Implemented Sign in with a Github account

App/Config/general.ini-dist

@@ -1,6 +1,7 @@
 [development]
 
 auth.salt = "jDbU&er*az"
+auth.iv = "12345678"
 
 email.fromEmail = "cfp@ppi.io"
 email.fromName = "CFP Mailer"

App/Config/social.php

@@ -0,0 +1,18 @@
+<?php
+
+$social = array(
+
+	"base_url" => "http://cfpmanager.com/user/socialendpoint",
+
+	"providers" => array (
+		// openid providers
+		"Github" => array (
+			"enabled" => true,
+			"keys"    => array ( "id" => "7c893bfa88514844f454", "secret" => "477c087264b36b95903eca238192820b9bd55d4f" ),
+			'scope'   => ''
+		)
+	),
+	// if you want to enable logging, set 'debug_mode' to true  then provide a writable file by the web server on "debug_file"
+	"debug_mode" => false,
+	"debug_file" => '',
+);

App/Controller/Application.php

@@ -66,5 +66,46 @@ protected function getUserStorage() {
 	protected function getContentStorage() {
 		return new \App\Data\Content();
 	}
+
+	/**
+	 * Encrypts a text.
+	 *
+	 * @param $text The plain text
+	 * @return string The encrypted text.
+	 * @author Alfredo Juarez <alfrekjv@ppi.io>
+	 */
+	public function encrypt($text) {
+
+		$salt       = $this->getConfig()->auth->salt;
+		$iv         = $this->getConfig()->auth->iv;
+
+		$cipher     = mcrypt_module_open(MCRYPT_BLOWFISH,'','cbc','');
+		mcrypt_generic_init($cipher, $salt, $iv);
+		$encrypted  = mcrypt_generic($cipher, $text);
+		mcrypt_generic_deinit($cipher);
+
+		return $encrypted;
+	}
+
+	/**
+	 * Decrypts a Text.
+	 *
+	 * @param $text The Encrypted text
+	 * @return string Decrypted text
+	 * @author Alfredo Juarez <alfrekjv@ppi.io>
+	 */
+	public function decrypt($text) {
+
+		$salt       = $this->getConfig()->auth->salt;
+		$iv         = $this->getConfig()->auth->iv;
+
+		$cipher     = mcrypt_module_open(MCRYPT_BLOWFISH,'','cbc','');
+
+		mcrypt_generic_init($cipher, $salt, $iv);
+		$decrypted = mdecrypt_generic($cipher, $text);
+		mcrypt_generic_deinit($cipher);
+
+		return $decrypted;
+	}
 
 }

App/Controller/User.php

@@ -6,14 +6,14 @@ function preDispatch() {
 		$this->addCSS('user/talk', 'user/account');
 		$this->addJS('libs/jquery-validationEngine-en', 'libs/jquery-validationEngine', 'app/user/general');
 	}
-	
+
 	function index() {
-		
+
 	}
-	
+
 	/**
 	 * This is the registration process
-	 * 
+	 *
 	 * @return void
 	 */
 	function signup() {
@@ -22,18 +22,18 @@ function signup() {
 		if(!$this->is('post')) {
 			return $this->render('user/signup', compact('errors'));
 		}
-		
+
 		$post = $this->post();
 		$requiredKeys = array('userName', 'email', 'firstName', 'lastName', 'password');
-		
+
 		foreach($requiredKeys as $field) {
 			if(!isset($post[$field]) || empty($post[$field])) {
 				$errors[$field] = 'Field is required';
 			}
 		}
-		
+
 		if(empty($errors)) {
-		
+
 			$user = array(
 				'username'  => $post['userName'],
 				'email'     => $post['email'],
@@ -42,29 +42,29 @@ function signup() {
 				'password'  => $post['password'],
 				'salt'      => base64_encode(openssl_random_pseudo_bytes(16))
 			);
-			
+
 			$userStorage = $this->getUserStorage();
 			$newUserID = $userStorage->create($user, $this->getConfig()->auth->salt);
 			$this->redirect('user/login');
 		}
-		
+
 		$this->render('user/signup', compact('errors'));
 	}
-	
+
 	function login() {
-		
+
 		// Check if we are already logged in
 		if($this->isLoggedIn()) {
 			$this->redirect('account');
 		}
-		
+
 		$errors = array();
 		if(!$this->is('post')) {
 			return $this->render('user/login', compact('errors'));
 		}
-		
+
 		$post = $this->post();
-		
+
 		$userStorage = $this->getUserStorage();
 		if($userStorage->checkAuth($post['email'], $post['password'], $this->getConfig()->auth->salt)) {
 			$this->setAuthData(new \App\Entity\AuthUser($userStorage->findByEmail($post['email'])));
@@ -74,20 +74,20 @@ function login() {
 		}
 		$this->render('user/login', compact('errors'));
 	}
-	
+
 	function logout() {
 		$this->getSession()->clearAuthData();
 		$this->redirect('');
 	}
-	
+
 	function forgotpw() {
 		$this->render('user/forgotpw');
 	}
-	
+
 	function showaccount() {
 
 		$this->loginCheck();
-		
+
 		$viewingOwnProfile = true;
 		$userAccount = $this->getUserStorage()->getByEmail($this->getUser()->getEmail());
 
@@ -96,16 +96,16 @@ function showaccount() {
 			$this->setFlash('Permission Denied');
 			$this->redirect('');
 		}
-		
+
 		$subPage = 'showaccount';
 		$this->render('user/account', compact('userAccount', 'subPage', 'viewingOwnProfile'));
 	}
-	
+
 	function editaccount() {
-		
+
 		$this->loginCheck();
 		if($this->is('post')) {
-			
+
 			$post = $this->post();
 			$requiredKeys = array('userName', 'email', 'firstName', 'lastName');
 			$errors = array();
@@ -115,7 +115,7 @@ function editaccount() {
 				}
 			}
 			if(empty($errors)) {
-				
+
 				$this->getUserStorage()->update(array(
 
 					'firstName'      => $post['firstName'],
@@ -126,38 +126,38 @@ function editaccount() {
 					'website'        => $post['website'],
 					'job_title'      => $post['jobTitle'],
 					'company_name'   => $post['companyName'],
-					'bio'            => $post['bio']					
+					'bio'            => $post['bio']
 				), array('id' => $this->getUser()->getID()));
-				
+
 				$this->setFlash('Account Updated');
 				$this->redirect('account');
 			}
 		}
-		
+
 		$userAccount = new \App\Entity\User($this->getUserStorage()->findByEmail($this->getUser()->getEmail()));
 		$subPage = 'editaccount';
 		$viewingOwnProfile = true;
 		$this->render('user/account', compact('userAccount', 'subPage', 'errors', 'viewingOwnProfile'));
 	}
-	
+
 	function editpassword() {
-		
+
 		$this->loginCheck();
-		
+
 		$errors = array();
 		$post = $this->post();
 		if($this->is('post') && isset($post['currentPassword'], $post['password'])) {
-			
+
 			$userStorage = $this->getUserStorage();
 			$email       = $this->getUser()->getEmail();
 			$configSalt  = $this->getConfig()->auth->salt;
-			
+
 			// If the existing password is correct.
 			if($userStorage->checkAuth($email, $post['currentPassword'], $configSalt)) {
 				$userStorage->update(array(
 					'password' => $userStorage->saltPass($this->getUser()->getSalt(), $configSalt, $post['password'])
 				), array('id' => $this->getUser()->getID()));
-				
+
 				$this->setFlash('Password Updated');
 				$this->redirect('account');
 			} else {
@@ -169,5 +169,99 @@ function editpassword() {
 		$viewingOwnProfile = true;
 		$this->render('user/account', compact('userAccount', 'subPage', 'errors', 'viewingOwnProfile'));
 	}
-
+
+	/**
+	 * SOCIAL SIGN IN USING HYBRIDAUTH
+	 */
+
+	function socialsignIn() {
+
+		$provider   = $this->get('socialsignin');
+		$baseUrl    = $this->getBaseUrl();
+		$ha         = $this->initHybridAuth();
+		$adapter    = $ha->authenticate($provider);
+
+		$this->redirect( "user/socialauth/provider/{$provider}/");
+	}
+
+	private function initHybridAuth() {
+
+		require_once APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Auth.php";
+		require_once CONFIGPATH . "/social.php";
+
+		return new \Hybrid_Auth($social);
+	}
+
+	function socialendpoint() {
+
+		require_once( APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Auth.php" );
+		require_once( APPFOLDER . "Vendor/hybridauth/hybridauth/Hybrid/Endpoint.php" );
+
+		\Hybrid_Endpoint::process();
+	}
+
+	function socialauth() {
+
+		$user       = new \App\Data\User();
+		$session    = $this->getSession();
+
+		try {
+
+			$provider       = $this->get('provider');
+			$ha             = $this->initHybridAuth();
+
+			$adapter        = $ha->getAdapter($provider);
+			$userProfile    = $adapter->getUserProfile();
+			$user_id        = null;
+
+
+			// fetch or create user
+			$account        = $user->fetchProviderId($userProfile->identifier);
+
+			if(empty($account)) {
+
+				// add user...
+				$values = array(
+					'email'             => $userProfile->email,
+					'display_name'      => $userProfile->displayName,
+					'username'          => $userProfile->displayName,
+					'firstName'         => $userProfile->firstName,
+					'lastName'          => $userProfile->lastName,
+					'photo_url'         => $userProfile->photoURL,
+					'provider_id'       => $userProfile->identifier,
+					'provider'          => $provider,
+					'enabled'           => 1,
+					'password'          => '',
+					'access_token'      => $this->encrypt($userProfile->access_token)
+				);
+
+				$user_id = $user->insert($values);
+			} else {
+				// user exists, verified enabled.
+				$user_id        = $user->getID("provider_id = {$userProfile->identifier}");
+			}
+
+			// set/update profile data.
+			$values = array(
+				'email'         => $userProfile->email,
+				'display_name'  => $userProfile->displayName,
+				'firstName'     => $userProfile->firstName,
+				'lastName'      => $userProfile->lastName,
+				'photo_url'     => $userProfile->photoURL,
+				'provider_id'   => $userProfile->identifier,
+				'provider'      => $provider,
+				'access_token'  => $this->encrypt($userProfile->access_token)
+			);
+
+			$user->update($values, array('id' => $user_id));
+
+			// aunthenticate user.
+			$userStorage = $this->getUserStorage();
+			$this->setAuthData(new \App\Entity\AuthUser($userStorage->findByEmail($userProfile->email)));
+			$this->redirect('account');
+
+		} catch( Exception $e ) {
+			echo $e->getMessage();
+		}
+	}
 }

App/Data/User.php

@@ -135,5 +135,30 @@ function exists($userID) {
 		$row = $this->find($userID);
 		return !empty($row);
 	}
+
+	function fetchProviderId( $identifier ) {
+
+		$row = $this->_conn->createQueryBuilder()
+			->select('provider_id')
+			->from($this->_meta['table'], 'u')
+			->andWhere('u.provider_id = :provider_id')
+			->setParameter(':provider_id', $identifier)
+			->execute()
+			->fetch($this->_meta['fetchmode']);
+
+		return $row ? $row['provider_id'] : false;
+	}
+
+	function getID( $where ) {
+
+		$row = $this->_conn->createQueryBuilder()
+			->select('id')
+			->from($this->_meta['table'],'u')
+			->andWhere($where)
+			->execute()
+			->fetch($this->_meta['fetchmode']);
+
+		return $row['id'];
+	}
 
 }