/**
* {@inheritdoc}
*/
protected function getView(Request $request)
{
$view = parent::getView($request);
$queryParams = $request->getQueryParams();
$page = max(1, array_get($queryParams, 'page'));
$params = ['id' => (int) array_get($queryParams, 'id'), 'page' => ['near' => array_get($queryParams, 'near'), 'offset' => ($page - 1) * 20, 'limit' => 20]];
$document = $this->getDocument($request->getAttribute('actor'), $params);
$getResource = function ($link) use($document) {
return array_first($document->included, function ($key, $value) use($link) {
return $value->type === $link->type && $value->id === $link->id;
});
};
$url = function ($newQueryParams) use($queryParams, $document) {
$newQueryParams = array_merge($queryParams, $newQueryParams);
$queryString = http_build_query($newQueryParams);
return $this->url->toRoute('discussion', ['id' => $document->data->id]) . ($queryString ? '?' . $queryString : '');
};
$posts = [];
foreach ($document->included as $resource) {
if ($resource->type === 'posts' && isset($resource->relationships->discussion) && isset($resource->attributes->contentHtml)) {
$posts[] = $resource;
}
}
$view->setTitle($document->data->attributes->title);
$view->setDocument($document);
$view->setContent(app('view')->make('flarum.forum::discussion', compact('document', 'page', 'getResource', 'posts', 'url')));
return $view;
}
/**
* @param Request $request
* @return RedirectResponse
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$token = PasswordToken::findOrFail(array_get($input, 'token'));
$password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation');
if (!$password || $password !== $confirmation) {
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}
$token->user->changePassword($password);
$token->user->save();
$token->delete();
return new RedirectResponse($this->url->toBase());
}
/**
* @param RequestPasswordReset $command
* @return \Flarum\Core\User
* @throws ModelNotFoundException
*/
public function handle(RequestPasswordReset $command)
{
$user = $this->users->findByEmail($command->email);
if (!$user) {
throw new ModelNotFoundException();
}
$token = PasswordToken::generate($user->id);
$token->save();
$data = ['username' => $user->username, 'url' => $this->url->toRoute('resetPassword', ['token' => $token->id]), 'forumTitle' => $this->settings->get('forum_title')];
$this->mailer->send(['text' => 'flarum::emails.resetPassword'], $data, function (Message $message) use($user) {
$message->to($user->email);
$message->subject('Reset Your Password');
});
return $user;
}
/**
* @param PrepareApiData $event
*/
public function addMetaTags(PrepareApiData $event)
{
if ($this->clientView && ($this->openGraph || $this->twitterCard)) {
$data = [];
switch (true) {
case $event->isController(ShowDiscussionController::class):
$data['url'] = $this->urlGenerator->toRoute('discussion', ['id' => $event->data->id . '-' . $event->data->slug]);
$data['title'] = $this->plainText($event->data->title, 80);
$post_id = $event->request->getQueryParams()['page']['near'];
if ($post_id === null) {
$data['description'] = $event->data->startPost ? $this->plainText($event->data->startPost->content, 150) : '';
} else {
$post = array_key_exists((int) $post_id - 1, $event->data->posts) ? $event->data->posts[(int) $post_id - 1] : null;
$data['url'] .= '/' . $post_id;
if ($post) {
$data['description'] = $this->plainText($post->content, 150);
} else {
$data['description'] = $event->data->startPost ? $this->plainText($event->data->startPost->content, 150) : '';
}
}
break;
// case $event->isController(ListDiscussionsController::class):
// $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]);
// $data['title'] = $this->plainText($event->data->username, 80);
// $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : '';
// break;
// case $event->isController(ShowUserController::class):
// $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]);
// $data['title'] = $this->plainText($event->data->username, 80);
// $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : '';
// break;
// case $event->isController(ListDiscussionsController::class):
// $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]);
// $data['title'] = $this->plainText($event->data->username, 80);
// $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : '';
// break;
// case $event->isController(ShowUserController::class):
// $data['url'] = $this->urlGenerator->toRoute('user', ['username' => $event->data->username]);
// $data['title'] = $this->plainText($event->data->username, 80);
// $data['description'] = $event->data->bio ? $this->plainText($event->data->bio, 150) : '';
// break;
default:
break;
}
$this->addOpenGraph($data);
$this->addTwitterCard($data);
}
}
/**
* @param RequestPasswordReset $command
* @return \Flarum\Core\User
* @throws ModelNotFoundException
*/
public function handle(RequestPasswordReset $command)
{
$user = $this->users->findByEmail($command->email);
if (!$user) {
throw new ModelNotFoundException();
}
$token = PasswordToken::generate($user->id);
$token->save();
$data = ['{username}' => $user->username, '{url}' => $this->url->toRoute('resetPassword', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')];
$body = $this->translator->trans('core.email.reset_password.body', $data);
$this->mailer->raw($body, function (Message $message) use($user, $data) {
$message->to($user->email);
$message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.reset_password.subject'));
});
return $user;
}
/**
* @param Request $request
* @return RedirectResponse
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$token = PasswordToken::findOrFail(array_get($input, 'passwordToken'));
$password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation');
$this->validator->assertValid(compact('password'));
if (!$password || $password !== $confirmation) {
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}
$token->user->changePassword($password);
$token->user->save();
$token->delete();
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $token->user->id);
return new RedirectResponse($this->url->toBase());
}
/**
* Get the data that should be made available to email templates.
*
* @param User $user
* @param string $email
*
* @return array
*/
protected function getEmailData(User $user, $email)
{
$token = $this->generateToken($user, $email);
// TODO: Need to use AbstractUrlGenerator, but since this is part of core we
// don't know that the forum routes will be loaded. Should the confirm
// email route be part of core??
return ['username' => $user->username, 'url' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), 'forumTitle' => $this->settings->get('forum_title')];
}
/**
* {@inheritdoc}
*/
public function handle(ServerRequestInterface $request)
{
$id = array_get($request->getQueryParams(), 'id');
$actor = $request->getAttribute('actor');
$this->assertRegistered($actor);
if ($actor->id != $id || $actor->is_activated) {
throw new PermissionDeniedException();
}
$token = EmailToken::generate($actor->email, $actor->id);
$token->save();
$data = ['{username}' => $actor->username, '{url}' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')];
$body = $this->translator->trans('core.email.activate_account.body', $data);
$this->mailer->raw($body, function (Message $message) use($actor, $data) {
$message->to($actor->email);
$message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.activate_account.subject'));
});
return new EmptyResponse();
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']);
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]);
$_SESSION['oauth2state'] = $provider->getState();
return new RedirectResponse($authUrl);
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
echo 'Invalid state.';
exit;
}
$token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
$owner = $provider->getResourceOwner($token);
$email = $owner->getEmail();
$username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName());
return $this->authenticate(compact('email'), compact('username'));
}
/**
* @return string
*/
public function getRedirectURI()
{
$path = $this->url->toRoute('auth.singleso');
// Strip off the redirect protocol if so configured.
$authSettings = SingleSO::settingsAuth($this->settings, false);
if ($authSettings['redirect_uri_noprotocol']) {
$path = preg_replace('/^https?:\\/\\//', '', $path);
}
return $path;
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$server = new Twitter(array('identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $this->url->toRoute('auth.twitter')));
if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) {
$temporaryCredentials = $server->getTemporaryCredentials();
$_SESSION['temporary_credentials'] = serialize($temporaryCredentials);
session_write_close();
// Second part of OAuth 1.0 authentication is to redirect the
// resource owner to the login screen on the server.
$server->authorize($temporaryCredentials);
exit;
}
// Retrieve the temporary credentials we saved before
$temporaryCredentials = unserialize($_SESSION['temporary_credentials']);
// We will now retrieve token credentials from the server
$tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']);
$user = $server->getUserDetails($tokenCredentials);
return $this->authenticate(['twitter_id' => $user->uid], ['username' => $user->nickname]);
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$provider = new Qq(['clientId' => $this->settings->get('lazyboywu-auth-qq.client_id'), 'clientSecret' => $this->settings->get('lazyboywu-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]);
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
return new RedirectResponse($authUrl);
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
echo 'Invalid state.';
exit;
}
$token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
$owner = $provider->getResourceOwner($token);
$qqopenid = $owner->getOpenId();
$username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getNickname());
$avatar_path = $owner->getFigureUrl();
return $this->authenticate(compact('qqopenid'), compact('username'));
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$provider = new QQ(['clientId' => $this->settings->get('azonwan-auth-qq.client_id'), 'clientSecret' => $this->settings->get('azonwan-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]);
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl(['grant_type' => ['authorization_code']]);
$_SESSION['oauth2state'] = $provider->getState();
return new RedirectResponse($authUrl);
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
echo 'Invalid state.';
exit;
}
$token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
$openid = $provider->getAccessOpenId('authorization_code', ['access_token' => $token->getToken(), 'code' => $_GET['code']]);
$options = ['openid' => $openid, 'access_token' => $token->getToken(), 'oauth_consumer_key' => $this->settings->get('azonwan-auth-qq.client_id')];
$owner = $provider->getResourceOwner($token, $options);
$username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()) . "_qq";
return $this->authenticate(compact('username'));
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$server = new Magento(array('host' => $this->settings->get('vovayatsyuk-auth-magento.store_url'), 'identifier' => $this->settings->get('vovayatsyuk-auth-magento.api_key'), 'secret' => $this->settings->get('vovayatsyuk-auth-magento.api_secret'), 'callback_uri' => $this->url->toRoute('auth.magento')));
if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) {
$temporaryCredentials = $server->getTemporaryCredentials();
$_SESSION['temporary_credentials'] = serialize($temporaryCredentials);
session_write_close();
// Second part of OAuth 1.0 authentication is to redirect the
// resource owner to the login screen on the server.
$server->authorize($temporaryCredentials);
exit;
}
// Retrieve the temporary credentials we saved before
$temporaryCredentials = unserialize($_SESSION['temporary_credentials']);
// We will now retrieve token credentials from the server
$tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']);
$user = $server->getUserDetails($tokenCredentials);
$email = $user->email;
$username = preg_replace('/[^a-z0-9-_]/i', '', $user->firstName . $user->lastName);
return $this->authenticate(compact('email'), compact('username'));
}
/**
* @param Request $request
* @return RedirectResponse
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$token = PasswordToken::findOrFail(array_get($input, 'passwordToken'));
$password = array_get($input, 'password');
try {
// todo: probably shouldn't use the user validator for this,
// passwords should be validated separately
$this->validator->assertValid(compact('password'));
$validator = $this->validatorFactory->make($input, ['password' => 'required|confirmed']);
if ($validator->fails()) {
throw new ValidationException($validator);
}
} catch (ValidationException $e) {
$request->getAttribute('session')->set('error', $e->errors()->first());
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}
$token->user->changePassword($password);
$token->user->save();
$token->delete();
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $token->user->id);
return new RedirectResponse($this->url->toBase());
}
/**
* Get the data that should be made available to email templates.
*
* @param User $user
* @param string $email
* @return array
*/
protected function getEmailData(User $user, $email)
{
$token = $this->generateToken($user, $email);
return ['{username}' => $user->username, '{url}' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')];
}
/**
* @param ConfigureFormatterRenderer $event
*/
public function render(ConfigureFormatterRenderer $event)
{
$event->renderer->setParameter('PROFILE_URL', $this->url->toRoute('user', ['username' => '']));
}
/**
* @param ConfigureFormatterRenderer $event
*/
public function render(ConfigureFormatterRenderer $event)
{
$event->renderer->setParameter('DISCUSSION_URL', $this->url->toRoute('discussion', ['id' => '']));
}
/**
* @return null|string
*/
protected function getFaviconUrl()
{
$faviconPath = $this->settings->get('favicon_path');
return $faviconPath ? $this->url->toPath('assets/' . $faviconPath) : null;
}
