WrenchBoard/WrenchBoradWeb
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Files
4771e93f2b3c9065b400adc959bc983e3a64b4fb
WrenchBoradWeb/www/application/controllers/Login.php
T
ameye c4b4ca7f9d fix
2022-07-22 20:08:48 -04:00

525 lines
22 KiB
PHP
Raw Blame History

<?php
defined('BASEPATH') OR exit('No direct script access allowed');
//Import Hybridauth's namespace
use Hybridauth\Hybridauth;
class Login extends WRB_Controller {
public function __construct() {
parent::__construct();
// Load library and url helper
//$this->load->library('facebook');
//$this->load->helper('url');
$this->load->library(array('session', 'lib_login'));
}
private function excudedEmails(){
$ecData= [
'ses66181+1@gmail.com',
'tokslawus@gmail.com',
'ses6681+3@gmail.com',
'ameye@chiefsoft.com',
'ses66181@gmail.com',
];
if (in_array($_SESSION['username'], $ecData))
{
$_SESSION['allow_payment_features'] = true;
}
else
{
$_SESSION['allow_payment_features'] = false;
}
return 0;
}
public function index() {
$data["login_message"] = $this->session->flashdata('login_message');
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() !== false) {
$data['username'] = strtolower($this->input->post('username')); // '08174596144';
$data['password'] = $this->input->post('password'); //'7978';
$data['sessionid'] = rand(10000, 99999) . "A" . rand(10000, 99999);
$data['action'] = WRENCHBOARD_ACCOUNT_LOGIN;
$data['login_mode'] = WEBSITE_LOGIN;
$this->load->model('backend_model');
$out = array();
$res = $this->backend_model->wrenchboard_api($data, $out);
$is_live = $this->backend_model->cfgReadChar("system.live");
// print_r($out);
if ($res == PHP_LOGIN_OK) {
$this->load->model('account_model');
$ret = $this->account_model->username_data($data);
if ($res !== false) {
$data["login_message"] = "Welcome...";
// yes person has an account
$_SESSION['session_id'] = $out["session"];
$_SESSION['username'] = $this->input->post('username');
$_SESSION['name'] = $this->input->post('username');
$_SESSION['firstname'] = $ret->firstname;
$_SESSION['lastname'] = $ret->lastname;
$_SESSION['email'] = $ret->email;
$_SESSION['member_id'] = $ret->id;
$_SESSION['log_count'] = 0;
$_SESSION['mesaage_count'] = 0;
$this->findOffers($_SESSION['email']);
$_SESSION['message_snapshot'] = $this->myMessagesSnapshot();
$_SESSION['total_jobs'] = 0;
if (trim($ret->profile_pic) == '') {
// Show default picture
$_SESSION['profile_picture'] = "../smedia/DEFAULTS/default-profile.png";
} else {
// show the profile picture
$_SESSION['profile_picture'] = "../smedia/" . ($is_live ? "LIVE" : "TEST") . "/profile/" . $ret->profile_pic;
}
$this->logUser('Account login');
$this->refreshAccountDetail($_SESSION['member_id']);
$this->getSessionArray();
$this->excudedEmails();
$this->load->model('autopref_model');
$prefArray = $this->autopref_model->afterLoginPage();
redirect($prefArray['returnPage']);
}
} else {
$data["login_message"] = "Invalid username or password";
}
$res = false; // $this->login_model->verify_login($data);
} else {
echo validation_errors();
}
if ($this->lib_login->is_authenticated()) {
$fb_data = $this->lib_login->getData($this->lib_login->get_access_token());
if (isset($fb_data['me'])) {
$user = $fb_data['me'];
$user['facebook'] = 1;
list($proceed, $data) = $this->checkUserExists($user, $data);
if ($proceed) {
$name = (string) $user["name"];
if (trim($name) == "")
$name = strtok($user["email"], "@");
$data['fb_id'] = $user["id"];
$data['firstname'] = strtok($name, " ");
$data['lastname'] = strtok(" ");
$data['email'] = $user["email"];
$data['sessionid'] = rand(10000, 99999) . "A" . rand(10000, 99999);
$data['action'] = WRENCHBOARD_FACEBOOK_LOGIN;
$this->load->model('backend_model');
$out = array();
$res = $this->backend_model->wrenchboard_api($data, $out);
if ($res == PHP_LOGIN_OK) {
$this->load->model('account_model');
$ret = $this->account_model->username_data($out);
if ($res !== false) {
$data["login_message"] = "Welcome...";
// yes person has an account
$_SESSION['session_id'] = $out["session"];
$_SESSION['username'] = $ret->username;
$_SESSION['name'] = $ret->username;
$_SESSION['firstname'] = $ret->firstname;
$_SESSION['lastname'] = $ret->lastname;
$_SESSION['email'] = $ret->email;
$_SESSION['member_id'] = $ret->id;
$_SESSION['log_count'] = 0;
$_SESSION['mesaage_count'] = 0;
$this->findOffers($_SESSION['email']);
$_SESSION['message_snapshot'] = $this->myMessagesSnapshot();
$_SESSION['profile_picture'] = "../smedia/DEFAULTS/default-profile.png";
$this->logUser('Account login');
$this->refreshAccountDetail($_SESSION['member_id']);
$this->getSessionArray();
$this->excudedEmails();
redirect('dash');
}
}
}
} else if ($data["login_message"] == "") {
//$data["login_message"] = "Facebook login failed";
}
}
if( strlen( $data["login_message"]) > 0 )
{
$data["login_message"] = "<div class=\"text-left\">
<div class=\"alert alert-danger no-border\">" . $data["login_message"] . "- Please <a href=\"/password_recovery\">reset your password</a> or create a <a href='/signup'>new account</a> </div></div>";
}
$data['title'] = "Login"; // Capitalize the first letter
$data['page_title'] = "Login WrenchBoard";
//----- long out $this->load->view('templates/header_boxed', $data);
//$this->load->view('users/view_login', $data);
//$this->load->view('users/view_external_footer');
// Load Hybridauth's helper
$this->load->helper('hybridauth');
/*
// Instantiate Hybridauth's classes
$hybrid = new Hybridauth(get_hybridauth_config());
// Get login links
$login_links = get_hybridauth_links($hybrid, $this->router);
*/
$login_links = array(
'Google' => get_google_login_link(),
'Apple' => get_apple_login_link()
);
// Pass login links to html template
$data['login_links'] = $login_links;
// Render html template
$this->load->view('site3/external/view_home',$data);
}
//<a href="/password_recovery">Forgot Password ?</a>
public function refreshAccountDetail($member_id) {
$this->load->model('account_model');
$qr = $this->account_model->loadAccountData($member_id);
$this->load->model('account_model');
$_SESSION['current_balance'] = $this->account_model->getUserWallet($member_id,$currency='NAIRA'); // $out['current_balance'];
// $_SESSION['current_balance'] = $qr[0]['balance'];
$_SESSION['active_task'] = $this->account_model->loadActiveTaskCount($member_id);
}
private function checkUserExists($user, $data)
{
$proceed = false;
$q = " AND external_idp_provider=1";
if (is_array($user) && array_key_exists('google',$user)) {
$q = " AND external_idp_provider=2";
}
//$data["login_message"] = $user["id"]."/".$user["name"]."/".$user["email"]."<a href='".$this->lib_login->getLogoutUrl()."'>Logout</a>";
$q = "SELECT * FROM members WHERE lower(email)=lower('" . $user["name"] . "') AND password IS NULL AND external_idp_provider_id='" . $user["id"] . "'" . $q;
$query = $this->db->query($q);
if (count($query->result_array)) {
// Account exists
$proceed = true;
} else {
$q = "SELECT * FROM members WHERE lower(email)=lower('" . $user["name"] . "')";
$query = $this->db->query($q);
if (count($query->result_array)) {
$data["login_message"] = "The e-mail " . $user["email"] . " is already registered. You should login with your username and password.";
} else {
// Create account
$proceed = true;
}
}
return array($proceed, $data);
}
public function logout() {
$this->lib_login->destroy_session();
redirect('login', redirect);
}
//Processes social login
function auth($provider = NULL)
{
$data = array();
// Load Hybridauth's helper
$this->load->helper('hybridauth');
$code = $this->input->get('code');
$apple_code = '';
if ($provider == 'apple') {
$apple_code = $this->input->post('code');
}
if ($code!='') {
$client = get_google_client();
$token = $client->fetchAccessTokenWithAuthCode($code);
if (is_array($token) && array_key_exists('access_token',$token)) {
$client->setAccessToken($token['access_token']);
// get profile info
$google_oauth = new Google_Service_Oauth2($client);
$google_account_info = $google_oauth->userinfo->get();
$id = $google_account_info->id;
$email = $google_account_info->email;
$name = $google_account_info->name;
//var_dump($google_account_info);
//exit();
if ($id !='' && $email != '') {
$user = array(
'id' => $id,
'name' => $name,
'email' => $email,
'google' => 1
);
list($proceed, $data) = $this->checkUserExists($user, $data);
if ($proceed) {
$this->provisionAccount($user, $data);
} else {
// Cannot proceed - duplicate email?
$this->session->set_flashdata('login_message','Cannot proceed - duplicate email');
redirect('login');
}
} else {
// Invalid or missing id and/or email - login failed?
$this->session->set_flashdata('login_message','Invalid or missing id and/or email - login failed!');
redirect('login');
}
} else {
// Missing access token / invalid grant - expired credentials?
$this->session->set_flashdata('login_message','Missing access token / invalid grant - expired credentials!');
redirect('login');
}
} else if ($apple_code != '') {
// Handle Apple
if($_SESSION['apple_state'] != $this->input->post('state')) {
// Invalid or missing state - login failed?
$this->session->set_flashdata('login_message','Authorization server returned an invalid state parameter'
.$_SESSION['apple_state'].'/'.$this->input->post('state'));
unset($_SESSION['apple_state']);
redirect('login');
return;
}
// Token endpoint docs:
// https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens
list($clientId, $clientSecret, $redirectUri) = get_apple_config();
$data = [
'grant_type' => 'authorization_code',
'code' => $apple_code,
'redirect_uri' => $redirectUri,
'client_id' => $clientId,
'client_secret' => $clientSecret,
];
$url = "https://appleid.apple.com/auth/token";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, true);
curl_setopt($ch,CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($ch,CURLOPT_HTTPHEADER, [
'Accept: application/json',
'Content-type: application/x-www-form-urlencoded',
'User-Agent: curl', # Apple requires a user agent header at the token endpoint
]);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
/*
{
"access_token": "adg61...67Or9",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "rca7...lABoQ"
"id_token": "eyJra...96sZg"
}
*/
$response = json_decode($result);
if(!isset($response->access_token)) {
$this->session->set_flashdata('login_message','Error getting an access token');
//echo '<pre>'; print_r($response); echo '</pre>';
//echo $result; die();
redirect('login');
return;
}
$claims = explode('.', $response->id_token)[1];
$claims = json_decode(base64_decode($claims));
//echo '<h3>Access Token Response</h3>';
//echo '<pre>'; print_r($response); echo '</pre>';
//echo '<h3>Parsed ID Token</h3>';
//echo '<pre>'; print_r($claims); echo '</pre>';
/*
eyJraWQiOiJmaDZCczhDIiwiYWxnIjoiUlMyNTYifQ
eyJpc3MiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiYXVkIjoiY29tLndyZW5jaGJvYXJkLnVzZXJzLmNsaWVudCIsImV4cCI6MTY1NDE3MjM5NywiaWF0IjoxNjU0MDg1OTk3LCJzdWIiOiIwMDE4MTAuMjBlNzUwMjhkNDljNDJkOGI0MzBiNDJkMWQ3NDg3ZjMuMTE1NyIsImF0X2hhc2giOiJPSzNfZlNtLUJZTEMzd3R5QTB4Q2pRIiwiZW1haWwiOiJhY2lkdW1pcmFlQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjoidHJ1ZSIsImF1dGhfdGltZSI6MTY1NDA4NTk2Mywibm9uY2Vfc3VwcG9ydGVkIjp0cnVlfQ
jHxcOMAxUYEJx7nlmAXPN6PuqKMxVVcklGU5p6k16UvSS4DOM7nDwduo8D9FrzcjnTMGmLAThBYw2reilKv3vod034iTfBoL-vno_I7Wa-Iig5uTji7leaoDpfWyDAT7kFXpa6LVGdtZ8KdcVfSY-GF58JpKKQtf-sKB4sqnN1HAeCgYKP3EO5sf0zOttA7noZ_i6ITrmFbx5Mndf8Ktw-gb-LM-Ux11TEApByn4FcpL5m3ycvxxyaWsnLrGtraNK2S5N7Sby2imSB0iT9MFQRCL-4ddyD1YUDbpKLQDTlaSQuTPCX09AdMeLpx0wK6TAiTUUrOf93ljYU724Flb4g
*/
//die();
$id = $claims->sub;
echo "<h1>${id}</h1>";
$email = $claims->email;
if ($id !='' && $email != '') {
$user = array(
'id' => $id,
'name' => '',
'email' => $email,
'apple' => 1
);
list($proceed, $data) = $this->checkUserExists($user, $data);
if ($proceed) {
$this->provisionAccount($user, $data);
} else {
// Cannot proceed - duplicate email?
$this->session->set_flashdata('login_message','Cannot proceed - duplicate email');
redirect('login');
}
} else {
// Invalid or missing id and/or email - login failed?
$this->session->set_flashdata('login_message','Invalid or missing id and/or email - login failed!');
redirect('login');
}
} else {
// Invalid or missing code - login failed?
$this->session->set_flashdata('login_message','Invalid or missing code - login failed!');
redirect('login');
}
}
private function provisionAccount($user, $data)
{
$name = (string) $user["name"];
if (trim($name) == "") {
$name = strtok($user["email"], "@");
}
if (array_key_exists('google',$user)) {
$data['google_id'] = $user["id"];
$data['action'] = WRENCHBOARD_GOOGLE_LOGIN;
} else {
$data['apple_id'] = $user["id"];
$data['action'] = WRENCHBOARD_APPLE_LOGIN;
}
$data['firstname'] = strtok($name, " ");
$data['lastname'] = strtok(" ");
$data['email'] = $user["email"];
$data['sessionid'] = rand(10000, 99999) . "A" . rand(10000, 99999);
$this->load->model('backend_model');
$out = array();
$res = $this->backend_model->wrenchboard_api($data, $out);
if ($res == PHP_LOGIN_OK) {
$this->load->model('account_model');
$ret = $this->account_model->username_data($out);
if ($res !== false) {
$data["login_message"] = "Welcome...";
// yes person has an account
$_SESSION['session_id'] = $out["session"];
$_SESSION['username'] = $ret->username;
$_SESSION['name'] = $ret->username;
$_SESSION['firstname'] = $ret->firstname;
$_SESSION['lastname'] = $ret->lastname;
$_SESSION['email'] = $ret->email;
$_SESSION['member_id'] = $ret->id;
$_SESSION['log_count'] = 0;
$_SESSION['mesaage_count'] = 0;
$this->findOffers($_SESSION['email']);
$_SESSION['message_snapshot'] = $this->myMessagesSnapshot();
$_SESSION['profile_picture'] = "../smedia/DEFAULTS/default-profile.png";
$this->logUser('Account login');
$this->refreshAccountDetail($_SESSION['member_id']);
$this->getSessionArray();
$this->excudedEmails();
redirect('dash');
} else {
// Cannot proceed - account model error?
$this->session->set_flashdata('login_message','Cannot proceed - account error: '.$ret);
redirect('login');
}
} else {
// Cannot proceed - backend error?
$msg = (is_array($out) && array_key_exists('status',$out) && $out['status']!='')
? $out ['status'] : json_encode($out);
$this->session->set_flashdata('login_message','Cannot proceed - error: '.$msg);
redirect('login');
}
}
//Processes social login
function authh($provider = NULL)
{
// Load Hybridauth's helper
$this->load->helper('hybridauth');
$service = NULL;
try
{
//Instantiate Hybridauth's classes
$hybrid = new Hybridauth(get_hybridauth_config());
//Check if given provider is enabled
if ((isset($provider)) && in_array($provider, $hybrid->getProviders()))
{
$this->session->set_userdata('provider', $provider);
}
//Update variable with the valid provider
$provider = $this->session->userdata('provider');
if ($provider)
{
$service = $hybrid->authenticate($provider);
var_dump($service);
exit();
if ($service->isConnected())
{
//Get user profile
$profile = $service->getUserProfile();
//Get user contacts
$contacts = $service->getUserContacts();
/*
Disconnect the service else HA would reuse stored session data
rather making a fresh request in case the user has denied permissions
in the previous authorization request
*/
$service->disconnect();
$this->session->unset_userdata('provider');
//Display the profile data
echo 'Name: ' . $profile->displayName;
print_r($profile);
exit();
}
else
{
$this->session->set_flashdata('showmsg', array('msg' => 'Sorry! We couldn\'t authenticate your identity.'));
}
}
}
catch(Exception $e)
{
if (isset($service) && $service->isConnected())
$service->disconnect();
$error = 'Sorry! We couldn\'t authenticate you.';
$this->session->set_flashdata('showmsg', array('msg' => $error));
$error .= '\nError Code: ' . $e->getCode();
$error .= '\nError Message: ' . $e->getMessage();
log_message('error', $error);
}
//redirect();
}
}
Reference in New Issue View Git Blame Copy Permalink