public function doGet($view, $params)
{
unset($params);
$auth = Config::getInstance()->get("oauth2");
$eve = $auth['eve'];
$sso = new CrestSSO($eve['client_id'], $eve['client_secret'], $eve['redirect_uris'][0], $eve['scopes'], '/');
$view->redirect($sso->getLoginURL(Session::getSession()));
}
private function validate($view)
{
$session = Session::getSession();
$error = filter_input(INPUT_GET, 'error');
$state = filter_input(INPUT_GET, 'state');
if (!empty($error) || (empty($state) || $state !== $session->get('oauth2state'))) {
$view->redirect('/logout/');
}
}
public function doGet($view, $params)
{
$auth = Config::getInstance()->get("oauth2");
$google = $auth['google'];
$provider = new \League\OAuth2\Client\Provider\Google(['clientId' => $google['client_id'], 'clientSecret' => $google['client_secret'], 'redirectUri' => $google['redirect_uris'][0]]);
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
Session::getSession()->set('oauth2state', $provider->getState());
$view->redirect($authUrl);
}
public function doGet($view, $params)
{
unset($params);
$auth = Config::getInstance()->get("oauth2");
$eve = $auth['eve'];
$sso = new CrestSSO($eve['client_id'], $eve['client_secret'], $eve['redirect_uris'][0], $eve['scopes'], '/');
$code = filter_input(INPUT_GET, 'code');
$state = filter_input(INPUT_GET, 'state');
$userInfo = $sso->handleCallback($code, $state, Session::getSession());
$charID = $userInfo['characterID'];
$id = "auth:eve:" . $charID;
$user = Mongo::get()->findDoc("users", ['id' => $id], null, true);
$user->setAll(["id" => $id, "name" => $userInfo['characterName'], "email" => null, "image" => "https://imageserver.eveonline.com/Character/{$charID}_256.jpg", "oauth2" => "eve", "refresh_token" => $userInfo['refreshToken']]);
$user->save();
Session::getSession()->set("userID", $id);
$view->redirect('/', 302);
}
public function doPost($render, $params)
{
$userID = strtolower(filter_input(INPUT_POST, 'userid'));
$pass = filter_input(INPUT_POST, 'password');
$error = null;
$message = null;
$user = Mongo::get()->findDoc('users', ['id' => $userID]);
$hash = $user !== null ? $user->get('password') : null;
if ($hash != null && password_verify($pass, $hash)) {
$message = "Successful login.";
Session::getSession()->set("userID", $userID);
$params['user_name'] = $userID;
} else {
$error = "No such credentials.";
}
$params['errorCode'] = $error === null ? 'Success' : 'Error';
$params['errorMessage'] = $error === null ? $message : $error;
$render->render('error', $params);
}
public function doPost($render, $params)
{
$userID = strtolower(filter_input(INPUT_POST, 'userid'));
$password = filter_input(INPUT_POST, 'password');
$error = null;
$message = null;
$user = Mongo::get()->findDoc("users", ["id" => $userID]);
if ($user != null) {
$error = 'User account already exists';
} else {
$user = new MongoDoc("users");
$user->set("id", $userID);
$user->set("name", $userID);
$user->set("password", password_hash($password, PASSWORD_DEFAULT));
$user->save();
$message = "Account created!";
$params['user_name'] = $userID;
Session::getSession()->set("userID", $userID);
}
$params['errorCode'] = $error === null ? 'Success' : 'Error';
$params['errorMessage'] = $error === null ? $message : $error;
$render->render('error', $params);
}
public function doGet($view, $params)
{
Session::destroy();
$view->redirect('/');
}