public function getLoggedInUser($token) { try { // decode token $tokenBody = JWT::decode($token, GlobalConstant::SECRET_KEY, array('HS256')); // get user $user = Users::findFirst(array('id = :id: AND access_token = :token: AND expire_time > :now:', 'bind' => array('id' => $tokenBody->id, 'token' => $token, 'now' => date('Y-m-d H:i:s', time())))); // find in batch token if (!$user) { $user = Users::findFirst(array('id = :id: AND batch_token = :token: AND expire_time > :now: AND batch_time > :now:', 'bind' => array('id' => $tokenBody->id, 'token' => $token, 'now' => date('Y-m-d H:i:s', time())))); } return $user; } catch (\Exception $ex) { return null; } }
public function changePassword($id, $oldpass, $newpass) { // validate new password if (!$newpass || !is_string($newpass) || !$this->commonService->validateInput($newpass, 'password')) { return array('status' => false, 'message' => 'new password is not valid'); } // find user if (is_numeric($id) && ($user = Users::findFirst($id))) { if ($this->security->checkHash($oldpass, $user->password)) { // change password $user->password = $this->security->hash($newpass); // save user if (!$user->save()) { return array('status' => false, 'message' => $user->getMessages()['0']->getMessage()); } } else { return array('status' => false, 'message' => 'old password in not correct'); } } else { return array('status' => false, 'message' => 'can not find user'); } return array('status' => true, 'message' => 'success changed password'); }