public function getLoggedInUser($token)
{
try {
// decode token
$tokenBody = JWT::decode($token, GlobalConstant::SECRET_KEY, array('HS256'));
// get user
$user = Users::findFirst(array('id = :id: AND access_token = :token: AND expire_time > :now:', 'bind' => array('id' => $tokenBody->id, 'token' => $token, 'now' => date('Y-m-d H:i:s', time()))));
// find in batch token
if (!$user) {
$user = Users::findFirst(array('id = :id: AND batch_token = :token: AND expire_time > :now: AND batch_time > :now:', 'bind' => array('id' => $tokenBody->id, 'token' => $token, 'now' => date('Y-m-d H:i:s', time()))));
}
return $user;
} catch (\Exception $ex) {
return null;
}
}
public function changePassword($id, $oldpass, $newpass)
{
// validate new password
if (!$newpass || !is_string($newpass) || !$this->commonService->validateInput($newpass, 'password')) {
return array('status' => false, 'message' => 'new password is not valid');
}
// find user
if (is_numeric($id) && ($user = Users::findFirst($id))) {
if ($this->security->checkHash($oldpass, $user->password)) {
// change password
$user->password = $this->security->hash($newpass);
// save user
if (!$user->save()) {
return array('status' => false, 'message' => $user->getMessages()['0']->getMessage());
}
} else {
return array('status' => false, 'message' => 'old password in not correct');
}
} else {
return array('status' => false, 'message' => 'can not find user');
}
return array('status' => true, 'message' => 'success changed password');
}