| 1 |
www |
1 |
<?php
|
|
|
2 |
declare(strict_types=1);
|
|
|
3 |
|
|
|
4 |
namespace LeadersLinked\Controller;
|
|
|
5 |
|
|
|
6 |
use Laminas\Authentication\AuthenticationService;
|
|
|
7 |
use Laminas\Authentication\Result as AuthResult;
|
|
|
8 |
use Laminas\Db\Adapter\AdapterInterface;
|
|
|
9 |
use Laminas\Cache\Storage\Adapter\AbstractAdapter;
|
|
|
10 |
use Laminas\Http\Header\SetCookie;
|
|
|
11 |
use Laminas\Mvc\Controller\AbstractActionController;
|
|
|
12 |
use Laminas\Log\LoggerInterface;
|
|
|
13 |
use Laminas\View\Model\ViewModel;
|
|
|
14 |
use Laminas\View\Model\JsonModel;
|
|
|
15 |
use GeoIp2\Database\Reader As GeoIp2Reader;
|
|
|
16 |
use LeadersLinked\Form\Auth\SigninForm;
|
|
|
17 |
use LeadersLinked\Form\Auth\ResetPasswordForm;
|
|
|
18 |
use LeadersLinked\Form\Auth\ForgotPasswordForm;
|
|
|
19 |
use LeadersLinked\Form\Auth\SignupForm;
|
|
|
20 |
use LeadersLinked\Authentication\AuthAdapter;
|
|
|
21 |
use LeadersLinked\Mapper\UserMapper;
|
|
|
22 |
use LeadersLinked\Mapper\EmailTemplateMapper;
|
|
|
23 |
use LeadersLinked\Model\User;
|
|
|
24 |
use LeadersLinked\Model\UserType;
|
|
|
25 |
use LeadersLinked\Library\QueueEmail;
|
|
|
26 |
use LeadersLinked\Library\Functions;
|
|
|
27 |
use LeadersLinked\Model\EmailTemplate;
|
|
|
28 |
use LeadersLinked\Mapper\UserPasswordMapper;
|
|
|
29 |
use LeadersLinked\Model\UserBrowser;
|
|
|
30 |
use LeadersLinked\Mapper\UserBrowserMapper;
|
|
|
31 |
use LeadersLinked\Mapper\UserIpMapper;
|
|
|
32 |
use LeadersLinked\Model\UserIp;
|
|
|
33 |
use LeadersLinked\Form\Auth\MoodleForm;
|
|
|
34 |
use LeadersLinked\Library\Rsa;
|
|
|
35 |
use LeadersLinked\Library\Image;
|
|
|
36 |
use LeadersLinked\Authentication\AuthEmailAdapter;
|
|
|
37 |
use Nullix\CryptoJsAes\CryptoJsAes;
|
|
|
38 |
use LeadersLinked\Model\UserPassword;
|
|
|
39 |
use LeadersLinked\Mapper\CompanyMapper;
|
|
|
40 |
use LeadersLinked\Mapper\CompanyUserMapper;
|
|
|
41 |
use LeadersLinked\Model\CompanyUser;
|
| 3639 |
efrain |
42 |
use LeadersLinked\Mapper\NetworkMapper;
|
| 1 |
www |
43 |
|
|
|
44 |
|
|
|
45 |
class BackendController extends AbstractActionController
|
|
|
46 |
{
|
|
|
47 |
/**
|
|
|
48 |
*
|
|
|
49 |
* @var AdapterInterface
|
|
|
50 |
*/
|
|
|
51 |
private $adapter;
|
|
|
52 |
|
|
|
53 |
|
|
|
54 |
/**
|
|
|
55 |
*
|
|
|
56 |
* @var AbstractAdapter
|
|
|
57 |
*/
|
|
|
58 |
private $cache;
|
|
|
59 |
|
|
|
60 |
/**
|
|
|
61 |
*
|
|
|
62 |
* @var LoggerInterface
|
|
|
63 |
*/
|
|
|
64 |
private $logger;
|
|
|
65 |
|
|
|
66 |
/**
|
|
|
67 |
*
|
|
|
68 |
* @var array
|
|
|
69 |
*/
|
|
|
70 |
private $config;
|
|
|
71 |
|
|
|
72 |
|
|
|
73 |
|
|
|
74 |
|
|
|
75 |
/**
|
|
|
76 |
*
|
|
|
77 |
* @param AdapterInterface $adapter
|
|
|
78 |
* @param AbstractAdapter $cache
|
|
|
79 |
* @param LoggerInterface $logger
|
|
|
80 |
* @param array $config
|
|
|
81 |
*/
|
|
|
82 |
public function __construct($adapter, $cache , $logger, $config)
|
|
|
83 |
{
|
|
|
84 |
$this->adapter = $adapter;
|
|
|
85 |
$this->cache = $cache;
|
|
|
86 |
$this->logger = $logger;
|
|
|
87 |
$this->config = $config;
|
|
|
88 |
}
|
|
|
89 |
|
|
|
90 |
public function signinAdminAction()
|
|
|
91 |
{
|
|
|
92 |
|
|
|
93 |
$request = $this->getRequest();
|
|
|
94 |
if($request->isGet()) {
|
|
|
95 |
$currentUserPlugin = $this->plugin('currentUserPlugin');
|
|
|
96 |
$currentUser = $currentUserPlugin->getUser();
|
|
|
97 |
|
| 3639 |
efrain |
98 |
$networkMapper = NetworkMapper::getInstance($this->adapter);
|
|
|
99 |
$network = $networkMapper->fetchOne($currentUser->network_id);
|
| 1 |
www |
100 |
|
| 3639 |
efrain |
101 |
$sandbox = $this->config['leaderslinked.runmode.sandbox'];
|
|
|
102 |
if($sandbox) {
|
|
|
103 |
$salt = $this->config['leaderslinked.backend.sandbox_salt'];
|
|
|
104 |
} else {
|
|
|
105 |
$salt = $this->config['leaderslinked.backend.production_salt'];
|
|
|
106 |
}
|
|
|
107 |
|
|
|
108 |
|
|
|
109 |
|
| 1 |
www |
110 |
if($currentUser && $currentUser->usertype_id == UserType::ADMIN) {
|
|
|
111 |
|
|
|
112 |
|
|
|
113 |
if(!$currentUser->one_time_password) {
|
|
|
114 |
$one_time_password = Functions::generatePassword(25);
|
|
|
115 |
|
|
|
116 |
$currentUser->one_time_password = $one_time_password;
|
|
|
117 |
|
|
|
118 |
$userMapper = UserMapper::getInstance($this->adapter);
|
|
|
119 |
$userMapper->updateOneTimePassword($currentUser, $one_time_password);
|
|
|
120 |
}
|
|
|
121 |
|
| 3639 |
efrain |
122 |
|
| 1 |
www |
123 |
|
|
|
124 |
|
|
|
125 |
$rand = 1000 + mt_rand(1, 999);
|
|
|
126 |
$timestamp = time();
|
|
|
127 |
$password = md5($currentUser->one_time_password . '-' . $rand . '-' . $timestamp . '-' . $salt);
|
|
|
128 |
|
|
|
129 |
$params = [
|
|
|
130 |
'user_uuid' => $currentUser->uuid,
|
|
|
131 |
'password' => $password,
|
|
|
132 |
'rand' => $rand,
|
|
|
133 |
'time' => $timestamp,
|
|
|
134 |
];
|
|
|
135 |
|
| 3639 |
efrain |
136 |
$link_admin = 'https://'. $network->admin_hostname . '/signin-admin' . '?' . http_build_query($params);
|
| 1 |
www |
137 |
} else {
|
|
|
138 |
$link_admin = '';
|
|
|
139 |
}
|
|
|
140 |
|
|
|
141 |
$data = [
|
|
|
142 |
'success' => true,
|
|
|
143 |
'data' => $link_admin
|
|
|
144 |
];
|
|
|
145 |
|
|
|
146 |
return new JsonModel($data);
|
|
|
147 |
|
|
|
148 |
} else {
|
|
|
149 |
$data = [
|
|
|
150 |
'success' => false,
|
|
|
151 |
'data' => 'ERROR_METHOD_NOT_ALLOWED'
|
|
|
152 |
];
|
|
|
153 |
|
|
|
154 |
return new JsonModel($data);
|
|
|
155 |
}
|
|
|
156 |
|
|
|
157 |
return new JsonModel($data);
|
|
|
158 |
|
|
|
159 |
|
|
|
160 |
}
|
|
|
161 |
|
|
|
162 |
public function signinCompanyAction()
|
|
|
163 |
{
|
|
|
164 |
|
|
|
165 |
$request = $this->getRequest();
|
|
|
166 |
if($request->isGet()) {
|
|
|
167 |
|
|
|
168 |
|
|
|
169 |
$currentUserPlugin = $this->plugin('currentUserPlugin');
|
|
|
170 |
$currentUser = $currentUserPlugin->getUser();
|
| 3639 |
efrain |
171 |
|
| 1 |
www |
172 |
|
|
|
173 |
$id = $this->params()->fromRoute('id');
|
|
|
174 |
$companyMapper = CompanyMapper::getInstance($this->adapter);
|
|
|
175 |
$company = $companyMapper->fetchOneByUuid($id);
|
|
|
176 |
|
|
|
177 |
$link_admin = '';
|
|
|
178 |
|
|
|
179 |
if($company) {
|
|
|
180 |
|
| 3639 |
efrain |
181 |
$networkMapper = NetworkMapper::getInstance($this->adapter);
|
|
|
182 |
$network = $networkMapper->fetchOne($currentUser->network_id);
|
|
|
183 |
|
| 1 |
www |
184 |
$companyUserMapper = CompanyUserMapper::getInstance($this->adapter);
|
|
|
185 |
$companyUser = $companyUserMapper->fetchOneByCompanyIdAndUserId($company->id, $currentUser->id);
|
|
|
186 |
|
|
|
187 |
if($companyUser && $companyUser->status == CompanyUser::STATUS_ACCEPTED && $companyUser->backend == CompanyUser::BACKEND_YES ) {
|
|
|
188 |
if(!$currentUser->one_time_password) {
|
|
|
189 |
$one_time_password = Functions::generatePassword(25);
|
|
|
190 |
|
|
|
191 |
$currentUser->one_time_password = $one_time_password;
|
|
|
192 |
|
|
|
193 |
$userMapper = UserMapper::getInstance($this->adapter);
|
|
|
194 |
$userMapper->updateOneTimePassword($currentUser, $one_time_password);
|
|
|
195 |
}
|
|
|
196 |
|
|
|
197 |
|
|
|
198 |
$sandbox = $this->config['leaderslinked.runmode.sandbox'];
|
|
|
199 |
if($sandbox) {
|
|
|
200 |
$salt = $this->config['leaderslinked.backend.sandbox_salt'];
|
|
|
201 |
} else {
|
|
|
202 |
$salt = $this->config['leaderslinked.backend.production_salt'];
|
|
|
203 |
}
|
|
|
204 |
|
|
|
205 |
|
| 3639 |
efrain |
206 |
$timestamp = date('Y-m-d\TH:i:s');
|
|
|
207 |
$rand = 1000 + rand(1, 8999);
|
|
|
208 |
|
|
|
209 |
|
|
|
210 |
|
| 1 |
www |
211 |
$rand = 1000 + mt_rand(1, 999);
|
|
|
212 |
$timestamp = time();
|
|
|
213 |
$password = md5($currentUser->one_time_password . '-' . $rand . '-' . $timestamp . '-' . $salt);
|
|
|
214 |
|
| 3639 |
efrain |
215 |
$params = [
|
|
|
216 |
'user_uuid' => $currentUser->uuid,
|
|
|
217 |
'password' => $password,
|
|
|
218 |
'rand' => $rand,
|
|
|
219 |
'time' => $timestamp,
|
|
|
220 |
'company_uuid' => $company->uuid
|
|
|
221 |
];
|
| 1 |
www |
222 |
|
| 3639 |
efrain |
223 |
$link_admin = 'https://'. $network->admin_hostname . '/signin-company' . '?' . http_build_query($params);
|
|
|
224 |
}
|
| 1 |
www |
225 |
|
|
|
226 |
|
|
|
227 |
|
|
|
228 |
}
|
|
|
229 |
|
|
|
230 |
|
|
|
231 |
|
|
|
232 |
$data = [
|
|
|
233 |
'success' => true,
|
|
|
234 |
'data' => $link_admin
|
|
|
235 |
];
|
|
|
236 |
|
|
|
237 |
return new JsonModel($data);
|
|
|
238 |
|
|
|
239 |
} else {
|
|
|
240 |
$data = [
|
|
|
241 |
'success' => false,
|
|
|
242 |
'data' => 'ERROR_METHOD_NOT_ALLOWED'
|
|
|
243 |
];
|
|
|
244 |
|
|
|
245 |
return new JsonModel($data);
|
|
|
246 |
}
|
|
|
247 |
|
|
|
248 |
return new JsonModel($data);
|
|
|
249 |
|
|
|
250 |
|
|
|
251 |
}
|
|
|
252 |
|
|
|
253 |
|
|
|
254 |
}
|