/**
* @docs-name Authenticate (Create New Session)
*
* Creates a session. A valid email and password of an existing user must be passed in, and the new session
* (with the session id) will be returned.
*
* ~~~
* Get sessions through email password
* {
* "email": string,
* "password": string
* }
*
* or get one time session to reset password
*
* {
* "email": string,
* "authToken": string
* }
*
* @docs-param session string body required A session object (with email & password or email & authToken filled in)
*
* @throws \Slim\Exception\Stop
*/
function post()
{
$this->model->loadFromExternalSource($this->getApp()->getRequest()->getBody());
if (empty($this->model->email)) {
$this->getApp()->returnError(Errors::$SESSION_EMAIL_REQUIRED);
} else {
/**
* @var $user User
*/
$user = call_user_func($this->userModelClass . '::init', $this->getApp());
$user->findByField('email', $this->model->email);
if (!empty($this->model->password)) {
if ($user->passHash != Identity::passHash($this->model->password, $user->salt)) {
$this->getApp()->returnError(Errors::$PASSWORD_INVALID);
}
} elseif (!empty($this->model->authToken)) {
if ($this->model->authToken != Identity::passHash($user->passHash, $user->lastAccessed->getTimestamp())) {
$this->getApp()->returnError(Errors::$TOKEN_INVALID);
}
} else {
$this->getApp()->returnError(Errors::$SESSION_PASSWORD_TOKEN_REQUIRED);
}
$user->lastAccessed = new \DateTime('now');
$user->save();
$this->model->user = $user;
$this->model->insert();
echo $this->model->outputJSON();
}
}
public function insert()
{
$this->salt = uniqid(mt_rand(), TRUE);
$this->passHash = Identity::passHash($this->password, $this->salt);
$this->password = NULL;
$this->created = new \DateTime('now');
parent::insert();
}
/**
* @docs-name Email forgot password token
*
* json should be passed in in the following form
* ~~~
* {
* "email": string
* }
* ~~~
*
* @docs-param email string body required json object containing a user's email
*/
public function postForgotPassword()
{
if ($this->getEmailProvider() == null) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_PROVIDER);
}
if ($this->forgotEmailTemplate == null) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_TEMPLATE);
}
/**
* @var $user User
*/
$data = json_decode($this->getApp()->getRequest()->getBody());
try {
$email = $data->email;
} catch (\Exception $e) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_REQUIRED);
}
$user = User::init($this->getApp());
if (!$user->findByField('email', $email)) {
$this->getApp()->returnError(Errors::$PASSWORD_NO_USER_EMAIL);
}
$user->lastAccessed = new \DateTime('now');
$user->save();
$authToken = Identity::passHash($user->passHash, $user->lastAccessed->getTimestamp());
$this->forgotEmailTemplate->mergeData(array('!authToken' => $authToken));
$resp = $this->getEmailProvider()->sendEmail($user->email, $this->forgotEmailTemplate);
echo json_encode($resp);
}