Proyectos de Subversion LeadersLinked - Services

use Laminas\Authentication\AuthenticationService;

use Laminas\Authentication\AuthenticationService;

use Laminas\Authentication\Result as AuthResult;

use Laminas\Authentication\Result as AuthResult;

use Laminas\Mvc\Controller\AbstractActionController;

use Laminas\Mvc\Controller\AbstractActionController;

use Laminas\View\Model\JsonModel;

use Laminas\View\Model\JsonModel;

use LeadersLinked\Form\Auth\SigninForm;

use LeadersLinked\Form\Auth\SigninForm;

use LeadersLinked\Form\Auth\ResetPasswordForm;

use LeadersLinked\Form\Auth\ResetPasswordForm;

use LeadersLinked\Form\Auth\ForgotPasswordForm;

use LeadersLinked\Form\Auth\ForgotPasswordForm;

use LeadersLinked\Mapper\JwtTokenMapper;

use LeadersLinked\Mapper\JwtTokenMapper;

use Firebase\JWT\JWT;

use Firebase\JWT\JWT;

use Firebase\JWT\Key;

use Firebase\JWT\Key;

use LeadersLinked\Form\Auth\SigninDebugForm;

use LeadersLinked\Form\Auth\SigninDebugForm;

use LeadersLinked\Library\ExternalCredentials;

use LeadersLinked\Library\ExternalCredentials;

{

class AuthController extends AbstractActionController

    const _USE_S3 = false;

{

                $replace_main = false;

                $replace_main = false;

            } else {

            } else {

                $replace_main = true;

                $replace_main = true;

            }

            }

                $storage = Storage::getInstance($this->config);

                $storage = Storage::getInstance($this->config);

                $path = $storage->getPathNetwork();

                $path = $storage->getPathNetwork();

                if($currentNetwork->favico) {

                if($currentNetwork->favico) {

                    $favico_url = $storage->getGenericImage($path, $currentNetwork->uuid, $currentNetwork->favico);

                    $favico_url = $storage->getGenericImage($path, $currentNetwork->uuid, $currentNetwork->favico);

                } else {

                } else {

                    $logo_url = str_replace($currentNetwork->main_hostname, $currentNetwork->service_hostname, $logo_url);

                    $favico_url = '';

            ];

            ];

        }

        }

        return new JsonModel($response);

        return new JsonModel($response);

    public function onroomAction()

    public function onroomAction()

    {

    {

        $currentNetworkPlugin = $this->plugin('currentNetworkPlugin');

        $currentNetworkPlugin = $this->plugin('currentNetworkPlugin');

            $form = new  MoodleForm();

            $form = new  MoodleForm();

            $form->setData($dataPost);

            $form->setData($dataPost);

                $dataPost   = (array) $form->getData();

                $dataPost   = (array) $form->getData();

                $username   = $dataPost['username'];

                $username   = $dataPost['username'];

                $password   = $dataPost['password'];

                $password   = $dataPost['password'];

                $timestamp  = $dataPost['timestamp'];

                $timestamp  = $dataPost['timestamp'];

                $rand       = $dataPost['rand'];

                $rand       = $dataPost['rand'];

                $config_username    = $this->config['leaderslinked.moodle.username'];

                $config_username    = $this->config['leaderslinked.moodle.username'];

                $config_password    = $this->config['leaderslinked.moodle.password'];

                $config_password    = $this->config['leaderslinked.moodle.password'];

                $config_rsa_n       = $this->config['leaderslinked.moodle.rsa_n'];

                $config_rsa_n       = $this->config['leaderslinked.moodle.rsa_n'];

                $config_rsa_d       = $this->config['leaderslinked.moodle.rsa_d'];

                $config_rsa_d       = $this->config['leaderslinked.moodle.rsa_d'];

                if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {

                if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);

                    exit;

                    exit;

                if ($username != $config_username) {

                if ($username != $config_username) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);

                    exit;

                    exit;

                $dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);

                $dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);

                if (!$dt) {

                if (!$dt) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);

                    exit;

                    exit;

                $t0 = $dt->getTimestamp();

                $t0 = $dt->getTimestamp();

                $t1 = strtotime('-5 minutes');

                $t1 = strtotime('-5 minutes');

                if ($t0 < $t1 || $t0 > $t2) {

                if ($t0 < $t1 || $t0 > $t2) {

                    //echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;

                    //echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;

                    //exit;

                    //exit;

                if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {

                if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);

                    exit;

                    exit;

                if (empty($data)) {

                if (empty($data)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);

                    exit;

                    exit;

                $data = base64_decode($data);

                $data = base64_decode($data);

                if (empty($data)) {

                if (empty($data)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);

                    exit;

                    exit;

                try {

                try {

                    $rsa = Rsa::getInstance();

                    $rsa = Rsa::getInstance();

                    $data = $rsa->decrypt($data,  $config_rsa_d,  $config_rsa_n);

                    $data = $rsa->decrypt($data,  $config_rsa_d,  $config_rsa_n);

                } catch (\Throwable $e) {

                } catch (\Throwable $e) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);

                    exit;

                    exit;

                $data = (array) json_decode($data);

                $data = (array) json_decode($data);

                if (empty($data)) {

                if (empty($data)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);

                    exit;

                    exit;

                $email      = isset($data['email']) ? Functions::sanitizeFilterString($data['email']) : '';

                $email      = isset($data['email']) ? Functions::sanitizeFilterString($data['email']) : '';

                $first_name = isset($data['first_name']) ? Functions::sanitizeFilterString($data['first_name']) : '';

                $first_name = isset($data['first_name']) ? Functions::sanitizeFilterString($data['first_name']) : '';

                if (!filter_var($email, FILTER_VALIDATE_EMAIL) || empty($first_name) || empty($last_name)) {

                if (!filter_var($email, FILTER_VALIDATE_EMAIL) || empty($first_name) || empty($last_name)) {

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);

                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);

                    exit;

                    exit;

                $userMapper = UserMapper::getInstance($this->adapter);

                $userMapper = UserMapper::getInstance($this->adapter);

                $user = $userMapper->fetchOneByEmail($email);

                $user = $userMapper->fetchOneByEmail($email);

                    $user = new User();

                    $user = new User();

                    $user->network_id = $currentNetwork->id;

                    $user->network_id = $currentNetwork->id;

                    $user->blocked = User::BLOCKED_NO;

                    $user->blocked = User::BLOCKED_NO;

                    $user->email = $email;

                    $user->email = $email;

                    $user->login_attempt = 0;

                    $user->login_attempt = 0;

                    $user->password = '-NO-PASSWORD-';

                    $user->password = '-NO-PASSWORD-';

                    $user->usertype_id = UserType::USER;

                    $user->usertype_id = UserType::USER;

                    $user->status = User::STATUS_ACTIVE;

                    $user->status = User::STATUS_ACTIVE;

                    $user->show_in_search = User::SHOW_IN_SEARCH_YES;

                    $user->show_in_search = User::SHOW_IN_SEARCH_YES;

                    if ($userMapper->insert($user)) {

                    if ($userMapper->insert($user)) {

                        echo json_encode(['success' => false, 'data' => $userMapper->getError()]);

                        echo json_encode(['success' => false, 'data' => $userMapper->getError()]);

                        exit;

                        exit;

                    }

                    }

                    $filename   = trim(isset($data['avatar_filename']) ? filter_var($data['avatar_filename'], FILTER_SANITIZE_EMAIL) : '');

                    $filename   = trim(isset($data['avatar_filename']) ? filter_var($data['avatar_filename'], FILTER_SANITIZE_EMAIL) : '');

                    if ($filename && $content) {

                    if ($filename && $content) {

                        $source = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $filename;

                        $source = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $filename;

                        try {

                        try {

                            if (file_exists($source)) {

                            if (file_exists($source)) {

                                list($target_width, $target_height) = explode('x', $this->config['leaderslinked.image_sizes.user_size']);

                                list($target_width, $target_height) = explode('x', $this->config['leaderslinked.image_sizes.user_size']);

                                $target_filename    = 'user-' . uniqid() . '.png';

                                $target_filename    = 'user-' . uniqid() . '.png';

                                $crop_to_dimensions = true;

                                $crop_to_dimensions = true;

                                $target_path    = $image->getStorage()->getPathUser();

                                $target_path    = $image->getStorage()->getPathUser();

                                $unlink_source  = true;

                                $unlink_source  = true;

                                if (!$image->uploadImageChangeSize($source, $target_path, $user->uuid, $target_filename, $target_width, $target_height, $crop_to_dimensions, $unlink_source)) {

                                if (!$image->uploadImageChangeSize($source, $target_path, $user->uuid, $target_filename, $target_width, $target_height, $crop_to_dimensions, $unlink_source)) {

                                    return new JsonModel([

                                    return new JsonModel([

                                        'data'   =>  'ERROR_THERE_WAS_AN_ERROR'

                                        'data'   =>  'ERROR_THERE_WAS_AN_ERROR'

                                    ]);

                                    ]);

                                }

                                }

                                $user->image = $target_filename;

                                $user->image = $target_filename;

                                unlink($source);

                                unlink($source);

                            }

                            }

                        }

                        }

                    }

                    }

                }

                }

                $auth = new AuthEmailAdapter($this->adapter);

                $auth = new AuthEmailAdapter($this->adapter);

                $auth->setData($email);

                $auth->setData($email);

                $result = $auth->authenticate();

                $result = $auth->authenticate();

                if ($result->getCode() == AuthResult::SUCCESS) {

                if ($result->getCode() == AuthResult::SUCCESS) {

                    return $this->redirect()->toRoute('dashboard');

                    return $this->redirect()->toRoute('dashboard');

                } else {

                } else {

                    $message = $result->getMessages()[0];

                    $message = $result->getMessages()[0];

                        'ERROR_USER_NOT_FOUND', 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED', 'ERROR_USER_IS_BLOCKED',

                        'ERROR_USER_NOT_FOUND', 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED', 'ERROR_USER_IS_BLOCKED',

                        'ERROR_USER_IS_INACTIVE', 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED', 'ERROR_ENTERED_PASS_INCORRECT_2',

                        'ERROR_USER_IS_INACTIVE', 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED', 'ERROR_ENTERED_PASS_INCORRECT_2',

                        'ERROR_ENTERED_PASS_INCORRECT_1'

                        'ERROR_ENTERED_PASS_INCORRECT_1'

                    ])) {

                    ])) {

                    }

                    }

                    switch ($message) {

                    switch ($message) {

                        case 'ERROR_USER_NOT_FOUND':

                        case 'ERROR_USER_NOT_FOUND':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no existe', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no existe', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED':

                        case 'ERROR_USER_EMAIL_HASNT_BEEN_VARIFIED':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no verificado', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Email no verificado', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_USER_IS_BLOCKED':

                        case 'ERROR_USER_IS_BLOCKED':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario bloqueado', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario bloqueado', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_USER_IS_INACTIVE':

                        case 'ERROR_USER_IS_INACTIVE':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario inactivo', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Usuario inactivo', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED':

                        case 'ERROR_ENTERED_PASS_INCORRECT_USER_IS_BLOCKED':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 3er Intento Usuario bloqueado', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 3er Intento Usuario bloqueado', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_ENTERED_PASS_INCORRECT_2':

                        case 'ERROR_ENTERED_PASS_INCORRECT_2':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 1er Intento', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 1er Intento', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        case 'ERROR_ENTERED_PASS_INCORRECT_1':

                        case 'ERROR_ENTERED_PASS_INCORRECT_1':

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 2do Intento', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - 2do Intento', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                        default:

                        default:

                            $message = 'ERROR_UNKNOWN';

                            $message = 'ERROR_UNKNOWN';

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Error desconocido', ['ip' => Functions::getUserIP()]);

                            $this->logger->err('Error de ingreso a LeadersLinked de ' . $email . ' - Error desconocido', ['ip' => Functions::getUserIP()]);

                            break;

                            break;

                    }

                    }

                    return new JsonModel([

                    return new JsonModel([

                        'success'   => false,

                        'success'   => false,

                        'data'   => $message

                        'data'   => $message

                    ]);

                    ]);

                }

                }

            } else {

            } else {

                $messages = [];

                $messages = [];