示例#1
0
文件: Fwd.php 项目: minutephp/auth 
 public function index(string $jwt, string $url = '')
 {
     if ($payload = $this->jwtEx->decode($jwt)) {
         if ($user_id = $payload->user_id ?? 0) {
             if ($user = User::find($user_id)) {
                 if (!empty($payload->authorize)) {
                     /** @var User $user */
                     if ($user->verified == 'n') {
                         $user->ip_addr = $this->sniffer->getUserIP();
                         $user->verified = 'y';
                         $user->save();
                     }
                     $this->session->startSession($user_id);
                 }
                 if (!empty($payload->eventName)) {
                     $event = new UserEvent($user_id, $user->toArray());
                     $event->setData($payload->eventData ?? '');
                     $this->dispatcher->fire($payload->eventName, $event);
                 }
             }
         }
     } else {
         $params = ['msg' => 'Sorry this link has expired'];
     }
     return new Redirection($url ?: '/', $params ?? []);
 }
示例#2
0
文件: Reload.php 项目: minutephp/auth 
 public function index($redir = '')
 {
     $userId = $this->session->getLoggedInUserId();
     $this->session->destroySession();
     $this->session->startSession($userId);
     return new Redirection($redir ?: '/members');
 }
示例#3
0
 public function index($_params)
 {
     $event = new UserLoginEvent($_params);
     $this->dispatcher->fire(UserLoginEvent::USER_LOGIN_AUTHENTICATE, $event);
     if ($user = $event->getUser()) {
         $this->session->startSession($user->user_id);
         return json_encode(['update' => ['user' => $user], 'event' => 'session_user_login']);
     } else {
         throw new UserLoginError($event->getError() ?: 'UNKNOWN_ERROR');
     }
 }
示例#4
0
 public function registerUser($_params)
 {
     $event = new UserSignupEvent($_params);
     $this->dispatcher->fire(UserSignupEvent::USER_SIGNUP_BEGIN, $event);
     if ($user = $event->getUser()) {
         $this->session->startSession($user->user_id);
         return $user;
     } else {
         throw new UserSignupError($event->getError() ?: 'UNKNOWN_ERROR');
     }
 }
示例#5
0
 public function update($email, $password)
 {
     if (!empty($email) && !empty($password) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if ($user = User::find($this->session->getLoggedInUserId())) {
             $event = new UserUpdateDataEvent($user, ['email' => $email, 'password' => $password]);
             $this->dispatcher->fire(UserUpdateDataEvent::USER_UPDATE_DATA, $event);
             if ($event->isHandled()) {
                 return 'pass';
             }
         }
     }
     throw new UserUpdateDataError("Unable to update credentials");
 }
示例#6
0
 public function index($_params)
 {
     if (!empty($_params['password'])) {
         if ($user = User::find($this->session->getLoggedInUserId())) {
             $event = new UserUpdateDataEvent($user, ['password' => $_params['password']]);
             $this->dispatcher->fire(UserUpdateDataEvent::USER_UPDATE_DATA, $event);
             if ($event->isHandled()) {
                 return json_encode(['update' => 'PASSWORD_RESET']);
             } else {
                 throw new UserUpdateDataError($event->getError() ?: 'UNKNOWN_ERROR');
             }
         } else {
             throw new UserUpdateDataError('UNKNOWN_USER');
         }
     } else {
         throw new UserUpdateDataError('INVALID_DATA');
     }
 }
示例#7
0
 public function send(ResponseEvent $event)
 {
     /** @var HttpResponseEx $response */
     $response = $event->getResponse();
     if ($response->getStatusCode() === 401) {
         $user_id = $this->session->getLoggedInUserId();
         $reason = $user_id > 0 ? $this->lang->getText('Your account does not have the required authorization to view this page') : $this->lang->getText('You must be logged in to view this page');
         if ($event->isAjaxRequest()) {
             $response->setContent($reason);
         } else {
             $url = $this->response->getLoginRedirect($reason, true);
             $response->redirect($url, 302);
         }
     }
     if (!headers_sent()) {
         foreach ($response->getHeaders() as $header) {
             header($header, false);
         }
     }
     echo $response->getContent() ?? sprintf("Error code: %d", $response->getStatusCode());
 }
示例#8
0
文件: HAuth.php 项目: minutephp/auth 
 /**
  * @param $provider
  *
  * @throws HybridAuthError
  */
 public function index($provider)
 {
     if (isset($_REQUEST['hauth_start']) || isset($_REQUEST['hauth_done'])) {
         Hybrid_Endpoint::process();
     } else {
         try {
             $map = ['Facebook' => 'id', 'Google' => 'id', 'GitHub' => 'id'];
             $settings = ['Facebook' => ['scope' => 'email', 'display' => 'popup'], 'Google' => ['scope' => 'https://www.googleapis.com/auth/userinfo.email'], 'Twitter' => ['includeEmail' => true]];
             $config = $this->providers->getProvider($provider);
             if (!empty($config['key']) && !empty($config['secret'])) {
                 $pConfig = array_merge(['enabled' => true, "keys" => [$map[$provider] ?? 'key' => $config['key'], 'secret' => $config['secret']]], $settings[$provider] ?? []);
                 $config = ["providers" => [$provider => $pConfig]];
                 $hauth = new Hybrid_Auth($config);
                 $auth = $hauth->authenticate($provider);
                 if ($profile = $auth->getUserProfile()) {
                     $event = 'session_user_login';
                     $data = ['ident' => $profile->identifier, 'email' => $profile->email, 'first_name' => $profile->firstName, 'last_name' => $profile->lastName, 'photo_url' => $profile->photoURL, 'verified' => 'true'];
                     /** @var User $user */
                     if ($user = User::where('ident', '=', $profile->identifier)->first()) {
                         if (empty($user->email) && !empty($profile->email)) {
                             $user->email = $profile->email;
                             $user->save();
                         }
                         if (!empty($profile->email)) {
                             $user->contact_email = $profile->email;
                             $user->save();
                         }
                     } elseif (!empty($profile->email) && ($user = User::where('email', '=', $profile->email)->first())) {
                         $user->ident = $profile->identifier;
                         $user->save();
                     } else {
                         $user = $this->signupHandler->registerUser($data);
                         $event = 'session_user_signup';
                     }
                     if ($user_id = $user->user_id ?? null) {
                         $this->session->startSession($user_id);
                         $socialEvent = new UserSocialEvent($user->user_id, array_merge((array) $profile, ['provider' => $provider]));
                         $this->dispatcher->fire($event === 'session_user_signup' ? UserSocialEvent::USER_SOCIAL_SIGNUP : UserSocialEvent::USER_SOCIAL_LOGIN, $socialEvent);
                         $userData = json_encode(['user' => $user->toArray()]);
                         printf("<scrip" . "t>try { self.opener.Minute.setSessionData(%s, '%s'); } catch(err) { console.log(err); } finally { self.window.close(); }</script>", $userData, $event);
                     }
                 }
             } else {
                 throw new Exception("Configuration for {$provider} is incomplete");
             }
         } catch (\Throwable $e) {
             Hybrid_Auth::logoutAllProviders();
             throw new HybridAuthError($e->getMessage());
         }
     }
 }
示例#9
0
 public function setup(HttpRequestEx $request)
 {
     $params = $request->getParameters();
     try {
         if (!empty($params['db']['database']) && !empty($params['db']['username']) && !empty($params['db']['password'])) {
             try {
                 $conn = $this->database->connect($params['db']);
                 if ($pdo = $conn->getPdo()) {
                     $conf = sprintf('%s/app/Config/db-config', $this->bootLoader->getBaseDir());
                     if (file_put_contents($conf, sprintf('mysql://%s:%s@%s/%s', $params['db']['username'], $params['db']['password'], $params['db']['host'], $params['db']['database']))) {
                         if ($this->installer->install(['minutephp/site'], 'require', true)) {
                             $sth = $pdo->prepare('REPLACE INTO users SET email = :email, password = :password, ip_addr = :ip, created_at = NOW(), updated_at = NOW(), first_name = "Admin", verified = "true"');
                             $sth->execute(['email' => sprintf('admin@%s', $params['site']['domain'] ?? 'localhost'), 'password' => password_hash(Str::random(), PASSWORD_DEFAULT), 'ip' => $this->sniffer->getUserIP()]);
                             if ($admin_id = $pdo->lastInsertId()) {
                                 $sth = $pdo->prepare('REPLACE INTO m_user_groups set user_id = :user_id, group_name = "admin", created_at = NOW(), updated_at = NOW(), 
                                                                        expires_at = "20200101", credits = 999, comments = "First run"');
                                 $sth->execute(['user_id' => $admin_id]);
                                 $types = ['public' => $params['site'] ?? [], 'private' => []];
                                 foreach ($types as $type => $data) {
                                     $sth = $pdo->prepare('REPLACE INTO m_configs set type = :type, data_json = :data');
                                     $sth->execute(['type' => $type, 'data' => json_encode($data)]);
                                 }
                                 $this->session->startSession($admin_id);
                                 return 'pass';
                             }
                         } else {
                             throw new FirstRunError($this->lang->getText("Unable to run composer"));
                         }
                     }
                 }
             } catch (\Throwable $e) {
                 throw new FirstRunError($this->lang->getText("Unable to connect to database.\n") . $e->getMessage());
             }
         }
         throw new FirstRunError($this->lang->getText('All connection parameters are required. Please check connection details'));
     } catch (\Throwable $e) {
         if (!empty($conf) && file_exists($conf)) {
             @unlink($conf);
         }
         throw new FirstRunError("Error: " . $e->getMessage());
     }
 }
示例#10
0
 public function getCachedSessionData($reload)
 {
     $key = sprintf("session-user-%d", $this->session->getLoggedInUserId());
     $userData = function () {
         $user_id = $this->session->getLoggedInUserId();
         /** @var User $user_info */
         if ($user_info = User::find($user_id)) {
             $user_data = array_diff_key($user_info->getAttributes(), ['password' => 1, 'verified' => 1, 'ident' => 1]);
             $user_data['groups'] = $this->userInfo->getUserGroups($user_id, true) ?: [];
         } else {
             $user_data = null;
         }
         if (!empty($user_data) && empty($user_data['full_name'])) {
             $user_data['full_name'] = trim(sprintf('%s %s', $user_data['first_name'], $user_data['last_name'])) ?: 'Anonymous';
         }
         foreach ($this->providers->getEnabled() as $provider) {
             unset($provider['key'], $provider['secret']);
             $providers[] = $provider;
         }
         return ['site' => $this->config->getPublicVars(), 'user' => $user_data, 'providers' => $providers ?? []];
     };
     $data = $reload ? $userData() : $this->cache->get($key, $userData, 300);
     return $data;
 }
示例#11
0
文件: Logout.php 项目: minutephp/auth 
 public function index()
 {
     $this->dispatcher->fire(UserLogoutEvent::USER_LOGOUT_SUCCESS, new UserLogoutEvent($this->session->getLoggedInUserId()));
     $this->session->destroySession();
     return new Redirection('/');
 }