
$employeeRepository->disableAccount($employee->id);
} else {
$customerRepository->disableAccount($customer->id);
}
return JsonErrorResponse::fromKey(JsonErrorResponse::TOO_MANY_LOGIN_TRIES);
}
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_USERNAME_PASSWORD);
}
$token = new Token();
$token->value = Helper::randomString(32);
$token->validUntil = time() + Application::getInstance()->config('token.valid');
$token->scope = is_a($user, 'App\\Rest\\Models\\Employee') ? AuthorizationController::EMPLOYEE_SCOPE : AuthorizationController::CUSTOMER_SCOPE;
$token->ip = $request->getClientIp();
if ($this->getTokenRepository()->saveToken($token, is_a($user, 'App\\Rest\\Models\\Customer') ? $user->id : null, is_a($user, 'App\\Rest\\Models\\Employee') ? $user->id : null)) {
if (is_a($user, 'App\\Rest\\Models\\Employee')) {
$employeeRepository->resetFailedLoginCount($employee->id);
} else {
$customerRepository->resetFailedLoginCount($customer->id);
}
return new JsonResponse(array('value' => $token->value, 'expiresIn' => $token->getExpireTimeInSeconds(), 'scope' => $token->scope, 'id' => $user->id));
}
return JsonErrorResponse::fromKey(JsonErrorResponse::TOKEN_CREATION_ERROR);
}
private function getDatabaseHandler()
{
return Application::getInstance()->getDatabaseConnection();
}