diff --git a/App/Config/general.ini-dist b/App/Config/general.ini-dist index a2b4a62..b7a9e30 100755 --- a/App/Config/general.ini-dist +++ b/App/Config/general.ini-dist @@ -1,6 +1,7 @@ [development] auth.salt = "jDbU&er*az" +auth.iv = "12345678" email.fromEmail = "cfp@ppi.io" email.fromName = "CFP Mailer" diff --git a/App/Config/social.php b/App/Config/social.php new file mode 100644 index 0000000..781b330 --- /dev/null +++ b/App/Config/social.php @@ -0,0 +1,18 @@ + "http://cfpmanager.com/user/socialendpoint", + + "providers" => array ( + // openid providers + "Github" => array ( + "enabled" => true, + "keys" => array ( "id" => "7c893bfa88514844f454", "secret" => "477c087264b36b95903eca238192820b9bd55d4f" ), + 'scope' => '' + ) + ), + // if you want to enable logging, set 'debug_mode' to true then provide a writable file by the web server on "debug_file" + "debug_mode" => false, + "debug_file" => '', +); \ No newline at end of file diff --git a/App/Controller/Application.php b/App/Controller/Application.php index 889a159..f1df748 100755 --- a/App/Controller/Application.php +++ b/App/Controller/Application.php @@ -66,5 +66,46 @@ protected function getUserStorage() { protected function getContentStorage() { return new \App\Data\Content(); } + + /** + * Encrypts a text. + * + * @param $text The plain text + * @return string The encrypted text. + * @author Alfredo Juarez + */ + public function encrypt($text) { + + $salt = $this->getConfig()->auth->salt; + $iv = $this->getConfig()->auth->iv; + + $cipher = mcrypt_module_open(MCRYPT_BLOWFISH,'','cbc',''); + mcrypt_generic_init($cipher, $salt, $iv); + $encrypted = mcrypt_generic($cipher, $text); + mcrypt_generic_deinit($cipher); + + return $encrypted; + } + + /** + * Decrypts a Text. + * + * @param $text The Encrypted text + * @return string Decrypted text + * @author Alfredo Juarez + */ + public function decrypt($text) { + + $salt = $this->getConfig()->auth->salt; + $iv = $this->getConfig()->auth->iv; + + $cipher = mcrypt_module_open(MCRYPT_BLOWFISH,'','cbc',''); + + mcrypt_generic_init($cipher, $salt, $iv); + $decrypted = mdecrypt_generic($cipher, $text); + mcrypt_generic_deinit($cipher); + + return $decrypted; + } } diff --git a/App/Controller/User.php b/App/Controller/User.php index 9f1c501..a63af39 100644 --- a/App/Controller/User.php +++ b/App/Controller/User.php @@ -6,14 +6,14 @@ function preDispatch() { $this->addCSS('user/talk', 'user/account'); $this->addJS('libs/jquery-validationEngine-en', 'libs/jquery-validationEngine', 'app/user/general'); } - + function index() { - + } - + /** * This is the registration process - * + * * @return void */ function signup() { @@ -22,18 +22,18 @@ function signup() { if(!$this->is('post')) { return $this->render('user/signup', compact('errors')); } - + $post = $this->post(); $requiredKeys = array('userName', 'email', 'firstName', 'lastName', 'password'); - + foreach($requiredKeys as $field) { if(!isset($post[$field]) || empty($post[$field])) { $errors[$field] = 'Field is required'; } } - + if(empty($errors)) { - + $user = array( 'username' => $post['userName'], 'email' => $post['email'], @@ -42,29 +42,29 @@ function signup() { 'password' => $post['password'], 'salt' => base64_encode(openssl_random_pseudo_bytes(16)) ); - + $userStorage = $this->getUserStorage(); $newUserID = $userStorage->create($user, $this->getConfig()->auth->salt); $this->redirect('user/login'); } - + $this->render('user/signup', compact('errors')); } - + function login() { - + // Check if we are already logged in if($this->isLoggedIn()) { $this->redirect('account'); } - + $errors = array(); if(!$this->is('post')) { return $this->render('user/login', compact('errors')); } - + $post = $this->post(); - + $userStorage = $this->getUserStorage(); if($userStorage->checkAuth($post['email'], $post['password'], $this->getConfig()->auth->salt)) { $this->setAuthData(new \App\Entity\AuthUser($userStorage->findByEmail($post['email']))); @@ -74,20 +74,20 @@ function login() { } $this->render('user/login', compact('errors')); } - + function logout() { $this->getSession()->clearAuthData(); $this->redirect(''); } - + function forgotpw() { $this->render('user/forgotpw'); } - + function showaccount() { $this->loginCheck(); - + $viewingOwnProfile = true; $userAccount = $this->getUserStorage()->getByEmail($this->getUser()->getEmail()); @@ -96,16 +96,16 @@ function showaccount() { $this->setFlash('Permission Denied'); $this->redirect(''); } - + $subPage = 'showaccount'; $this->render('user/account', compact('userAccount', 'subPage', 'viewingOwnProfile')); } - + function editaccount() { - + $this->loginCheck(); if($this->is('post')) { - + $post = $this->post(); $requiredKeys = array('userName', 'email', 'firstName', 'lastName'); $errors = array(); @@ -115,7 +115,7 @@ function editaccount() { } } if(empty($errors)) { - + $this->getUserStorage()->update(array( 'firstName' => $post['firstName'], @@ -126,38 +126,38 @@ function editaccount() { 'website' => $post['website'], 'job_title' => $post['jobTitle'], 'company_name' => $post['companyName'], - 'bio' => $post['bio'] + 'bio' => $post['bio'] ), array('id' => $this->getUser()->getID())); - + $this->setFlash('Account Updated'); $this->redirect('account'); } } - + $userAccount = new \App\Entity\User($this->getUserStorage()->findByEmail($this->getUser()->getEmail())); $subPage = 'editaccount'; $viewingOwnProfile = true; $this->render('user/account', compact('userAccount', 'subPage', 'errors', 'viewingOwnProfile')); } - + function editpassword() { - + $this->loginCheck(); - + $errors = array(); $post = $this->post(); if($this->is('post') && isset($post['currentPassword'], $post['password'])) { - + $userStorage = $this->getUserStorage(); $email = $this->getUser()->getEmail(); $configSalt = $this->getConfig()->auth->salt; - + // If the existing password is correct. if($userStorage->checkAuth($email, $post['currentPassword'], $configSalt)) { $userStorage->update(array( 'password' => $userStorage->saltPass($this->getUser()->getSalt(), $configSalt, $post['password']) ), array('id' => $this->getUser()->getID())); - + $this->setFlash('Password Updated'); $this->redirect('account'); } else { @@ -169,5 +169,99 @@ function editpassword() { $viewingOwnProfile = true; $this->render('user/account', compact('userAccount', 'subPage', 'errors', 'viewingOwnProfile')); } - + + /** + * SOCIAL SIGN IN USING HYBRIDAUTH + */ + + function socialsignIn() { + + $provider = $this->get('socialsignin'); + $baseUrl = $this->getBaseUrl(); + $ha = $this->initHybridAuth(); + $adapter = $ha->authenticate($provider); + + $this->redirect( "user/socialauth/provider/{$provider}/"); + } + + private function initHybridAuth() { + + require_once APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Auth.php"; + require_once CONFIGPATH . "/social.php"; + + return new \Hybrid_Auth($social); + } + + function socialendpoint() { + + require_once( APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Auth.php" ); + require_once( APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Endpoint.php" ); + + \Hybrid_Endpoint::process(); + } + + function socialauth() { + + $user = new \App\Data\User(); + $session = $this->getSession(); + + try { + + $provider = $this->get('provider'); + $ha = $this->initHybridAuth(); + + $adapter = $ha->getAdapter($provider); + $userProfile = $adapter->getUserProfile(); + $user_id = null; + + + // fetch or create user + $account = $user->fetchProviderId($userProfile->identifier); + + if(empty($account)) { + + // add user... + $values = array( + 'email' => $userProfile->email, + 'display_name' => $userProfile->displayName, + 'username' => $userProfile->displayName, + 'firstName' => $userProfile->firstName, + 'lastName' => $userProfile->lastName, + 'photo_url' => $userProfile->photoURL, + 'provider_id' => $userProfile->identifier, + 'provider' => $provider, + 'enabled' => 1, + 'password' => '', + 'access_token' => $this->encrypt($userProfile->access_token) + ); + + $user_id = $user->insert($values); + } else { + // user exists, verified enabled. + $user_id = $user->getID("provider_id = {$userProfile->identifier}"); + } + + // set/update profile data. + $values = array( + 'email' => $userProfile->email, + 'display_name' => $userProfile->displayName, + 'firstName' => $userProfile->firstName, + 'lastName' => $userProfile->lastName, + 'photo_url' => $userProfile->photoURL, + 'provider_id' => $userProfile->identifier, + 'provider' => $provider, + 'access_token' => $this->encrypt($userProfile->access_token) + ); + + $user->update($values, array('id' => $user_id)); + + // aunthenticate user. + $userStorage = $this->getUserStorage(); + $this->setAuthData(new \App\Entity\AuthUser($userStorage->findByEmail($userProfile->email))); + $this->redirect('account'); + + } catch( Exception $e ) { + echo $e->getMessage(); + } + } } diff --git a/App/Data/User.php b/App/Data/User.php index ec1da7c..700d31d 100644 --- a/App/Data/User.php +++ b/App/Data/User.php @@ -135,5 +135,30 @@ function exists($userID) { $row = $this->find($userID); return !empty($row); } + + function fetchProviderId( $identifier ) { + + $row = $this->_conn->createQueryBuilder() + ->select('provider_id') + ->from($this->_meta['table'], 'u') + ->andWhere('u.provider_id = :provider_id') + ->setParameter(':provider_id', $identifier) + ->execute() + ->fetch($this->_meta['fetchmode']); + + return $row ? $row['provider_id'] : false; + } + + function getID( $where ) { + + $row = $this->_conn->createQueryBuilder() + ->select('id') + ->from($this->_meta['table'],'u') + ->andWhere($where) + ->execute() + ->fetch($this->_meta['fetchmode']); + + return $row['id']; + } } \ No newline at end of file diff --git a/App/Vendor/hybridauth b/App/Vendor/hybridauth new file mode 160000 index 0000000..ca450f0 --- /dev/null +++ b/App/Vendor/hybridauth @@ -0,0 +1 @@ +Subproject commit ca450f0cc7dcfe03b43906f83e713c93c8bf972d diff --git a/sql/user.sql b/sql/user.sql index b78ef60..9b77012 100644 --- a/sql/user.sql +++ b/sql/user.sql @@ -1,4 +1,4 @@ -CREATE TABLE `user` ( +CREATE TABLE IF NOT EXISTS `user` ( `id` int(11) NOT NULL AUTO_INCREMENT, `firstName` varchar(255) DEFAULT NULL, `lastName` varchar(255) DEFAULT NULL, @@ -12,5 +12,10 @@ CREATE TABLE `user` ( `job_title` varchar(255) DEFAULT NULL, `bio` text, `country` varchar(255) DEFAULT NULL, + `provider` varchar(45) DEFAULT NULL, + `provider_id` varchar(45) DEFAULT NULL, + `display_name` varchar(200) DEFAULT NULL, + `photo_url` varchar(200) DEFAULT NULL, + `access_token` varchar(200) DEFAULT NULL, PRIMARY KEY (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;