/**
* Call
*
* Pulls out a anonymous sent from an http header
*
* Perform actions specific to this middleware and optionally
* call the next downstream middleware.
*/
public function call()
{
$sessionId = $this->getApp()->getRequest()->headers('SESSION');
$foundSession = call_user_func($this->sessionModelClass . '::init', $this->getApp());
if ($foundSession->findById($sessionId)) {
$this->session = $foundSession;
$this->getApp()->getRequest()->session = $this->session;
$now = new \DateTime('now');
$this->session->lastAccessed = $now;
$user = User::init($this->getApp());
$user->findById($this->session->userId);
$user->lastAccessed = $now;
$user->save();
$this->session->user = $user;
}
if (!empty($this->next)) {
$this->next->call();
}
}
/**
* Updates a user's info. All fields will be replaced with the values given. Empty fields will be set to null.
*
* ~~~
* {
* "userId": userId,
* "created": timeDate,
* "firstName": string,
* "lastName": string,
* "email": string,
* "password": null,
* "newSessionId": null,
* }
* ~~~
*
* @docs-param user string body required A user object to create in the database
*
* @param $id string The id of the user you are trying to update
*/
public function _restPutResource($id)
{
$oldUser = clone $this->model;
$this->model->loadFromExternalSource($this->getApp()->getRequest()->getBody());
if (!empty($this->model->password)) {
if (strlen($this->model->password) < 6) {
$this->getApp()->returnError(Errors::$SHORT_PASSWORD);
}
$this->model->passHash = Identity::passHash($this->model->password, $oldUser->salt);
$this->model->password = NULL;
/**
* Deletes all sessions except for the current one for the user whose password changed
*
* @var $session Session
*/
$session = call_user_func($this->sessionModelClass . '::init', $this->getApp());
$deleteSessions = $session->findAllByField('userId', $id);
foreach ($deleteSessions as $session) {
if ($session->sessionId == $this->getApp()->getRequest()->session->sessionId) {
continue;
}
$session->delete();
}
}
if (empty($this->model->email)) {
$this->getApp()->returnError(Errors::$EMAIL_REQUIRED);
}
if ($this->model->email != $oldUser->email && $this->model->findByField('email', $this->model->email)) {
$this->getApp()->returnError(Errors::$EMAIL_EXISTS);
}
$this->model->created = $oldUser->created;
$this->model->salt = $oldUser->salt;
$this->model->lastAccessed = $oldUser->lastAccessed;
$this->model->save();
echo $this->model->outputJSON();
}
/**
* @docs-name Email forgot password token
*
* json should be passed in in the following form
* ~~~
* {
* "email": string
* }
* ~~~
*
* @docs-param email string body required json object containing a user's email
*/
public function postForgotPassword()
{
if ($this->getEmailProvider() == null) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_PROVIDER);
}
if ($this->forgotEmailTemplate == null) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_TEMPLATE);
}
/**
* @var $user User
*/
$data = json_decode($this->getApp()->getRequest()->getBody());
try {
$email = $data->email;
} catch (\Exception $e) {
$this->getApp()->returnError(Errors::$PASSWORD_EMAIL_REQUIRED);
}
$user = User::init($this->getApp());
if (!$user->findByField('email', $email)) {
$this->getApp()->returnError(Errors::$PASSWORD_NO_USER_EMAIL);
}
$user->lastAccessed = new \DateTime('now');
$user->save();
$authToken = Identity::passHash($user->passHash, $user->lastAccessed->getTimestamp());
$this->forgotEmailTemplate->mergeData(array('!authToken' => $authToken));
$resp = $this->getEmailProvider()->sendEmail($user->email, $this->forgotEmailTemplate);
echo json_encode($resp);
}