| 96 |
efrain |
1 |
<?php
|
| 1389 |
ariadna |
2 |
// Configuración de headers para respuesta JSON y CORS
|
| 96 |
efrain |
3 |
header('Content-Type: application/json');
|
|
|
4 |
header('Access-Control-Allow-Origin: *');
|
| 1389 |
ariadna |
5 |
|
|
|
6 |
// Definición de constantes para autenticación y encriptación
|
| 96 |
efrain |
7 |
define('LLWS_USERNAME', 'leaderdslinked-ws');
|
|
|
8 |
define('LLWS_PASSWORD', 'KFB3lFsLp&*CpB0uc2VNc!zVn@w!EZqZ*jr$J0AlE@sYREUcyP');
|
| 1389 |
ariadna |
9 |
define('LLWS_RSA_N', 34589927); // Clave pública RSA N
|
|
|
10 |
define('LLWS_RSA_D', 4042211); // Clave privada RSA D
|
|
|
11 |
define('LLWS_RSA_E', 7331); // Clave pública RSA E
|
|
|
12 |
define('LLWS_CATEGORY_ID', 6); // ID de categoría para cursos
|
| 96 |
efrain |
13 |
|
| 1389 |
ariadna |
14 |
// Inclusión de archivos necesarios de Moodle
|
| 96 |
efrain |
15 |
require_once(__DIR__ . '/../config.php');
|
|
|
16 |
global $DB, $CFG;
|
|
|
17 |
|
| 1406 |
ariadna |
18 |
// Ensure full Moodle environment is set up, including class autoloaders
|
|
|
19 |
if (isset($CFG->libdir) && file_exists($CFG->libdir . '/setup.php')) {
|
|
|
20 |
require_once($CFG->libdir . '/setup.php');
|
|
|
21 |
}
|
|
|
22 |
|
| 1389 |
ariadna |
23 |
// Inclusión de librerías de Moodle
|
| 1383 |
ariadna |
24 |
require_once($CFG->libdir . '/moodlelib.php');
|
| 96 |
efrain |
25 |
require_once($CFG->libdir . '/externallib.php');
|
| 1383 |
ariadna |
26 |
require_once($CFG->libdir . '/authlib.php');
|
|
|
27 |
require_once($CFG->libdir . '/gdlib.php');
|
|
|
28 |
require_once($CFG->dirroot . '/user/lib.php');
|
| 1389 |
ariadna |
29 |
require_once(__DIR__ . '/rsa.php');
|
|
|
30 |
require_once(__DIR__ . '/lib.php');
|
| 96 |
efrain |
31 |
|
| 1401 |
ariadna |
32 |
// Obtención y sanitización de parámetros de la petición
|
|
|
33 |
$username = trim(isset($_REQUEST['username']) ? filter_var($_REQUEST['username'], FILTER_SANITIZE_STRING) : '');
|
|
|
34 |
$password = trim(isset($_REQUEST['password']) ? filter_var($_REQUEST['password'], FILTER_SANITIZE_STRING) : '');
|
|
|
35 |
$timestamp = trim(isset($_REQUEST['timestamp']) ? filter_var($_REQUEST['timestamp'], FILTER_SANITIZE_STRING) : '');
|
|
|
36 |
$rand = intval(isset($_REQUEST['rand']) ? filter_var($_REQUEST['rand'], FILTER_SANITIZE_NUMBER_INT) : 0, 10);
|
|
|
37 |
$data = trim(isset($_REQUEST['data']) ? filter_var($_REQUEST['data'], FILTER_SANITIZE_STRING) : '');
|
|
|
38 |
|
|
|
39 |
/*
|
|
|
40 |
$data = '';
|
|
|
41 |
$input = fopen("php://input", "r");
|
|
|
42 |
|
|
|
43 |
|
|
|
44 |
while ($line = fread($input, 1024))
|
| 1388 |
ariadna |
45 |
{
|
| 1401 |
ariadna |
46 |
$data .= $line;
|
|
|
47 |
}
|
|
|
48 |
fclose($input);*/
|
| 1388 |
ariadna |
49 |
|
| 1401 |
ariadna |
50 |
/*
|
|
|
51 |
echo 'username = '. $username . PHP_EOL;
|
|
|
52 |
echo 'password = '. $password . PHP_EOL;
|
|
|
53 |
echo 'rand = '. $rand . PHP_EOL;
|
|
|
54 |
echo 'timestamp = '. $timestamp . PHP_EOL;
|
|
|
55 |
echo 'data = '. $data . PHP_EOL;
|
| 1388 |
ariadna |
56 |
|
|
|
57 |
|
| 1401 |
ariadna |
58 |
/*
|
|
|
59 |
list($usec, $sec) = explode(' ', microtime());
|
|
|
60 |
$seed = intval($sec + ((float) $usec * 100000));
|
| 1388 |
ariadna |
61 |
|
| 1401 |
ariadna |
62 |
$username = LLWS_USERNAME;
|
|
|
63 |
$timestamp = date('Y-m-d\TH:i:s');
|
|
|
64 |
mt_srand($seed, MT_RAND_MT19937);
|
|
|
65 |
$rand = mt_rand();
|
| 1388 |
ariadna |
66 |
|
| 1401 |
ariadna |
67 |
$password = LLWS_PASSWORD;
|
|
|
68 |
$password = password_hash($username.'-'. $password. '-' . $rand. '-' . $timestamp, PASSWORD_DEFAULT);
|
| 1388 |
ariadna |
69 |
|
| 1401 |
ariadna |
70 |
$data = $rsa->encrypt(json_encode(['email' => 'usuario4@test.com', 'first_name' => 'usuario4', 'last_name' => 'test']));
|
|
|
71 |
*/
|
| 1388 |
ariadna |
72 |
|
| 1401 |
ariadna |
73 |
// Validación de parámetros de seguridad
|
|
|
74 |
if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {
|
|
|
75 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);
|
|
|
76 |
exit;
|
| 96 |
efrain |
77 |
}
|
|
|
78 |
|
| 1401 |
ariadna |
79 |
// Validación del nombre de usuario
|
|
|
80 |
if ($username != LLWS_USERNAME) {
|
|
|
81 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);
|
|
|
82 |
exit;
|
|
|
83 |
}
|
| 96 |
efrain |
84 |
|
| 1401 |
ariadna |
85 |
// Validación del formato del timestamp
|
|
|
86 |
$dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);
|
|
|
87 |
if (!$dt) {
|
|
|
88 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);
|
|
|
89 |
exit;
|
|
|
90 |
}
|
| 96 |
efrain |
91 |
|
| 1401 |
ariadna |
92 |
// Validación del rango de tiempo del timestamp (±5 minutos)
|
|
|
93 |
$t0 = $dt->getTimestamp();
|
|
|
94 |
$t1 = strtotime('-5 minutes');
|
|
|
95 |
$t2 = strtotime('+5 minutes');
|
| 96 |
efrain |
96 |
|
| 1401 |
ariadna |
97 |
if ($t0 < $t1 || $t0 > $t2) {
|
|
|
98 |
//echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;
|
|
|
99 |
//exit;
|
|
|
100 |
}
|
| 96 |
efrain |
101 |
|
| 1401 |
ariadna |
102 |
// Validación de la contraseña
|
|
|
103 |
if (!password_verify($username . '-' . LLWS_PASSWORD . '-' . $rand . '-' . $timestamp, $password)) {
|
|
|
104 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);
|
|
|
105 |
exit;
|
|
|
106 |
}
|
| 96 |
efrain |
107 |
|
| 1401 |
ariadna |
108 |
// Validación de datos
|
|
|
109 |
if (empty($data)) {
|
|
|
110 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);
|
|
|
111 |
exit;
|
|
|
112 |
}
|
| 96 |
efrain |
113 |
|
| 1401 |
ariadna |
114 |
// Decodificación de datos en base64
|
|
|
115 |
$data = base64_decode($data);
|
|
|
116 |
if (empty($data)) {
|
|
|
117 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);
|
|
|
118 |
exit;
|
| 96 |
efrain |
119 |
}
|
|
|
120 |
|
| 1401 |
ariadna |
121 |
// Desencriptación de datos usando RSA
|
|
|
122 |
try {
|
|
|
123 |
$rsa = new rsa();
|
|
|
124 |
$rsa->setKeys(LLWS_RSA_N, LLWS_RSA_D, LLWS_RSA_E);
|
|
|
125 |
$data = $rsa->decrypt($data);
|
|
|
126 |
} catch (Throwable $e) {
|
|
|
127 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);
|
|
|
128 |
exit;
|
|
|
129 |
}
|
| 1383 |
ariadna |
130 |
|
| 1401 |
ariadna |
131 |
// Conversión de datos a array
|
|
|
132 |
$data = (array) json_decode($data);
|
|
|
133 |
if (empty($data)) {
|
|
|
134 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);
|
|
|
135 |
exit;
|
|
|
136 |
}
|
| 96 |
efrain |
137 |
|
| 1401 |
ariadna |
138 |
// Extracción y validación de datos del usuario
|
|
|
139 |
$email = trim(isset($data['email']) ? filter_var($data['email'], FILTER_SANITIZE_EMAIL) : '');
|
|
|
140 |
$first_name = trim(isset($data['first_name']) ? filter_var($data['first_name'], FILTER_SANITIZE_STRING) : '');
|
|
|
141 |
$last_name = trim(isset($data['last_name']) ? filter_var($data['last_name'], FILTER_SANITIZE_STRING) : '');
|
| 96 |
efrain |
142 |
|
| 1401 |
ariadna |
143 |
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || empty($first_name) || empty($last_name)) {
|
|
|
144 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);
|
|
|
145 |
exit;
|
|
|
146 |
}
|
| 96 |
efrain |
147 |
|
| 1401 |
ariadna |
148 |
// Búsqueda o creación de usuario
|
|
|
149 |
$user = ll_get_user_by_email($email);
|
|
|
150 |
if ($user) {
|
|
|
151 |
$new_user = false;
|
|
|
152 |
} else {
|
|
|
153 |
$new_user = true;
|
|
|
154 |
$username = ll_get_username_available($first_name, $last_name);
|
|
|
155 |
$user = ll_create_user($username, $email, $first_name, $last_name);
|
|
|
156 |
|
|
|
157 |
// Procesamiento de imagen de perfil si se proporciona
|
|
|
158 |
if ($user) {
|
|
|
159 |
$filename = trim(isset($data['image_filename']) ? filter_var($data['image_filename'], FILTER_SANITIZE_EMAIL) : '');
|
|
|
160 |
$content = trim(isset($data['image_content']) ? filter_var($data['image_content'], FILTER_SANITIZE_STRING) : '');
|
|
|
161 |
|
|
|
162 |
if ($filename && $content) {
|
|
|
163 |
$tempfile = __DIR__ . DIRECTORY_SEPARATOR . $filename;
|
|
|
164 |
try {
|
|
|
165 |
file_put_contents($filename, base64_decode($content));
|
|
|
166 |
if (file_exists($tempfile)) {
|
|
|
167 |
$usericonid = process_new_icon(context_user::instance($user->id, MUST_EXIST), 'user', 'icon', 0, $tempfile);
|
|
|
168 |
if ($usericonid) {
|
|
|
169 |
$DB->set_field('user', 'picture', $usericonid, array('id' => $user->id));
|
|
|
170 |
}
|
| 96 |
efrain |
171 |
}
|
| 1401 |
ariadna |
172 |
} catch (\Throwable $e) {
|
|
|
173 |
} finally {
|
|
|
174 |
if (file_exists($tempfile)) {
|
|
|
175 |
unlink($tempfile);
|
|
|
176 |
}
|
| 96 |
efrain |
177 |
}
|
|
|
178 |
}
|
|
|
179 |
}
|
| 1401 |
ariadna |
180 |
}
|
| 96 |
efrain |
181 |
|
| 1401 |
ariadna |
182 |
// Verificación de creación de usuario
|
|
|
183 |
if (!$user) {
|
|
|
184 |
echo json_encode(['success' => false, 'data' => 'ERROR_MOODLE1']);
|
|
|
185 |
exit;
|
| 1383 |
ariadna |
186 |
}
|
| 96 |
efrain |
187 |
|
| 1401 |
ariadna |
188 |
// Inscripción en cursos para usuarios nuevos
|
|
|
189 |
if ($new_user) {
|
| 96 |
efrain |
190 |
$role = $DB->get_record('role', array('archetype' => 'student'));
|
|
|
191 |
$enrolmethod = 'manual';
|
| 1383 |
ariadna |
192 |
|
| 96 |
efrain |
193 |
$courses = get_courses();
|
| 1383 |
ariadna |
194 |
foreach ($courses as $course) {
|
|
|
195 |
if ($course->categoy_id == LLWS_CATEGORY_ID) {
|
| 96 |
efrain |
196 |
$context = context_course::instance($course->id);
|
|
|
197 |
if (!is_enrolled($context, $user)) {
|
|
|
198 |
$enrol = enrol_get_plugin($enrolmethod);
|
|
|
199 |
if ($enrol === null) {
|
| 1401 |
ariadna |
200 |
return false;
|
| 96 |
efrain |
201 |
}
|
|
|
202 |
$instances = enrol_get_instances($course->id, true);
|
|
|
203 |
$manualinstance = null;
|
|
|
204 |
foreach ($instances as $instance) {
|
|
|
205 |
if ($instance->name == $enrolmethod) {
|
|
|
206 |
$manualinstance = $instance;
|
|
|
207 |
break;
|
|
|
208 |
}
|
|
|
209 |
}
|
|
|
210 |
if ($manualinstance !== null) {
|
|
|
211 |
$instanceid = $enrol->add_default_instance($course);
|
|
|
212 |
if ($instanceid === null) {
|
|
|
213 |
$instanceid = $enrol->add_instance($course);
|
|
|
214 |
}
|
|
|
215 |
$instance = $DB->get_record('enrol', array('id' => $instanceid));
|
| 1383 |
ariadna |
216 |
if ($instance) {
|
| 96 |
efrain |
217 |
$enrol->enrol_user($instance, $user->id, $role->id);
|
|
|
218 |
}
|
|
|
219 |
}
|
|
|
220 |
}
|
|
|
221 |
}
|
|
|
222 |
}
|
|
|
223 |
}
|
|
|
224 |
|
| 1401 |
ariadna |
225 |
// Obtención de datos completos del usuario y login
|
|
|
226 |
$user = get_complete_user_data('id', $user->id);
|
|
|
227 |
if ($user) {
|
|
|
228 |
// Si hay una sesión existente, cerrarla primero
|
| 1392 |
ariadna |
229 |
if (isloggedin()) {
|
| 1406 |
ariadna |
230 |
require_logout();
|
| 1392 |
ariadna |
231 |
}
|
|
|
232 |
|
| 1401 |
ariadna |
233 |
// Verificar si la cuenta está confirmada
|
| 1392 |
ariadna |
234 |
if (empty($user->confirmed)) {
|
| 1401 |
ariadna |
235 |
echo json_encode(['success' => false, 'data' => 'ACCOUNT_NOT_CONFIRMED']);
|
|
|
236 |
exit;
|
| 1392 |
ariadna |
237 |
}
|
|
|
238 |
|
| 1401 |
ariadna |
239 |
// Verificar si la contraseña ha expirado (solo para autenticación LDAP)
|
| 1392 |
ariadna |
240 |
$userauth = get_auth_plugin($user->auth);
|
|
|
241 |
if (!isguestuser() && !empty($userauth->config->expiration) && $userauth->config->expiration == 1) {
|
|
|
242 |
$days2expire = $userauth->password_expire($user->username);
|
|
|
243 |
if (intval($days2expire) < 0) {
|
| 1401 |
ariadna |
244 |
echo json_encode(['success' => false, 'data' => 'PASSWORD_EXPIRED']);
|
|
|
245 |
exit;
|
| 1391 |
ariadna |
246 |
}
|
| 1392 |
ariadna |
247 |
}
|
| 1391 |
ariadna |
248 |
|
| 1401 |
ariadna |
249 |
// Completar el proceso de inicio de sesión
|
| 1392 |
ariadna |
250 |
complete_user_login($user);
|
| 1401 |
ariadna |
251 |
|
| 1405 |
ariadna |
252 |
|
| 1401 |
ariadna |
253 |
// Aplicar límite de inicio de sesión concurrente
|
| 1392 |
ariadna |
254 |
\core\session\manager::apply_concurrent_login_limit($user->id, session_id());
|
| 1391 |
ariadna |
255 |
|
| 1401 |
ariadna |
256 |
// Configurar cookie de nombre de usuario
|
| 1392 |
ariadna |
257 |
if (!empty($CFG->nolastloggedin)) {
|
|
|
258 |
// No almacenar último usuario conectado en cookie
|
|
|
259 |
} else if (empty($CFG->rememberusername)) {
|
| 1401 |
ariadna |
260 |
// Sin cookies permanentes, eliminar la anterior si existe
|
| 1392 |
ariadna |
261 |
set_moodle_cookie('');
|
|
|
262 |
} else {
|
|
|
263 |
set_moodle_cookie($user->username);
|
|
|
264 |
}
|
| 1391 |
ariadna |
265 |
|
| 1401 |
ariadna |
266 |
// Limpiar mensajes de error antes de la última redirección
|
| 1392 |
ariadna |
267 |
unset($SESSION->loginerrormsg);
|
|
|
268 |
unset($SESSION->logininfomsg);
|
| 1401 |
ariadna |
269 |
|
|
|
270 |
// Descartar loginredirect si estamos redirigiendo
|
| 1392 |
ariadna |
271 |
unset($SESSION->loginredirect);
|
| 1391 |
ariadna |
272 |
|
| 1401 |
ariadna |
273 |
// Configurar la URL de destino
|
| 1398 |
ariadna |
274 |
$urltogo = $CFG->wwwroot . '/my';
|
|
|
275 |
$SESSION->wantsurl = $urltogo;
|
| 1391 |
ariadna |
276 |
|
| 1401 |
ariadna |
277 |
// Verificar que la sesión se haya iniciado correctamente
|
| 1398 |
ariadna |
278 |
if (isloggedin() && !isguestuser()) {
|
| 1401 |
ariadna |
279 |
// Enviar respuesta exitosa con datos del usuario
|
|
|
280 |
echo json_encode([
|
| 1398 |
ariadna |
281 |
'success' => true,
|
|
|
282 |
'data' => [
|
|
|
283 |
'userid' => $user->id,
|
|
|
284 |
'username' => $user->username,
|
|
|
285 |
'fullname' => fullname($user),
|
|
|
286 |
'email' => $user->email,
|
|
|
287 |
'redirect' => $urltogo
|
|
|
288 |
]
|
| 1401 |
ariadna |
289 |
]);
|
|
|
290 |
|
|
|
291 |
// Redirigir al usuario
|
|
|
292 |
redirect($urltogo);
|
|
|
293 |
} else {
|
|
|
294 |
echo json_encode(['success' => false, 'data' => 'LOGIN_FAILED']);
|
| 1399 |
ariadna |
295 |
}
|
| 1401 |
ariadna |
296 |
} else {
|
| 1391 |
ariadna |
297 |
echo json_encode(['success' => false, 'data' => 'USER_NOT_FOUND']);
|
| 96 |
efrain |
298 |
}
|
| 1388 |
ariadna |
299 |
exit;
|