WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Controller/AuthController.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2
		3	`declare(strict_types=1);`
		4
		5	`namespace LeadersLinked\Controller;`
		6
		7	`use Nullix\CryptoJsAes\CryptoJsAes;`
		8	`use GeoIp2\Database\Reader as GeoIp2Reader;`
		9
		10	`use Laminas\Authentication\AuthenticationService;`
		11	`use Laminas\Authentication\Result as AuthResult;`
		12	`use Laminas\Mvc\Controller\AbstractActionController;`
		13	`use Laminas\View\Model\JsonModel;`
		14
		15	`use LeadersLinked\Form\Auth\SigninForm;`
		16	`use LeadersLinked\Form\Auth\ResetPasswordForm;`
		17	`use LeadersLinked\Form\Auth\ForgotPasswordForm;`
		18	`use LeadersLinked\Form\Auth\SignupForm;`
		19
		20	`use LeadersLinked\Mapper\ConnectionMapper;`
		21	`use LeadersLinked\Mapper\EmailTemplateMapper;`
		22	`use LeadersLinked\Mapper\NetworkMapper;`
		23	`use LeadersLinked\Mapper\UserMapper;`
		24
		25	`use LeadersLinked\Model\User;`
		26	`use LeadersLinked\Model\UserType;`
		27	`use LeadersLinked\Library\QueueEmail;`
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Model\EmailTemplate;`
		30	`use LeadersLinked\Mapper\UserPasswordMapper;`
		31	`use LeadersLinked\Model\UserBrowser;`
		32	`use LeadersLinked\Mapper\UserBrowserMapper;`
		33	`use LeadersLinked\Mapper\UserIpMapper;`
		34	`use LeadersLinked\Model\UserIp;`
		35	`use LeadersLinked\Form\Auth\MoodleForm;`
		36	`use LeadersLinked\Library\Rsa;`
		37	`use LeadersLinked\Library\Image;`
		38
		39	`use LeadersLinked\Authentication\AuthAdapter;`
		40	`use LeadersLinked\Authentication\AuthEmailAdapter;`
		41
		42	`use LeadersLinked\Model\UserPassword;`
		43
		44	`use LeadersLinked\Model\Connection;`
		45	`use LeadersLinked\Authentication\AuthImpersonateAdapter;`
		46	`use LeadersLinked\Model\Network;`
23	efrain	47	`use LeadersLinked\Model\JwtToken;`
		48	`use LeadersLinked\Mapper\JwtTokenMapper;`
		49	`use Firebase\JWT\JWT;`
24	efrain	50	`use Firebase\JWT\Key;`
1	efrain	51
		52
		53
		54	`class AuthController extends AbstractActionController`
		55	`{`
		56	`/**`
		57	`*`
		58	`* @var \Laminas\Db\Adapter\AdapterInterface`
		59	`*/`
		60	`private $adapter;`
		61
		62	`/**`
		63	`*`
		64	`* @var \LeadersLinked\Cache\CacheInterface`
		65	`*/`
		66	`private $cache;`
		67
		68
		69	`/**`
		70	`*`
		71	`* @var \Laminas\Log\LoggerInterface`
		72	`*/`
		73	`private $logger;`
		74
		75	`/**`
		76	`*`
		77	`* @var array`
		78	`*/`
		79	`private $config;`
		80
		81
		82	`/**`
		83	`*`
		84	`* @var \Laminas\Mvc\I18n\Translator`
		85	`*/`
		86	`private $translator;`
		87
		88
		89	`/**`
		90	`*`
		91	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		92	`* @param \LeadersLinked\Cache\CacheInterface $cache`
		93	`* @param \Laminas\Log\LoggerInterface LoggerInterface $logger`
		94	`* @param array $config`
		95	`* @param \Laminas\Mvc\I18n\Translator $translator`
		96	`*/`
		97	`public function __construct($adapter, $cache, $logger, $config, $translator)`
		98	`{`
		99	`$this->adapter = $adapter;`
		100	`$this->cache = $cache;`
		101	`$this->logger = $logger;`
		102	`$this->config = $config;`
		103	`$this->translator = $translator;`
		104	`}`
		105
		106	`public function signinAction()`
		107	`{`
		108	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		109	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		110
		111	`$request = $this->getRequest();`
		112
		113	`if ($request->isPost()) {`
		114	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		115	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
24	efrain	116
		117	`$jwtToken = null;`
		118	`$headers = getallheaders();`
		119	`if(isset($headers['authorization'])) {`
		120
		121	`$token = trim($headers['authorization']);`
		122	`if (substr($token, 0, 6 ) == 'Bearer') {`
		123
		124	`$token = trim(substr($token, 7));`
		125
		126	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		127	`$key = $this->config['leaderslinked.jwt.key'];`
		128
		129
		130	`try {`
		131	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		132
		133
		134	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
		135	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		136	`}`
		137
		138	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		139	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
		140	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		141	`if(!$jwtToken) {`
		142	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		143	`}`
1	efrain	144
24	efrain	145	`} catch(\Exception $e) {`
		146	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		147	`}`
		148	`} else {`
		149	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - SecreteKey required', 'fatal' => true]);`
		150	`}`
		151	`} else {`
		152	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Bearer required', 'fatal' => true]);`
		153	`}`
		154	`} else {`
		155	`return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Required', 'fatal' => true]);`
		156	`}`
1	efrain	157
24	efrain	158
1	efrain	159	`$form = new SigninForm($this->config);`
		160	`$dataPost = $request->getPost()->toArray();`
		161
		162	`if (empty($_SESSION['aes'])) {`
		163	`return new JsonModel([`
		164	`'success' => false,`
		165	`'data' => 'ERROR_WEBSERVICE_ENCRYPTION_KEYS_NOT_FOUND'`
		166	`]);`
		167	`}`
28	efrain	168
1	efrain	169	`if (!empty($dataPost['email'])) {`
		170	`$dataPost['email'] = CryptoJsAes::decrypt($dataPost['email'], $_SESSION['aes']);`
		171	`}`
		172
		173
		174	`if (!empty($dataPost['password'])) {`
		175	`$dataPost['password'] = CryptoJsAes::decrypt($dataPost['password'], $_SESSION['aes']);`
18	efrain	176	`}`
1	efrain	177
		178	`$form->setData($dataPost);`
		179
		180	`if ($form->isValid()) {`
24	efrain	181
1	efrain	182	`$dataPost = (array) $form->getData();`
		183
		184	`$email = $dataPost['email'];`
		185	`$password = $dataPost['password'];`
		186	`$remember = $dataPost['remember'];`
30	efrain	187
		188
		189	`print_r($currentNetwork);`
1	efrain	190
		191	`$authAdapter = new AuthAdapter($this->adapter, $this->logger);`
		192	`$authAdapter->setData($email, $password, $currentNetwork->id);`
		193	`$authService = new AuthenticationService();`
		194
		195	`$result = $authService->authenticate($authAdapter);`
		196
		197	`if ($result->getCode() == AuthResult::SUCCESS) {`
		198
		199
		200	`$userMapper = UserMapper::getInstance($this->adapter);`
		201	`$user = $userMapper->fetchOneByEmail($email);`
		202
		203	`$navigator = get_browser(null, true);`
		204	`$device_type = isset($navigator['device_type']) ? $navigator['device_type'] : '';`
		205	`$platform = isset($navigator['platform']) ? $navigator['platform'] : '';`
		206	`$browser = isset($navigator['browser']) ? $navigator['browser'] : '';`
		207
		208
		209	`$istablet = isset($navigator['istablet']) ? intval($navigator['istablet']) : 0;`
		210	`$ismobiledevice = isset($navigator['ismobiledevice']) ? intval($navigator['ismobiledevice']) : 0;`
		211	`$version = isset($navigator['version']) ? $navigator['version'] : '';`
		212
		213
		214	`$userBrowserMapper = UserBrowserMapper::getInstance($this->adapter);`
		215	`$userBrowser = $userBrowserMapper->fetch($user->id, $device_type, $platform, $browser);`
		216	`if ($userBrowser) {`
		217	`$userBrowserMapper->update($userBrowser);`
		218	`} else {`
		219	`$userBrowser = new UserBrowser();`
		220	`$userBrowser->user_id = $user->id;`
		221	`$userBrowser->browser = $browser;`
		222	`$userBrowser->platform = $platform;`
		223	`$userBrowser->device_type = $device_type;`
		224	`$userBrowser->is_tablet = $istablet;`
		225	`$userBrowser->is_mobile_device = $ismobiledevice;`
		226	`$userBrowser->version = $version;`
		227
		228	`$userBrowserMapper->insert($userBrowser);`
		229	`}`
		230	`//`
		231
		232	`$ip = Functions::getUserIP();`
		233	`$ip = $ip == '127.0.0.1' ? '148.240.211.148' : $ip;`
		234
		235	`$userIpMapper = UserIpMapper::getInstance($this->adapter);`
		236	`$userIp = $userIpMapper->fetch($user->id, $ip);`
		237	`if (empty($userIp)) {`
		238
		239	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		240	`$filename = $this->config['leaderslinked.geoip2.production_database'];`
		241	`} else {`
		242	`$filename = $this->config['leaderslinked.geoip2.sandbox_database'];`
		243	`}`
		244
		245	`$reader = new GeoIp2Reader($filename); //GeoIP2-City.mmdb');`
		246	`$record = $reader->city($ip);`
		247	`if ($record) {`
		248	`$userIp = new UserIp();`
		249	`$userIp->user_id = $user->id;`
		250	`$userIp->city = !empty($record->city->name) ? Functions::utf8_decode($record->city->name) : '';`
		251	`$userIp->state_code = !empty($record->mostSpecificSubdivision->isoCode) ? Functions::utf8_decode($record->mostSpecificSubdivision->isoCode) : '';`
		252	`$userIp->state_name = !empty($record->mostSpecificSubdivision->name) ? Functions::utf8_decode($record->mostSpecificSubdivision->name) : '';`
		253	`$userIp->country_code = !empty($record->country->isoCode) ? Functions::utf8_decode($record->country->isoCode) : '';`
		254	`$userIp->country_name = !empty($record->country->name) ? Functions::utf8_decode($record->country->name) : '';`
		255	`$userIp->ip = $ip;`
		256	`$userIp->latitude = !empty($record->location->latitude) ? $record->location->latitude : 0;`
		257	`$userIp->longitude = !empty($record->location->longitude) ? $record->location->longitude : 0;`
		258	`$userIp->postal_code = !empty($record->postal->code) ? $record->postal->code : '';`
		259
		260	`$userIpMapper->insert($userIp);`
		261	`}`
		262	`} else {`
		263	`$userIpMapper->update($userIp);`
		264	`}`
		265
24	efrain	266	`/*`
1	efrain	267	`if ($remember) {`
		268	`$expired = time() + 365 * 24 * 60 * 60;`
		269
		270	`$cookieEmail = new SetCookie('email', $email, $expired);`
		271	`} else {`
		272	`$expired = time() - 7200;`
		273	`$cookieEmail = new SetCookie('email', '', $expired);`
		274	`}`
		275
		276
		277	`$response = $this->getResponse();`
		278	`$response->getHeaders()->addHeader($cookieEmail);`
24	efrain	279	`*/`
		280
		281
1	efrain	282
		283
		284
		285	`$this->logger->info('Ingreso a LeadersLiked', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		286
		287	`$user_share_invitation = $this->cache->getItem('user_share_invitation');`
		288
		289	`if ($user_share_invitation) {`
		290	`$userRedirect = $userMapper->fetchOneByUuid($user_share_invitation);`
		291	`if ($userRedirect && $userRedirect->status == User::STATUS_ACTIVE && $user->id != $userRedirect->id) {`
		292	`$connectionMapper = ConnectionMapper::getInstance($this->adapter);`
		293	`$connection = $connectionMapper->fetchOneByUserId1AndUserId2($user->id, $userRedirect->id);`
		294
		295	`if ($connection) {`
		296
		297	`if ($connection->status != Connection::STATUS_ACCEPTED) {`
		298	`$connectionMapper->approve($connection);`
		299	`}`
		300	`} else {`
		301	`$connection = new Connection();`
		302	`$connection->request_from = $user->id;`
		303	`$connection->request_to = $userRedirect->id;`
		304	`$connection->status = Connection::STATUS_ACCEPTED;`
		305
		306	`$connectionMapper->insert($connection);`
		307	`}`
		308	`}`
		309	`}`
		310
		311
		312
		313	`$data = [`
		314	`'success' => true,`
		315	`'data' => $this->url()->fromRoute('dashboard'),`
		316	`];`
		317
		318	`$this->cache->removeItem('user_share_invitation');`
		319	`} else {`
		320
		321	`$message = $result->getMessages()[0];`
		322	`if (!in_array($message, [`
		323	`'ERROR_USER_NOT_FOUND', 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED', 'ERROR_USER_IS_BLOCKED',`
		324	`'ERROR_USER_IS_INACTIVE', 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED', 'ERROR_ENTERED_PASS_INCORRECT_2',`
		325	`'ERROR_ENTERED_PASS_INCORRECT_1', 'ERROR_USER_REQUEST_ACCESS_IS_PENDING', 'ERROR_USER_REQUEST_ACCESS_IS_REJECTED'`
		326
		327
		328	`])) {`
		329	`}`
		330
		331	`switch ($message) {`
		332	`case 'ERROR_USER_NOT_FOUND':`
		333	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no existe', ['ip' => Functions::getUserIP()]);`
		334	`break;`
		335
		336	`case 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED':`
		337	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no verificado', ['ip' => Functions::getUserIP()]);`
		338	`break;`
		339
		340	`case 'ERROR_USER_IS_BLOCKED':`
		341	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario bloqueado', ['ip' => Functions::getUserIP()]);`
		342	`break;`
		343
		344	`case 'ERROR_USER_IS_INACTIVE':`
		345	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario inactivo', ['ip' => Functions::getUserIP()]);`
		346	`break;`
		347
		348
		349	`case 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED':`
		350	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 3er Intento Usuario bloqueado', ['ip' => Functions::getUserIP()]);`
		351	`break;`
		352
		353
		354	`case 'ERROR_ENTERED_PASS_INCORRECT_2':`
		355	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 1er Intento', ['ip' => Functions::getUserIP()]);`
		356	`break;`
		357
		358
		359	`case 'ERROR_ENTERED_PASS_INCORRECT_1':`
		360	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 2do Intento', ['ip' => Functions::getUserIP()]);`
		361	`break;`
		362
		363
		364	`case 'ERROR_USER_REQUEST_ACCESS_IS_PENDING':`
		365	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Falta verificar que pertence a la Red Privada', ['ip' => Functions::getUserIP()]);`
		366	`break;`
		367
		368	`case 'ERROR_USER_REQUEST_ACCESS_IS_REJECTED':`
		369	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Rechazado por no pertence a la Red Privada', ['ip' => Functions::getUserIP()]);`
		370	`break;`
		371
		372
		373	`default:`
		374	`$message = 'ERROR_UNKNOWN';`
		375	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Error desconocido', ['ip' => Functions::getUserIP()]);`
		376	`break;`
		377	`}`
		378
		379
		380
		381
		382	`$data = [`
		383	`'success' => false,`
		384	`'data' => $message`
		385	`];`
		386	`}`
		387
		388	`return new JsonModel($data);`
		389	`} else {`
		390	`$messages = [];`
		391
		392
		393
		394	`$form_messages = (array) $form->getMessages();`
		395	`foreach ($form_messages as $fieldname => $field_messages) {`
		396
		397	`$messages[$fieldname] = array_values($field_messages);`
		398	`}`
		399
		400	`return new JsonModel([`
		401	`'success' => false,`
		402	`'data' => $messages`
		403	`]);`
		404	`}`
		405	`} else if ($request->isGet()) {`
		406
23	efrain	407	`$aes = Functions::generatePassword(16);`
1	efrain	408
23	efrain	409	`$jwtToken = new JwtToken();`
		410	`$jwtToken->aes = $aes;`
		411
		412	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
		413	`if($jwtTokenMapper->insert($jwtToken)) {`
		414	`$jwtToken = $jwtTokenMapper->fetchOne($jwtToken->id);`
1	efrain	415	`}`
23	efrain	416
		417	`$token = '';`
		418
		419	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		420	`$issuedAt = new \DateTimeImmutable();`
		421	`$expire = $issuedAt->modify('+24 hours')->getTimestamp();`
		422	`$serverName = $_SERVER['HTTP_HOST'];`
		423	`$payload = [`
		424	`'iat' => $issuedAt->getTimestamp(),`
		425	`'iss' => $serverName,`
		426	`'nbf' => $issuedAt->getTimestamp(),`
		427	`'exp' => $expire,`
		428	`'uuid' => $jwtToken->uuid,`
		429	`];`
		430
		431
		432	`$key = $this->config['leaderslinked.jwt.key'];`
		433	`$token = JWT::encode($payload, $key, 'HS256');`
		434	`}`
		435
		436
		437
1	efrain	438
23	efrain	439
1	efrain	440	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		441	`$site_key = $this->config['leaderslinked.google_captcha.sandbox_site_key'];`
		442	`} else {`
		443	`$site_key = $this->config['leaderslinked.google_captcha.production_site_key'];`
		444	`}`
		445
		446
		447	`$access_usign_social_networks = $this->config['leaderslinked.runmode.access_usign_social_networks'];`
		448
		449	`$sandbox = $this->config['leaderslinked.runmode.sandbox'];`
		450	`if ($sandbox) {`
		451	`$google_map_key = $this->config['leaderslinked.google_map.sandbox_api_key'];`
		452	`} else {`
		453	`$google_map_key = $this->config['leaderslinked.google_map.production_api_key'];`
		454	`}`
		455
		456
		457	`$data = [`
23	efrain	458	`'google_map_key' => $google_map_key,`
		459	`'email' => '',`
		460	`'remember' => false,`
		461	`'site_key' => $site_key,`
		462	`'theme_id' => $currentNetwork->theme_id,`
		463	`'aes' => $aes,`
		464	`'jwt' => $token,`
		465	`'defaultNetwork' => $currentNetwork->default,`
		466	`'access_usign_social_networks' => $access_usign_social_networks && $currentNetwork->default == Network::DEFAULT_YES ? 'y' : 'n',`
		467	`'logo_url' => $this->url()->fromRoute('storage-network', ['type' => 'logo']),`
		468	`'navbar_url' => $this->url()->fromRoute('storage-network', ['type' => 'navbar']),`
		469	`'favico_url' => $this->url()->fromRoute('storage-network', ['type' => 'favico']),`
		470	`'intro' => $currentNetwork->intro,`
		471	`'is_logged_in' => false`
1	efrain	472
		473	`];`
		474
		475	`} else {`
		476	`$data = [`
		477	`'success' => false,`
		478	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		479	`];`
		480
		481	`return new JsonModel($data);`
		482	`}`
		483
		484	`return new JsonModel($data);`
		485	`}`
		486
		487	`public function facebookAction()`
		488	`{`
		489
		490	`$request = $this->getRequest();`
		491	`if ($request->isGet()) {`
		492	`/*`
		493	`// try {`
		494	`$app_id = $this->config['leaderslinked.facebook.app_id'];`
		495	`$app_password = $this->config['leaderslinked.facebook.app_password'];`
		496	`$app_graph_version = $this->config['leaderslinked.facebook.app_graph_version'];`
		497	`//$app_url_auth = $this->config['leaderslinked.facebook.app_url_auth'];`
		498	`//$redirect_url = $this->config['leaderslinked.facebook.app_redirect_url'];`
		499
		500	`[facebook]`
		501	`app_id=343770226993130`
		502	`app_password=028ee729090fd591e50a17a786666c12`
		503	`app_graph_version=v17`
		504	`app_redirect_url=https://leaderslinked.com/oauth/facebook`
		505
		506	`https://www.facebook.com/v17.0/dialog/oauth?client_id=343770226993130&redirect_uri= https://dev.leaderslinked.com/oauth/facebook&state=AE12345678`
		507
		508
		509	`$s = 'https://www.facebook.com/v17.0/dialog/oauth' .`
		510	`'?client_id='`
		511	`'&redirect_uri={"https://www.domain.com/login"}`
		512	`'&state={"{st=state123abc,ds=123456789}"}`
		513
		514	`$fb = new \Facebook\Facebook([`
		515	`'app_id' => $app_id,`
		516	`'app_secret' => $app_password,`
		517	`'default_graph_version' => $app_graph_version,`
		518	`]);`
		519
		520	`$app_url_auth = $this->url()->fromRoute('oauth/facebook', [], ['force_canonical' => true]);`
		521	`$helper = $fb->getRedirectLoginHelper();`
		522	`$permissions = ['email', 'public_profile']; // Optional permissions`
		523	`$facebookUrl = $helper->getLoginUrl($app_url_auth, $permissions);`
		524
		525
		526
		527	`return new JsonModel([`
		528	`'success' => false,`
		529	`'data' => $facebookUrl`
		530	`]);`
		531	`} catch (\Throwable $e) {`
		532	`return new JsonModel([`
		533	`'success' => false,`
		534	`'data' => 'ERROR_WE_COULD_NOT_CONNECT_TO_FACEBOOK'`
		535	`]);`
		536	`}*/`
		537	`} else {`
		538	`return new JsonModel([`
		539	`'success' => false,`
		540	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		541	`]);`
		542	`}`
		543	`}`
		544
		545	`public function twitterAction()`
		546	`{`
		547	`$request = $this->getRequest();`
		548	`if ($request->isGet()) {`
		549
		550	`try {`
		551	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		552
		553	`$twitter_api_key = $this->config['leaderslinked.twitter.sandbox_api_key'];`
		554	`$twitter_api_secret = $this->config['leaderslinked.twitter.sandbox_api_secret'];`
		555	`} else {`
		556	`$twitter_api_key = $this->config['leaderslinked.twitter.production_api_key'];`
		557	`$twitter_api_secret = $this->config['leaderslinked.twitter.production_api_secret'];`
		558	`}`
		559
		560	`/*`
		561	`echo '$twitter_api_key = ' . $twitter_api_key . PHP_EOL;`
		562	`echo '$twitter_api_secret = ' . $twitter_api_secret . PHP_EOL;`
		563	`exit;`
		564	`*/`
		565
		566	`//Twitter`
		567	`//$redirect_url = $this->url()->fromRoute('oauth/twitter', [], ['force_canonical' => true]);`
		568	`$redirect_url = $this->config['leaderslinked.twitter.app_redirect_url'];`
		569	`$twitter = new \Abraham\TwitterOAuth\TwitterOAuth($twitter_api_key, $twitter_api_secret);`
		570	`$request_token = $twitter->oauth('oauth/request_token', ['oauth_callback' => $redirect_url]);`
		571	`$twitterUrl = $twitter->url('oauth/authorize', ['oauth_token' => $request_token['oauth_token']]);`
		572
		573	`$twitterSession = new \Laminas\Session\Container('twitter');`
		574	`$twitterSession->oauth_token = $request_token['oauth_token'];`
		575	`$twitterSession->oauth_token_secret = $request_token['oauth_token_secret'];`
		576
		577	`return new JsonModel([`
		578	`'success' => true,`
		579	`'data' => $twitterUrl`
		580	`]);`
		581	`} catch (\Throwable $e) {`
		582	`return new JsonModel([`
		583	`'success' => false,`
		584	`'data' => 'ERROR_WE_COULD_NOT_CONNECT_TO_TWITTER'`
		585	`]);`
		586	`}`
		587	`} else {`
		588	`return new JsonModel([`
		589	`'success' => false,`
		590	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		591	`]);`
		592	`}`
		593	`}`
		594
		595	`public function googleAction()`
		596	`{`
		597	`$request = $this->getRequest();`
		598	`if ($request->isGet()) {`
		599
		600	`try {`
		601
		602
		603	`//Google`
		604	`$google = new \Google_Client();`
		605	`$google->setAuthConfig('data/google/auth-leaderslinked/apps.google.com_secreto_cliente.json');`
		606	`$google->setAccessType("offline"); // offline access`
		607
		608	`$google->setIncludeGrantedScopes(true); // incremental auth`
		609
		610	`$google->addScope('profile');`
		611	`$google->addScope('email');`
		612
		613	`// $redirect_url = $this->url()->fromRoute('oauth/google', [], ['force_canonical' => true]);`
		614	`$redirect_url = $this->config['leaderslinked.google_auth.app_redirect_url'];`
		615
		616	`$google->setRedirectUri($redirect_url);`
		617	`$googleUrl = $google->createAuthUrl();`
		618
		619	`return new JsonModel([`
		620	`'success' => true,`
		621	`'data' => $googleUrl`
		622	`]);`
		623	`} catch (\Throwable $e) {`
		624	`return new JsonModel([`
		625	`'success' => false,`
		626	`'data' => 'ERROR_WE_COULD_NOT_CONNECT_TO_GOOGLE'`
		627	`]);`
		628	`}`
		629	`} else {`
		630	`return new JsonModel([`
		631	`'success' => false,`
		632	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		633	`]);`
		634	`}`
		635	`}`
		636
		637	`public function signoutAction()`
		638	`{`
		639	`$currentUserPlugin = $this->plugin('currentUserPlugin');`
		640	`$currentUser = $currentUserPlugin->getRawUser();`
		641	`if ($currentUserPlugin->hasImpersonate()) {`
		642
		643
		644	`$userMapper = UserMapper::getInstance($this->adapter);`
		645	`$userMapper->leaveImpersonate($currentUser->id);`
		646
		647	`$networkMapper = NetworkMapper::getInstance($this->adapter);`
		648	`$network = $networkMapper->fetchOne($currentUser->network_id);`
		649
		650
		651	`if (!$currentUser->one_time_password) {`
		652	`$one_time_password = Functions::generatePassword(25);`
		653
		654	`$currentUser->one_time_password = $one_time_password;`
		655
		656	`$userMapper = UserMapper::getInstance($this->adapter);`
		657	`$userMapper->updateOneTimePassword($currentUser, $one_time_password);`
		658	`}`
		659
		660
		661	`$sandbox = $this->config['leaderslinked.runmode.sandbox'];`
		662	`if ($sandbox) {`
		663	`$salt = $this->config['leaderslinked.backend.sandbox_salt'];`
		664	`} else {`
		665	`$salt = $this->config['leaderslinked.backend.production_salt'];`
		666	`}`
		667
		668	`$rand = 1000 + mt_rand(1, 999);`
		669	`$timestamp = time();`
		670	`$password = md5($currentUser->one_time_password . '-' . $rand . '-' . $timestamp . '-' . $salt);`
		671
		672	`$params = [`
		673	`'user_uuid' => $currentUser->uuid,`
		674	`'password' => $password,`
		675	`'rand' => $rand,`
		676	`'time' => $timestamp,`
		677	`];`
		678
		679	`$currentUserPlugin->clearIdentity();`
		680
		681	`return new JsonModel([`
		682	`'success' => true,`
		683	`'data' => [`
		684	`'message' => 'LABEL_SIGNOUT_SUCCESSFULLY',`
		685	`'url' => 'https://' . $network->main_hostname . '/signin/impersonate' . '?' . http_build_query($params)`
		686	`],`
		687
		688	`]);`
		689
		690
		691	`// $url = 'https://' . $network->main_hostname . '/signin/impersonate' . '?' . http_build_query($params);`
		692	`// return $this->redirect()->toUrl($url);`
		693	`} else {`
		694
		695
		696	`if ($currentUserPlugin->hasIdentity()) {`
		697
		698	`$this->logger->info('Desconexión de LeadersLinked', ['user_id' => $currentUserPlugin->getUserId(), 'ip' => Functions::getUserIP()]);`
		699	`}`
		700
		701	`$currentUserPlugin->clearIdentity();`
		702
		703	`// return $this->redirect()->toRoute('home');`
		704
		705	`return new JsonModel([`
		706	`'success' => true,`
		707	`'data' => [`
		708	`'message' => 'LABEL_SIGNOUT_SUCCESSFULLY',`
		709	`'url' => '',`
		710	`],`
		711
		712	`]);`
		713	`}`
		714	`}`
		715
		716
		717	`public function resetPasswordAction()`
		718	`{`
		719	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		720	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		721
		722
		723	`$flashMessenger = $this->plugin('FlashMessenger');`
		724	`$code = Functions::sanitizeFilterString($this->params()->fromRoute('code', ''));`
		725
		726	`$userMapper = UserMapper::getInstance($this->adapter);`
		727	`$user = $userMapper->fetchOneByPasswordResetKeyAndNetworkId($code, $currentNetwork->id);`
		728	`if (!$user) {`
		729	`$this->logger->err('Restablecer contraseña - Error código no existe', ['ip' => Functions::getUserIP()]);`
		730
		731	`return new JsonModel([`
		732	`'success' => true,`
		733	`'data' => 'ERROR_PASSWORD_RECOVER_CODE_IS_INVALID'`
		734	`]);`
		735
		736	`}`
		737
		738
		739
		740	`$password_generated_on = strtotime($user->password_generated_on);`
		741	`$expiry_time = $password_generated_on + $this->config['leaderslinked.security.reset_password_expired'];`
		742	`if (time() > $expiry_time) {`
		743	`$this->logger->err('Restablecer contraseña - Error código expirado', ['ip' => Functions::getUserIP()]);`
		744
		745	`return new JsonModel([`
		746	`'success' => true,`
		747	`'data' => 'ERROR_PASSWORD_RECOVER_CODE_HAS_EXPIRED'`
		748	`]);`
		749	`}`
		750
		751	`$request = $this->getRequest();`
		752	`if ($request->isPost()) {`
		753	`$dataPost = $request->getPost()->toArray();`
		754	`if (empty($_SESSION['aes'])) {`
		755	`return new JsonModel([`
		756	`'success' => false,`
		757	`'data' => 'ERROR_WEBSERVICE_ENCRYPTION_KEYS_NOT_FOUND'`
		758	`]);`
		759
		760
		761	`}`
		762
		763	`if (!empty($dataPost['password'])) {`
		764	`$dataPost['password'] = CryptoJsAes::decrypt($dataPost['password'], $_SESSION['aes']);`
		765	`}`
		766	`if (!empty($dataPost['confirmation'])) {`
		767	`$dataPost['confirmation'] = CryptoJsAes::decrypt($dataPost['confirmation'], $_SESSION['aes']);`
		768	`}`
		769
		770
		771
		772	`$form = new ResetPasswordForm($this->config);`
		773	`$form->setData($dataPost);`
		774
		775	`if ($form->isValid()) {`
		776	`$data = (array) $form->getData();`
		777	`$password = $data['password'];`
		778
		779
		780	`$userPasswordMapper = UserPasswordMapper::getInstance($this->adapter);`
		781	`$userPasswords = $userPasswordMapper->fetchAllByUserId($user->id);`
		782
		783	`$oldPassword = false;`
		784	`foreach ($userPasswords as $userPassword) {`
		785	`if (password_verify($password, $userPassword->password) \|\| (md5($password) == $userPassword->password)) {`
		786	`$oldPassword = true;`
		787	`break;`
		788	`}`
		789	`}`
		790
		791	`if ($oldPassword) {`
		792	`$this->logger->err('Restablecer contraseña - Error contraseña ya utilizada anteriormente', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		793
		794	`return new JsonModel([`
		795	`'success' => false,`
		796	`'data' => 'ERROR_PASSWORD_HAS_ALREADY_BEEN_USED'`
		797
		798	`]);`
		799	`} else {`
		800	`$password_hash = password_hash($password, PASSWORD_DEFAULT);`
		801
		802
		803	`$result = $userMapper->updatePassword($user, $password_hash);`
		804	`if ($result) {`
		805
		806	`$userPassword = new UserPassword();`
		807	`$userPassword->user_id = $user->id;`
		808	`$userPassword->password = $password_hash;`
		809	`$userPasswordMapper->insert($userPassword);`
		810
		811
		812	`$this->logger->info('Restablecer contraseña realizado', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		813
		814
		815	`$flashMessenger->addSuccessMessage('LABEL_YOUR_PASSWORD_HAS_BEEN_UPDATED');`
		816
		817	`return new JsonModel([`
		818	`'success' => true,`
		819	`'data' => [`
		820	`'message' => 'LABEL_YOUR_PASSWORD_HAS_BEEN_UPDATED',`
		821	`'redirect' => $this->url()->fromRoute('home'),`
		822	`],`
		823
		824	`]);`
		825	`} else {`
		826	`$this->logger->err('Restablecer contraseña - Error desconocido', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		827
		828	`return new JsonModel([`
		829	`'success' => false,`
		830	`'data' => 'ERROR_THERE_WAS_AN_ERROR'`
		831
		832	`]);`
		833	`}`
		834	`}`
		835	`} else {`
		836	`$form_messages = $form->getMessages('captcha');`
		837	`if (!empty($form_messages)) {`
		838	`return new JsonModel([`
		839	`'success' => false,`
		840	`'data' => 'ERROR_RECAPTCHA_EMPTY'`
		841	`]);`
		842	`}`
		843
		844	`$messages = [];`
		845
		846	`$form_messages = (array) $form->getMessages();`
		847	`foreach ($form_messages as $fieldname => $field_messages) {`
		848	`$messages[$fieldname] = array_values($field_messages);`
		849	`}`
		850
		851	`return new JsonModel([`
		852	`'success' => false,`
		853	`'data' => $messages`
		854	`]);`
		855	`}`
		856	`} else if ($request->isGet()) {`
		857
		858	`if (empty($_SESSION['aes'])) {`
		859	`$_SESSION['aes'] = Functions::generatePassword(16);`
		860	`}`
		861
		862	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		863	`$site_key = $this->config['leaderslinked.google_captcha.sandbox_site_key'];`
		864	`} else {`
		865	`$site_key = $this->config['leaderslinked.google_captcha.production_site_key'];`
		866	`}`
		867
		868
		869	`return new JsonModel([`
		870	`'code' => $code,`
		871	`'site_key' => $site_key,`
		872	`'aes' => $_SESSION['aes'],`
		873	`'defaultNetwork' => $currentNetwork->default,`
		874	`]);`
		875
		876	`}`
		877
		878
		879
		880	`return new JsonModel([`
		881	`'success' => false,`
		882	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		883	`]);`
		884	`}`
		885
		886	`public function forgotPasswordAction()`
		887	`{`
		888	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		889	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		890
		891
		892
		893	`$request = $this->getRequest();`
		894	`if ($request->isPost()) {`
		895	`$dataPost = $request->getPost()->toArray();`
		896	`if (empty($_SESSION['aes'])) {`
		897	`return new JsonModel([`
		898	`'success' => false,`
		899	`'data' => 'ERROR_WEBSERVICE_ENCRYPTION_KEYS_NOT_FOUND'`
		900	`]);`
		901	`}`
		902
		903	`if (!empty($dataPost['email'])) {`
		904	`$dataPost['email'] = CryptoJsAes::decrypt($dataPost['email'], $_SESSION['aes']);`
		905	`}`
		906
		907	`$form = new ForgotPasswordForm($this->config);`
		908	`$form->setData($dataPost);`
		909
		910	`if ($form->isValid()) {`
		911	`$dataPost = (array) $form->getData();`
		912	`$email = $dataPost['email'];`
		913
		914	`$userMapper = UserMapper::getInstance($this->adapter);`
		915	`$user = $userMapper->fetchOneByEmailAndNetworkId($email, $currentNetwork->id);`
		916	`if (!$user) {`
		917	`$this->logger->err('Olvidó contraseña ' . $email . '- Email no existe ', ['ip' => Functions::getUserIP()]);`
		918
		919	`return new JsonModel([`
		920	`'success' => false,`
		921	`'data' => 'ERROR_EMAIL_IS_NOT_REGISTERED'`
		922	`]);`
		923	`} else {`
		924	`if ($user->status == User::STATUS_INACTIVE) {`
		925	`return new JsonModel([`
		926	`'success' => false,`
		927	`'data' => 'ERROR_USER_IS_INACTIVE'`
		928	`]);`
		929	`} else if ($user->email_verified == User::EMAIL_VERIFIED_NO) {`
		930	`$this->logger->err('Olvidó contraseña - Email no verificado ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		931
		932	`return new JsonModel([`
		933	`'success' => false,`
		934	`'data' => 'ERROR_EMAIL_HAS_NOT_BEEN_VERIFIED'`
		935	`]);`
		936	`} else {`
		937	`$password_reset_key = md5($user->email . time());`
		938	`$userMapper->updatePasswordResetKey((int) $user->id, $password_reset_key);`
		939
		940	`$emailTemplateMapper = EmailTemplateMapper::getInstance($this->adapter);`
		941	`$emailTemplate = $emailTemplateMapper->fetchOneByCodeAndNetworkId(EmailTemplate::CODE_RESET_PASSWORD, $currentNetwork->id);`
		942	`if ($emailTemplate) {`
		943	`$arrayCont = [`
		944	`'firstname' => $user->first_name,`
		945	`'lastname' => $user->last_name,`
		946	`'other_user_firstname' => '',`
		947	`'other_user_lastname' => '',`
		948	`'company_name' => '',`
		949	`'group_name' => '',`
		950	`'content' => '',`
		951	`'code' => '',`
		952	`'link' => $this->url()->fromRoute('reset-password', ['code' => $password_reset_key], ['force_canonical' => true])`
		953	`];`
		954
		955	`$email = new QueueEmail($this->adapter);`
		956	`$email->processEmailTemplate($emailTemplate, $arrayCont, $user->email, trim($user->first_name . ' ' . $user->last_name));`
		957	`}`
		958	`$flashMessenger = $this->plugin('FlashMessenger');`
		959	`$flashMessenger->addSuccessMessage('LABEL_RECOVERY_LINK_WAS_SENT_TO_YOUR_EMAIL');`
		960
		961	`$this->logger->info('Olvidó contraseña - Se envio link de recuperación ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		962
		963	`return new JsonModel([`
		964	`'success' => true,`
		965	`]);`
		966	`}`
		967	`}`
		968	`} else {`
		969
		970
		971	`$form_messages = $form->getMessages('captcha');`
		972
		973
		974
		975	`if (!empty($form_messages)) {`
		976	`return new JsonModel([`
		977	`'success' => false,`
		978	`'data' => 'ERROR_RECAPTCHA_EMPTY'`
		979	`]);`
		980	`}`
		981
		982	`$messages = [];`
		983	`$form_messages = (array) $form->getMessages();`
		984	`foreach ($form_messages as $fieldname => $field_messages) {`
		985	`$messages[$fieldname] = array_values($field_messages);`
		986	`}`
		987
		988	`return new JsonModel([`
		989	`'success' => false,`
		990	`'data' => $messages`
		991	`]);`
		992	`}`
		993	`} else if ($request->isGet()) {`
		994
		995	`if (empty($_SESSION['aes'])) {`
		996	`$_SESSION['aes'] = Functions::generatePassword(16);`
		997	`}`
		998
		999	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		1000	`$site_key = $this->config['leaderslinked.google_captcha.sandbox_site_key'];`
		1001	`} else {`
		1002	`$site_key = $this->config['leaderslinked.google_captcha.production_site_key'];`
		1003	`}`
		1004
		1005	`return new JsonModel([`
		1006	`'site_key' => $site_key,`
		1007	`'aes' => $_SESSION['aes'],`
		1008	`'defaultNetwork' => $currentNetwork->default,`
		1009	`]);`
		1010	`}`
		1011
		1012	`return new JsonModel([`
		1013	`'success' => false,`
		1014	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1015	`]);`
		1016	`}`
		1017
		1018	`public function signupAction()`
		1019	`{`
		1020	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		1021	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		1022
		1023
		1024	`$request = $this->getRequest();`
		1025	`if ($request->isPost()) {`
		1026	`$dataPost = $request->getPost()->toArray();`
		1027
		1028	`if (empty($_SESSION['aes'])) {`
		1029	`return new JsonModel([`
		1030	`'success' => false,`
		1031	`'data' => 'ERROR_WEBSERVICE_ENCRYPTION_KEYS_NOT_FOUND'`
		1032	`]);`
		1033	`}`
		1034
		1035	`if (!empty($dataPost['email'])) {`
		1036	`$dataPost['email'] = CryptoJsAes::decrypt($dataPost['email'], $_SESSION['aes']);`
		1037	`}`
		1038
		1039	`if (!empty($dataPost['password'])) {`
		1040	`$dataPost['password'] = CryptoJsAes::decrypt($dataPost['password'], $_SESSION['aes']);`
		1041	`}`
		1042
		1043	`if (!empty($dataPost['confirmation'])) {`
		1044	`$dataPost['confirmation'] = CryptoJsAes::decrypt($dataPost['confirmation'], $_SESSION['aes']);`
		1045	`}`
		1046
		1047	`if (empty($dataPost['is_adult'])) {`
		1048	`$dataPost['is_adult'] = User::IS_ADULT_NO;`
		1049	`} else {`
		1050	`$dataPost['is_adult'] = $dataPost['is_adult'] == User::IS_ADULT_YES ? User::IS_ADULT_YES : User::IS_ADULT_NO;`
		1051	`}`
		1052
		1053
		1054
		1055	`$form = new SignupForm($this->config);`
		1056	`$form->setData($dataPost);`
		1057
		1058	`if ($form->isValid()) {`
		1059	`$dataPost = (array) $form->getData();`
		1060
		1061	`$email = $dataPost['email'];`
		1062
		1063	`$userMapper = UserMapper::getInstance($this->adapter);`
		1064	`$user = $userMapper->fetchOneByEmailAndNetworkId($email, $currentNetwork->id);`
		1065	`if ($user) {`
		1066	`$this->logger->err('Registro ' . $email . '- Email ya existe ', ['ip' => Functions::getUserIP()]);`
		1067
		1068
		1069
		1070	`return new JsonModel([`
		1071	`'success' => false,`
		1072	`'data' => 'ERROR_EMAIL_IS_REGISTERED'`
		1073	`]);`
		1074	`} else {`
		1075
		1076	`$user_share_invitation = $this->cache->getItem('user_share_invitation');`
		1077
		1078
		1079	`if ($user_share_invitation) {`
		1080	`$userRedirect = $userMapper->fetchOneByUuid($user_share_invitation);`
		1081	`if ($userRedirect && $userRedirect->status == User::STATUS_ACTIVE) {`
		1082	`$password_hash = password_hash($dataPost['password'], PASSWORD_DEFAULT);`
		1083
		1084	`$user = new User();`
		1085	`$user->network_id = $currentNetwork->id;`
		1086	`$user->email = $dataPost['email'];`
		1087	`$user->first_name = $dataPost['first_name'];`
		1088	`$user->last_name = $dataPost['last_name'];`
		1089	`$user->usertype_id = UserType::USER;`
		1090	`$user->password = $password_hash;`
		1091	`$user->password_updated_on = date('Y-m-d H:i:s');`
		1092	`$user->status = User::STATUS_ACTIVE;`
		1093	`$user->blocked = User::BLOCKED_NO;`
		1094	`$user->email_verified = User::EMAIL_VERIFIED_YES;`
		1095	`$user->login_attempt = 0;`
		1096	`$user->is_adult = $dataPost['is_adult'];`
		1097	`$user->request_access = User::REQUEST_ACCESS_APPROVED;`
		1098
		1099
		1100
		1101
		1102
		1103	`if ($userMapper->insert($user)) {`
		1104
		1105	`$userPassword = new UserPassword();`
		1106	`$userPassword->user_id = $user->id;`
		1107	`$userPassword->password = $password_hash;`
		1108
		1109	`$userPasswordMapper = UserPasswordMapper::getInstance($this->adapter);`
		1110	`$userPasswordMapper->insert($userPassword);`
		1111
		1112
		1113	`$connectionMapper = ConnectionMapper::getInstance($this->adapter);`
		1114	`$connection = $connectionMapper->fetchOneByUserId1AndUserId2($user->id, $userRedirect->id);`
		1115
		1116	`if ($connection) {`
		1117
		1118	`if ($connection->status != Connection::STATUS_ACCEPTED) {`
		1119	`$connectionMapper->approve($connection);`
		1120	`}`
		1121	`} else {`
		1122	`$connection = new Connection();`
		1123	`$connection->request_from = $user->id;`
		1124	`$connection->request_to = $userRedirect->id;`
		1125	`$connection->status = Connection::STATUS_ACCEPTED;`
		1126
		1127	`$connectionMapper->insert($connection);`
		1128	`}`
		1129
		1130
		1131	`$this->cache->removeItem('user_share_invitation');`
		1132
		1133
		1134
		1135	`$data = [`
		1136	`'success' => true,`
		1137	`'data' => $this->url()->fromRoute('home'),`
		1138	`];`
		1139
		1140
		1141	`$this->logger->info('Registro con Exito ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		1142
		1143	`return new JsonModel($data);`
		1144	`}`
		1145	`}`
		1146	`}`
		1147
		1148
		1149
		1150
		1151	`$timestamp = time();`
		1152	`$activation_key = sha1($dataPost['email'] . uniqid() . $timestamp);`
		1153
		1154	`$password_hash = password_hash($dataPost['password'], PASSWORD_DEFAULT);`
		1155
		1156	`$user = new User();`
		1157	`$user->network_id = $currentNetwork->id;`
		1158	`$user->email = $dataPost['email'];`
		1159	`$user->first_name = $dataPost['first_name'];`
		1160	`$user->last_name = $dataPost['last_name'];`
		1161	`$user->usertype_id = UserType::USER;`
		1162	`$user->password = $password_hash;`
		1163	`$user->password_updated_on = date('Y-m-d H:i:s');`
		1164	`$user->activation_key = $activation_key;`
		1165	`$user->status = User::STATUS_INACTIVE;`
		1166	`$user->blocked = User::BLOCKED_NO;`
		1167	`$user->email_verified = User::EMAIL_VERIFIED_NO;`
		1168	`$user->login_attempt = 0;`
		1169
		1170	`if ($currentNetwork->default == Network::DEFAULT_YES) {`
		1171	`$user->request_access = User::REQUEST_ACCESS_APPROVED;`
		1172	`} else {`
		1173	`$user->request_access = User::REQUEST_ACCESS_PENDING;`
		1174	`}`
		1175
		1176
		1177
		1178	`if ($userMapper->insert($user)) {`
		1179
		1180	`$userPassword = new UserPassword();`
		1181	`$userPassword->user_id = $user->id;`
		1182	`$userPassword->password = $password_hash;`
		1183
		1184	`$userPasswordMapper = UserPasswordMapper::getInstance($this->adapter);`
		1185	`$userPasswordMapper->insert($userPassword);`
		1186
		1187	`$emailTemplateMapper = EmailTemplateMapper::getInstance($this->adapter);`
		1188	`$emailTemplate = $emailTemplateMapper->fetchOneByCodeAndNetworkId(EmailTemplate::CODE_USER_REGISTER, $currentNetwork->id);`
		1189	`if ($emailTemplate) {`
		1190	`$arrayCont = [`
		1191	`'firstname' => $user->first_name,`
		1192	`'lastname' => $user->last_name,`
		1193	`'other_user_firstname' => '',`
		1194	`'other_user_lastname' => '',`
		1195	`'company_name' => '',`
		1196	`'group_name' => '',`
		1197	`'content' => '',`
		1198	`'code' => '',`
		1199	`'link' => $this->url()->fromRoute('activate-account', ['code' => $user->activation_key], ['force_canonical' => true])`
		1200	`];`
		1201
		1202	`$email = new QueueEmail($this->adapter);`
		1203	`$email->processEmailTemplate($emailTemplate, $arrayCont, $user->email, trim($user->first_name . ' ' . $user->last_name));`
		1204	`}`
		1205	`$flashMessenger = $this->plugin('FlashMessenger');`
		1206	`$flashMessenger->addSuccessMessage('LABEL_REGISTRATION_DONE');`
		1207
		1208	`$this->logger->info('Registro con Exito ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		1209
		1210	`return new JsonModel([`
		1211	`'success' => true,`
		1212	`]);`
		1213	`} else {`
		1214	`$this->logger->err('Registro ' . $email . '- Ha ocurrido un error ', ['ip' => Functions::getUserIP()]);`
		1215
		1216	`return new JsonModel([`
		1217	`'success' => false,`
		1218	`'data' => 'ERROR_THERE_WAS_AN_ERROR'`
		1219	`]);`
		1220	`}`
		1221	`}`
		1222	`} else {`
		1223
		1224	`$form_messages = $form->getMessages('captcha');`
		1225	`if (!empty($form_messages)) {`
		1226	`return new JsonModel([`
		1227	`'success' => false,`
		1228	`'data' => 'ERROR_RECAPTCHA_EMPTY'`
		1229	`]);`
		1230	`}`
		1231
		1232	`$messages = [];`
		1233
		1234	`$form_messages = (array) $form->getMessages();`
		1235	`foreach ($form_messages as $fieldname => $field_messages) {`
		1236	`$messages[$fieldname] = array_values($field_messages);`
		1237	`}`
		1238
		1239	`return new JsonModel([`
		1240	`'success' => false,`
		1241	`'data' => $messages`
		1242	`]);`
		1243	`}`
		1244	`} else if ($request->isGet()) {`
		1245
		1246	`if (empty($_SESSION['aes'])) {`
		1247	`$_SESSION['aes'] = Functions::generatePassword(16);`
		1248	`}`
		1249
		1250	`if ($this->config['leaderslinked.runmode.sandbox']) {`
		1251	`$site_key = $this->config['leaderslinked.google_captcha.sandbox_site_key'];`
		1252	`} else {`
		1253	`$site_key = $this->config['leaderslinked.google_captcha.production_site_key'];`
		1254	`}`
		1255
		1256	`$email = isset($_COOKIE['email']) ? $_COOKIE['email'] : '';`
		1257
		1258	`return new JsonModel([`
		1259	`'site_key' => $site_key,`
		1260	`'aes' => $_SESSION['aes'],`
		1261	`'defaultNetwork' => $currentNetwork->default,`
		1262	`]);`
		1263	`}`
		1264
		1265	`return new JsonModel([`
		1266	`'success' => false,`
		1267	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1268	`]);`
		1269	`}`
		1270
		1271	`public function activateAccountAction()`
		1272	`{`
		1273
		1274	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		1275	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		1276
		1277
		1278
		1279	`$request = $this->getRequest();`
		1280	`if ($request->isGet()) {`
		1281	`$code = Functions::sanitizeFilterString($this->params()->fromRoute('code'));`
		1282	`$userMapper = UserMapper::getInstance($this->adapter);`
		1283	`$user = $userMapper->fetchOneByActivationKeyAndNetworkId($code, $currentNetwork->id);`
		1284
		1285	`$flashMessenger = $this->plugin('FlashMessenger');`
		1286
		1287	`if ($user) {`
		1288	`if (User::EMAIL_VERIFIED_YES == $user->email_verified) {`
		1289
		1290	`$this->logger->err('Verificación email - El código ya habia sido verificao ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		1291
		1292	`$flashMessenger->addErrorMessage('ERROR_EMAIL_HAS_BEEN_PREVIOUSLY_VERIFIED');`
		1293	`} else {`
		1294
		1295	`if ($userMapper->activateAccount((int) $user->id)) {`
		1296
		1297	`$this->logger->info('Verificación email realizada ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		1298
		1299
		1300
		1301	`$user_share_invitation = $this->cache->getItem('user_share_invitation');`
		1302
		1303	`if ($user_share_invitation) {`
		1304	`$userRedirect = $userMapper->fetchOneByUuid($user_share_invitation);`
		1305	`if ($userRedirect && $userRedirect->status == User::STATUS_ACTIVE && $user->id != $userRedirect->id) {`
		1306	`$connectionMapper = ConnectionMapper::getInstance($this->adapter);`
		1307	`$connection = $connectionMapper->fetchOneByUserId1AndUserId2($user->id, $userRedirect->id);`
		1308
		1309	`if ($connection) {`
		1310
		1311	`if ($connection->status != Connection::STATUS_ACCEPTED) {`
		1312	`$connectionMapper->approve($connection);`
		1313	`}`
		1314	`} else {`
		1315	`$connection = new Connection();`
		1316	`$connection->request_from = $user->id;`
		1317	`$connection->request_to = $userRedirect->id;`
		1318	`$connection->status = Connection::STATUS_ACCEPTED;`
		1319
		1320	`$connectionMapper->insert($connection);`
		1321	`}`
		1322	`}`
		1323	`}`
		1324
		1325
		1326
		1327	`$this->cache->removeItem('user_share_invitation');`
		1328
		1329
		1330	`if ($currentNetwork->default == Network::DEFAULT_YES) {`
		1331	`$flashMessenger->addSuccessMessage('LABEL_YOUR_EMAIL_HAS_BEEN_VERIFIED');`
		1332	`} else {`
		1333
		1334	`$emailTemplateMapper = EmailTemplateMapper::getInstance($this->adapter);`
		1335	`$emailTemplate = $emailTemplateMapper->fetchOneByCodeAndNetworkId(EmailTemplate::CODE_REQUEST_ACCESS_PENDING, $currentNetwork->id);`
		1336
		1337	`if ($emailTemplate) {`
		1338	`$arrayCont = [`
		1339	`'firstname' => $user->first_name,`
		1340	`'lastname' => $user->last_name,`
		1341	`'other_user_firstname' => '',`
		1342	`'other_user_lastname' => '',`
		1343	`'company_name' => '',`
		1344	`'group_name' => '',`
		1345	`'content' => '',`
		1346	`'code' => '',`
		1347	`'link' => '',`
		1348	`];`
		1349
		1350	`$email = new QueueEmail($this->adapter);`
		1351	`$email->processEmailTemplate($emailTemplate, $arrayCont, $user->email, trim($user->first_name . ' ' . $user->last_name));`
		1352	`}`
		1353
		1354
		1355	`$flashMessenger->addSuccessMessage('LABEL_YOUR_EMAIL_HAS_BEEN_VERIFIED_WE_ARE_VERIFYING_YOUR_INFORMATION');`
		1356	`}`
		1357	`} else {`
		1358	`$this->logger->err('Verificación email - Ha ocurrido un error ', ['user_id' => $user->id, 'ip' => Functions::getUserIP()]);`
		1359
		1360	`$flashMessenger->addErrorMessage('ERROR_THERE_WAS_AN_ERROR');`
		1361	`}`
		1362	`}`
		1363	`} else {`
		1364	`$this->logger->err('Verificación email - El código no existe ', ['ip' => Functions::getUserIP()]);`
		1365
		1366	`$flashMessenger->addErrorMessage('ERROR_ACTIVATION_CODE_IS_NOT_VALID');`
		1367	`}`
		1368
		1369	`return $this->redirect()->toRoute('home');`
		1370	`} else {`
		1371	`$response = [`
		1372	`'success' => false,`
		1373	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1374	`];`
		1375	`}`
		1376
		1377	`return new JsonModel($response);`
		1378	`}`
		1379
		1380
		1381
		1382	`public function onroomAction()`
		1383	`{`
		1384	`$currentNetworkPlugin = $this->plugin('currentNetworkPlugin');`
		1385	`$currentNetwork = $currentNetworkPlugin->getNetwork();`
		1386
		1387
		1388
		1389	`$request = $this->getRequest();`
		1390
		1391	`if ($request->isPost()) {`
		1392
		1393	`$dataPost = $request->getPost()->toArray();`
		1394
		1395
		1396	`$form = new MoodleForm();`
		1397	`$form->setData($dataPost);`
		1398	`if ($form->isValid()) {`
		1399
		1400	`$dataPost = (array) $form->getData();`
		1401	`$username = $dataPost['username'];`
		1402	`$password = $dataPost['password'];`
		1403	`$timestamp = $dataPost['timestamp'];`
		1404	`$rand = $dataPost['rand'];`
		1405	`$data = $dataPost['data'];`
		1406
		1407	`$config_username = $this->config['leaderslinked.moodle.username'];`
		1408	`$config_password = $this->config['leaderslinked.moodle.password'];`
		1409	`$config_rsa_n = $this->config['leaderslinked.moodle.rsa_n'];`
		1410	`$config_rsa_d = $this->config['leaderslinked.moodle.rsa_d'];`
		1411	`$config_rsa_e = $this->config['leaderslinked.moodle.rsa_e'];`
		1412
		1413
		1414
		1415
		1416	`if (empty($username) \|\| empty($password) \|\| empty($timestamp) \|\| empty($rand) \|\| !is_integer($rand)) {`
		1417	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);`
		1418	`exit;`
		1419	`}`
		1420
		1421	`if ($username != $config_username) {`
		1422	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);`
		1423	`exit;`
		1424	`}`
		1425
		1426	`$dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);`
		1427	`if (!$dt) {`
		1428	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);`
		1429	`exit;`
		1430	`}`
		1431
		1432	`$t0 = $dt->getTimestamp();`
		1433	`$t1 = strtotime('-5 minutes');`
		1434	`$t2 = strtotime('+5 minutes');`
		1435
		1436	`if ($t0 < $t1 \|\| $t0 > $t2) {`
		1437	`//echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;`
		1438	`//exit;`
		1439	`}`
		1440
		1441	`if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {`
		1442	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);`
		1443	`exit;`
		1444	`}`
		1445
		1446	`if (empty($data)) {`
		1447	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);`
		1448	`exit;`
		1449	`}`
		1450
		1451	`$data = base64_decode($data);`
		1452	`if (empty($data)) {`
		1453	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);`
		1454	`exit;`
		1455	`}`
		1456
		1457
		1458	`try {`
		1459	`$rsa = Rsa::getInstance();`
		1460	`$data = $rsa->decrypt($data, $config_rsa_d, $config_rsa_n);`
		1461	`} catch (\Throwable $e) {`
		1462	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);`
		1463	`exit;`
		1464	`}`
		1465
		1466	`$data = (array) json_decode($data);`
		1467	`if (empty($data)) {`
		1468	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);`
		1469	`exit;`
		1470	`}`
		1471
		1472	`$email = isset($data['email']) ? Functions::sanitizeFilterString($data['email']) : '';`
		1473	`$first_name = isset($data['first_name']) ? Functions::sanitizeFilterString($data['first_name']) : '';`
		1474	`$last_name = isset($data['last_name']) ? Functions::sanitizeFilterString($data['last_name']) : '';`
		1475
		1476	`if (!filter_var($email, FILTER_VALIDATE_EMAIL) \|\| empty($first_name) \|\| empty($last_name)) {`
		1477	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);`
		1478	`exit;`
		1479	`}`
		1480
		1481	`$userMapper = UserMapper::getInstance($this->adapter);`
		1482	`$user = $userMapper->fetchOneByEmail($email);`
		1483	`if (!$user) {`
		1484
		1485
		1486	`$user = new User();`
		1487	`$user->network_id = $currentNetwork->id;`
		1488	`$user->blocked = User::BLOCKED_NO;`
		1489	`$user->email = $email;`
		1490	`$user->email_verified = User::EMAIL_VERIFIED_YES;`
		1491	`$user->first_name = $first_name;`
		1492	`$user->last_name = $last_name;`
		1493	`$user->login_attempt = 0;`
		1494	`$user->password = '-NO-PASSWORD-';`
		1495	`$user->usertype_id = UserType::USER;`
		1496	`$user->status = User::STATUS_ACTIVE;`
		1497	`$user->show_in_search = User::SHOW_IN_SEARCH_YES;`
		1498
		1499	`if ($userMapper->insert($user)) {`
		1500	`echo json_encode(['success' => false, 'data' => $userMapper->getError()]);`
		1501	`exit;`
		1502	`}`
		1503
		1504
		1505
		1506
		1507	`$filename = trim(isset($data['avatar_filename']) ? filter_var($data['avatar_filename'], FILTER_SANITIZE_EMAIL) : '');`
		1508	`$content = isset($data['avatar_content']) ? Functions::sanitizeFilterString($data['avatar_content']) : '';`
		1509
		1510	`if ($filename && $content) {`
		1511	`$source = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $filename;`
		1512	`try {`
		1513	`file_put_contents($source, base64_decode($content));`
		1514	`if (file_exists($source)) {`
		1515	`$target_path = $this->config['leaderslinked.fullpath.user'] . $user->uuid;`
		1516	`list($target_width, $target_height) = explode('x', $this->config['leaderslinked.image_sizes.user_size']);`
		1517
		1518	`$target_filename = 'user-' . uniqid() . '.png';`
		1519	`$crop_to_dimensions = true;`
		1520
		1521	`if (!Image::uploadImage($source, $target_path, $target_filename, $target_width, $target_height, $crop_to_dimensions)) {`
		1522	`return new JsonModel([`
		1523	`'success' => false,`
		1524	`'data' => 'ERROR_THERE_WAS_AN_ERROR'`
		1525	`]);`
		1526	`}`
		1527
		1528	`$user->image = $target_filename;`
		1529	`$userMapper->updateImage($user);`
		1530	`}`
		1531	`} catch (\Throwable $e) {`
		1532	`} finally {`
		1533	`if (file_exists($source)) {`
		1534	`unlink($source);`
		1535	`}`
		1536	`}`
		1537	`}`
		1538	`}`
		1539
		1540	`$auth = new AuthEmailAdapter($this->adapter);`
		1541	`$auth->setData($email);`
		1542
		1543	`$result = $auth->authenticate();`
		1544	`if ($result->getCode() == AuthResult::SUCCESS) {`
		1545	`return $this->redirect()->toRoute('dashboard');`
		1546	`} else {`
		1547	`$message = $result->getMessages()[0];`
		1548	`if (!in_array($message, [`
		1549	`'ERROR_USER_NOT_FOUND', 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED', 'ERROR_USER_IS_BLOCKED',`
		1550	`'ERROR_USER_IS_INACTIVE', 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED', 'ERROR_ENTERED_PASS_INCORRECT_2',`
		1551	`'ERROR_ENTERED_PASS_INCORRECT_1'`
		1552	`])) {`
		1553	`}`
		1554
		1555	`switch ($message) {`
		1556	`case 'ERROR_USER_NOT_FOUND':`
		1557	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no existe', ['ip' => Functions::getUserIP()]);`
		1558	`break;`
		1559
		1560	`case 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED':`
		1561	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no verificado', ['ip' => Functions::getUserIP()]);`
		1562	`break;`
		1563
		1564	`case 'ERROR_USER_IS_BLOCKED':`
		1565	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario bloqueado', ['ip' => Functions::getUserIP()]);`
		1566	`break;`
		1567
		1568	`case 'ERROR_USER_IS_INACTIVE':`
		1569	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario inactivo', ['ip' => Functions::getUserIP()]);`
		1570	`break;`
		1571
		1572
		1573	`case 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED':`
		1574	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 3er Intento Usuario bloqueado', ['ip' => Functions::getUserIP()]);`
		1575	`break;`
		1576
		1577
		1578	`case 'ERROR_ENTERED_PASS_INCORRECT_2':`
		1579	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 1er Intento', ['ip' => Functions::getUserIP()]);`
		1580	`break;`
		1581
		1582
		1583	`case 'ERROR_ENTERED_PASS_INCORRECT_1':`
		1584	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 2do Intento', ['ip' => Functions::getUserIP()]);`
		1585	`break;`
		1586
		1587
		1588	`default:`
		1589	`$message = 'ERROR_UNKNOWN';`
		1590	`$this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Error desconocido', ['ip' => Functions::getUserIP()]);`
		1591	`break;`
		1592	`}`
		1593
		1594
		1595
		1596
		1597	`return new JsonModel([`
		1598	`'success' => false,`
		1599	`'data' => $message`
		1600	`]);`
		1601	`}`
		1602	`} else {`
		1603	`$messages = [];`
		1604
		1605
		1606
		1607	`$form_messages = (array) $form->getMessages();`
		1608	`foreach ($form_messages as $fieldname => $field_messages) {`
		1609
		1610	`$messages[$fieldname] = array_values($field_messages);`
		1611	`}`
		1612
		1613	`return new JsonModel([`
		1614	`'success' => false,`
		1615	`'data' => $messages`
		1616	`]);`
		1617	`}`
		1618	`} else {`
		1619	`$data = [`
		1620	`'success' => false,`
		1621	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1622	`];`
		1623
		1624	`return new JsonModel($data);`
		1625	`}`
		1626
		1627	`return new JsonModel($data);`
		1628	`}`
		1629
		1630	`public function csrfAction()`
		1631	`{`
		1632	`$request = $this->getRequest();`
		1633	`if ($request->isGet()) {`
		1634
		1635	`$token = md5(uniqid('CSFR-' . mt_rand(), true));`
		1636	`$_SESSION['token'] = $token;`
		1637
		1638
		1639	`return new JsonModel([`
		1640	`'success' => true,`
		1641	`'data' => $token`
		1642	`]);`
		1643	`} else {`
		1644	`return new JsonModel([`
		1645	`'success' => false,`
		1646	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1647	`]);`
		1648	`}`
		1649	`}`
		1650
		1651	`public function impersonateAction()`
		1652	`{`
		1653	`$request = $this->getRequest();`
		1654	`if ($request->isGet()) {`
		1655	`$user_uuid = Functions::sanitizeFilterString($this->params()->fromQuery('user_uuid'));`
		1656	`$rand = filter_var($this->params()->fromQuery('rand'), FILTER_SANITIZE_NUMBER_INT);`
		1657	`$timestamp = filter_var($this->params()->fromQuery('time'), FILTER_SANITIZE_NUMBER_INT);`
		1658	`$password = Functions::sanitizeFilterString($this->params()->fromQuery('password'));`
		1659
		1660
		1661	`if (!$user_uuid \|\| !$rand \|\| !$timestamp \|\| !$password) {`
		1662	`throw new \Exception('ERROR_PARAMETERS_ARE_INVALID');`
		1663	`}`
		1664
		1665
		1666	`$currentUserPlugin = $this->plugin('currentUserPlugin');`
		1667	`$currentUserPlugin->clearIdentity();`
		1668
		1669
		1670	`$authAdapter = new AuthImpersonateAdapter($this->adapter, $this->config);`
		1671	`$authAdapter->setDataAdmin($user_uuid, $password, $timestamp, $rand);`
		1672
		1673	`$authService = new AuthenticationService();`
		1674	`$result = $authService->authenticate($authAdapter);`
		1675
		1676
		1677	`if ($result->getCode() == AuthResult::SUCCESS) {`
		1678	`return $this->redirect()->toRoute('dashboard');`
		1679	`} else {`
		1680	`throw new \Exception($result->getMessages()[0]);`
		1681	`}`
		1682	`}`
		1683
		1684	`return new JsonModel([`
		1685	`'success' => false,`
		1686	`'data' => 'ERROR_METHOD_NOT_ALLOWED'`
		1687	`]);`
		1688	`}`
		1689	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Controller/AuthController.php – Rev 30