Sarobidy22
/
MasterClass
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
117 MiB
 
 
 
 
 
 
Tree: e221c605b0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e221c605b0'
${ noResults }
MasterClass/application/controllers/Authentication.php

562 lines
22 KiB
Raw Blame History

<?php if ( !defined('BASEPATH')) exit('No direct script access allowed');
use app\core\auth\User as UserAuth;
use app\core\auth\Sso;
use app\core\auth\Unregister;
use app\core\auth\Session;
use app\core\utils\Cookie;
use app\core\utils\Request;
use app\core\utils\Response;
use app\core\utils\Helper;
use app\core\traits\Rememberme;
class Authentication extends MY_Controller {
public function __construct()
{
$this->my_parent_controller('auth');
$this->load->model('event_model', '', TRUE);
$this->load->model('user_model', '', TRUE);
$this->load->model('user_login_history_model', '', TRUE);
$this->load->model('user_forgot_password_model', '', TRUE);
}
public function index()
{
$this->login();
}
public function get_system_locale(){
$_lang_ = array();
$utype_active = 'lemonde-user';
if ($this->data["logged_in"]) {
$app_locale = $this->lang->line('js');
$app_locale['msg']['full_name'] = $this->data["logged_in"]['fullname'];
$app_locale['msg']['first_name'] = ucwords(strtolower($this->data["logged_in"]['first_name'])) ?? 'Prenom';
$app_locale['msg']['last_name'] = $this->data["logged_in"]['last_name'] ?? 'Nom';
$app_locale['msg']['last_name_2'] = $this->data["logged_in"]['last_name'] ?? 'Nom2';
$app_locale['msg']['login_as_subscriber'] = UserAuth::isLoggedInAsSubscriber();
switch ($this->data["logged_in"]['role_id']) {
case 1:
$utype_active = 'superadmin';
break;
case 2:
$utype_active = 'lemonde-user';
break;
case 4:
$utype_active = 'adminrc';
break;
default:
$utype_active = 'lemonde-user';
break;
}
$app_locale['msg']['role'] = $utype_active;
$_lang_["_app"] = $app_locale;
} else {
$_lang_["_app"] = $this->lang->line('js');
}
if($this->input->get()) {
if ($this->input->get("data")){
$which_dir = ($this->input->get("reqtype") == 1) ? "backoffice" : "frontoffice";
foreach ($this->input->get("data") as $key => $value) {
$try_expl = explode("|", $value);
$this->lang->load($which_dir . '/' . $try_expl[0], 'fr');
if (sizeof($try_expl) > 1) {
foreach ($try_expl as $key => $val) {
if ($key > 0) {
/*Implement for multiple lang*/
//$_lang_[$try_expl[0]][$val]=array();
//$_lang_[$try_expl[0]][$val] = $this->lang->line($val);
$_lang_[$try_expl[0]] = $this->lang->line($val);
}
}
} else {
$_lang_[$value] = $this->lang->line($value);
}
}
}
}
output_to_json($this, $_lang_);
}
public function auth()
{
if(UserAuth::isAuth())
Response::backToHomepage();
$this->data['content'] = 'backoffice/login/login_view';
$this->data['page_title'] = $this->lang->line("login")["bo_login_page_title"];
$this->data['remember_me'] = Rememberme::get(1);
$this->data['load_scripts'] = array
(
"<script src='".auto_version(app_bundle()."backoffice/login/authentication.js")."' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
public function login()
{
if(UserAuth::isAuth())
Response::backToHomepage();
$this->data['content'] = "frontoffice/login/login_view";
$this->data['page_title'] = $this->lang->line("login")["fo_login_page_title"];
$this->data['remember_me'] = Rememberme::get(0);
$this->load_extra_files(array(
"ga" => true
));
array_push($this->data['load_scripts'], "<script src='https://code.jquery.com/jquery-3.3.1.min.js' crossorigin='anonymous'></script>");
array_push($this->data['load_scripts'], "<script src='".app_bundle()."frontoffice/authentication.js' type='text/javascript'></script>");
$this->data = add_csrf_token($this->data);
$this->load->view('layouts/authentication_fo_view', $this->data);
}
public function user_info () {
$this->data['page_title'] = $this->lang->line("login")["fo_login_page_title"];
$this->data = add_csrf_token($this->data);
$this->load->view('frontoffice/login/sign_in_view', $this->data);
}
public function authenticate() {
// Check SSO signin
$sso = $this->attempt_sso_signin();
$loggedIn = $this->attempt_login(0, $sso);
/*
* Redirect to homepage by default
* if no redirect link is set from cookie
*/
// if ($loggedIn && UserAuth::isFirstLogin())
// redirect(base_url('mon-compte'));
$cookie_data = json_decode(get_cookie($this->config->item('sess_cookie_name')."_eventpage"));
$redirect = $cookie_data ? $cookie_data->event_link : base_url();
if ($loggedIn && countVal($sso))
redirect($redirect);
output_to_json($this, array (
"mtype" => $loggedIn ? "success" : "error",
"message" => $this->lang->line("login")[$loggedIn ? "login_successful" : "login_unsuccessful"],
"mdata" => array("redirect" => (int) $loggedIn, "path" => $redirect)
));
}
public function verify_login()
{
$loggedIn = $this->attempt_login(1);
output_to_json($this, array (
"mtype" => $loggedIn ? "success" : "error",
"message" => $this->lang->line("login")[$loggedIn ? "login_successful" : "login_unsuccessful"],
"mdata" => array("redirect" => (int) $loggedIn)
));
}
public function attempt_login(int $isBOUser = 0, $sso = []) {
$match = false;
$isRememberMeTurnedON = false;
$isFirstLogin = false;
$_SESSION["telephone"] = $sso['telephone'];
$_SESSION['iban'] = $sso['iban'];
$_SESSION["password"] = $sso['password'];
if (countVal($sso)) {
$match = $this->user_model->get_subscriber_profile($sso['telephone']);
// Non existing user (not in masterclass db) is required to complete his account details
if (!$match->user_id){
redirect('signup');
}
} else {
$user = $this->input->post($isBOUser ? 'username' : 'email');
$password = $this->input->post('password');
$isRememberMeTurnedON = ($this->input->post("remember_me") === "true") ? true : false;
$match = $this->user_model->authenticate($user, $password, Rememberme::isRemembered($isBOUser), $isBOUser);
}
if (!$match->user_id && !$match->last_name) {
output_to_json($this, array(
"mtype" => "error",
"message" => $this->lang->line("login")[$isBOUser ? "invalid_account_bo" : "invalid_account_fo"],
"mdata" => array("redirect" => 0)
));
}
if ((int) $match->status !== 1) {
output_to_json($this, array(
"mtype" => "error",
"message" => $this->lang->line("login")["account_deactivated"],
"mdata" => array("redirect" => 0)
));
}
if (!$isBOUser)
$isFirstLogin = $this->user_login_history_model->isFirstLogin($match->user_id);
// Create session
return UserAuth::login( [
"user_id" => $match->user_id,
"first_name" => $match->first_name,
"last_name" => $match->last_name,
"fullname" => $match->first_name." ".$match->last_name,
"email_address" => $match->email_address,
"role_id" => $match->role_id,
/**
* Make sure were not adding sso expiration for local testing
* SSO Expiration should be for real login only,
* which means the user logs in from Lemonde.fr
*/
"sso" => Sso::setSSORefreshTime($sso),
"premium" => Sso::isPremium($sso),
"remember_me" => (bool) $isRememberMeTurnedON,
"isFirstLogin" => $isFirstLogin,
"isBOUser" => (bool) $match->isBOUser
]);
}
private function attempt_sso_signin() {
/**
* $this->getActiveUserFromWebService() : Get log in info from main site, if not logged in redirect to our lemonde log in
* $this->session->userdata('sso') : This is only for local testing of account
*/
$testSSO = Sso::getTestSSO();
$sso = countVal($testSSO) ? $testSSO : $this->getActiveUserFromWebService('auth');
/**
* Unset SSO from Session as it is just temporary
* Ref: applicatio/Background_service/bypass_coockie_creation()
*/
Unregister::unset();
return $sso ?? [];
}
public function register_as_unknown_user() {
// Sso::ssoHasUserData($sso);
// Create new sso user
// $this->add_csrf_token($this->data);
$_SESSION['last_name'] = $this->input->post('last_name');
$_SESSION['first_name'] = $this->input->post('first_name');
$_SESSION['username'] = $this->input->post('username');
$_SESSION['email'] = $this->input->post('email');
$this->load->model('user_subscriber_model');
try {
$userId = $this->user_model->add_new_user([
'first_name' => $_SESSION['last_name'],
'last_name' => $_SESSION['first_name'],
'email_address' => $_SESSION['email'] ,
'username' => $_SESSION['username'] ,
'user_role' => 3,
'telephone' => $_SESSION['telephone'],
'iban' => $_SESSION['iban'],
'password' => $_SESSION['password']
]);
if (!$userId) {
Sso::unsetUserCookies();
// redirect('home');
}
$subcriberId = $this->user_subscriber_model->add_subscriber_data(['subscriber' => $userId]);
redirect('authenticate');
// return $this->user_model->user_details($userId);
} catch(\Exception $e) {
Sso::unsetUserCookies();
redirect('home');
}
}
public function auth_token($subscriber_id = null, $login_by = null)
{
if( !$this->user_model->token_user_id_exist($subscriber_id) && !isset($login_by) ) {
return redirect(base_url('/'));
}
$loggedIn = UserAuth::auth();
$data = array_merge(
Request::metaData($this),
[
'session_id' => $loggedIn['session_id'],
'role_id' => $loggedIna['role_id'],
'user_id' => $loggedIn['user_id']
]
);
// Save logout to history
$this->user_login_history_model->client_checkdb($data, "LOGOUT");
// Logoff user session
$this->session->unset_userdata('logged_in');
// Delete any remember me cookie
Rememberme::forget();
// Get and store user subscriber information
$match = $this->user_model->authenticate_token($subscriber_id, BO_USER_ROLES);
// Create new access token id
$access_token = sha1(generate_random_keys(6));
// Add token credentials to db as "ACTIVE login state(is_active = 1)"
$access_token_id = $this->user_model->insert_access_token(array(
"subscriber" => $subscriber_id,
"access_token" => $access_token,
"login_by" => $login_by
));
// Create session
$login = UserAuth::login([
"token_id" => $access_token_id,
"user_id" => $match->user_id,
"first_name" => $match->first_name,
"last_name" => $match->last_name,
"fullname" => $match->first_name." ".$match->last_name,
"email_address" => $match->email_address,
"role_id" => $match->role_id,
"remember_me" => false,
"isBOUser" => false
]);
//token has been created
redirect(base_url('/'));
}
// BO Admin is trying to access susbcriber's account via the Backoffice
public function subscriber_login_check(){
if ($this->input->post('subcriber')) {
$result = $this->user_login_history_model->subscriber_login_status($this->input->post('subcriber'));
//logout current user
output_to_json($this, $result);
}
output_to_json($this, false);
}
// Logout
public function logout() {
// Unset sso-related cookies
Sso::unsetUserCookies();
// Unset unknown user
Unregister::unset();
// Signout user
UserAuth::logout();
}
// Forgot Password -----------------
public function forgot_password_bo()
{
$this->data['content'] = "backoffice/login/forgotpass_view";
$this->data['page_title'] = $this->lang->line("login")["bo_login_page_title"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."backoffice/login/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."backoffice/login/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
public function forgotpass_page()
{
$this->data['content'] = "frontoffice/login/forgotpass_view";
$this->data['page_title'] = $this->lang->line("login")["fo_login_page_title"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."frontoffice/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."frontoffice/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
public function check_email()
{
$email = $this->input->post('email');
$user_role = NULL; //[USER_ROLES['subscriber']];
if($this->input->post("type")){
$user_role = BO_USER_ROLES;
}
$found = $this->user_model->identify_email($email, $user_role);
if($found)
{
$this->send_email($email, $found);
$result = array(
"mtype" => "success", //error or success or warning or info
"message" => $this->lang->line("login")["email_registered"],
"mdata" => array("r" => $found)
);
output_to_json($this, $result);
}
else
{
$result = array(
"mtype" => "error", //error or success or warning or info
"message" => $this->lang->line("login")["email_not_registered"],
"mdata" => array()
);
output_to_json($this, $result);
}
}
private function send_email($to_email, $role_id)
{
$this->load->library("mailjet_libr");
$token = generate_random_keys(20);
$code = substr($token, 0, 10);
$route_page = ($role_id != USER_ROLES['superadmin'] && $role_id != USER_ROLES['lemonde_user'] && $role_id != USER_ROLES['admin_rc'])?"enter_code_page":"enter_code";
$message = "";
$mail_content = array();
$message .= "<br>Si vous avez oublie&#769; votre mot de passe, veuillez cliquer sur le lien suivant et entrer le code ci-dessous :<br><br>";
$message .= "<a href='".base_url($route_page)."?email=".$to_email."' target='_blank'>> Changer mon mot de passe <</a><br>";
$message .= "Code : " . $code;
$mail_content["logo"] = "http://s1.lemde.fr/mmpub/img/espace-client/logo-lemonde.png";
$mail_content["description"] = $message;
$mail_content["reset_code"] = $code;
$mail_content["open_in_a_newtab"] = false;
$mail_content["subscriber"] = $this->user_model->get_my_email_forgot_pass($to_email);
$email_tpl = $this->load->view("backoffice/email/forgot_password_tpl", $mail_content, true);
$email_data = array(
'recipient' => $to_email,
'subject' => "LeMonde - ".$this->lang->line("login")["pwd_reset_notif"],
'message' => $email_tpl
);
//send token code
$mailjet_response = $this->mailjet_libr->fo_send_default_email($email_data);
if( $mailjet_response ){
//insert code
$this->user_forgot_password_model->send_email($to_email, $code, $role_id);
}
}
//for backoffice
public function enter_code()
{
$this->data['content'] = "backoffice/login/resetcode_view";
$this->data['page_title'] = $this->lang->line("login")["enter_code"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."backoffice/login/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."backoffice/login/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
//for frontoffice
public function enter_code_page()
{
$this->data['content'] = "frontoffice/login/resetcode_view";
$this->data['page_title'] = $this->lang->line("login")["enter_code"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."frontoffice/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."frontoffice/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
public function check_code()
{
$email = $this->input->post('email');
$code = $this->input->post('code');
$match = $this->user_forgot_password_model->check_code($email, $code);
if($match == 0){
$result = array(
"mtype" => "error", //error or success or warning or info
"message" => $this->lang->line("login")["code_expired"],
"mdata" => $match
);
output_to_json($this, $result);
}else if($match == 1){
$result = array(
"mtype" => "success", //error or success or warning or info
"message" => $this->lang->line("login")["code_valid"],
"mdata" => $match
);
output_to_json($this, $result);
}else if ($match == 2){
$result = array(
"mtype" => "error", //error or success or warning or info
"message" => $this->lang->line("login")["code_invalid"],
"mdata" => $match
);
output_to_json($this, $result);
}else if($match == 3){
$result = array(
"mtype" => "error", //error or success or warning or info
"message" => $this->lang->line("login")["invalid_email"],
"mdata" => $match
);
output_to_json($this, $result);
}else{
$result = array(
"mtype" => "error", //error or success or warning or info
"message" => $this->lang->line("unknown_error"),
"mdata" => "NaN"
);
output_to_json($this, $result);
}
}
//for frontoffice
public function reset_password_page()
{
$this->data['content'] = "frontoffice/login/resetpassword_view";
$this->data['page_title'] = $this->lang->line("login")["enter_reset_code"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."frontoffice/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."frontoffice/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
//for backoffice
public function reset_password()
{
$this->data['content'] = "backoffice/login/resetpassword_view";
$this->data['page_title'] = $this->lang->line("login")["enter_reset_code"];
$this->data['load_scripts'] = array (
"<script src='".app_bundle()."backoffice/login/authentication.js' type='text/javascript'></script>",
"<script src='".app_bundle()."backoffice/login/forgotpass.js' type='text/javascript'></script>"
);
$this->data = add_csrf_token($this->data);
$this->load->view('authentication_view', $this->data);
}
public function new_password()
{
$email = $this->input->post('email');
$password = $this->input->post('password');
$user_role = [USER_ROLES['subscriber']];
if($this->input->post("type")){
$user_role = BO_USER_ROLES;
}
$this->user_model->new_password($email, $password, $user_role);
}
}
/* End of file authentication.php */
/* Location: ./application/controllers/authentication.php */