WebSVN – LeadersLinked - Services – Diff – /module/LeadersLinked/src/Controller/AuthController.php



                $config_password    = $this->config['leaderslinked.moodle.password'];
                $config_rsa_n       = $this->config['leaderslinked.moodle.rsa_n'];
                $config_rsa_d       = $this->config['leaderslinked.moodle.rsa_d'];
                //$config_rsa_e       = $this->config['leaderslinked.moodle.rsa_e'];

 
 
 
 
                if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {
                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);
                    exit;

                
                $t0 = $dt->getTimestamp();
                $t1 = $dtMin->getTimestamp();
                $t2 = $dtMax->getTimestamp();
                if ($t0 < $t1 || $t0 > $t2) {
                    echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;
                    exit;

                }
 
                if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {

                if (empty($data)) {
                    echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);
                    exit;
                }

 
 
                try {
                    $rsa = Rsa::getInstance();
                    $data = $rsa->decrypt($data,  $config_rsa_d,  $config_rsa_n);
                } catch (\Throwable $e) {

                    $user->login_attempt = 0;
                    $user->password = password_hash($password, PASSWORD_DEFAULT);
                    $user->usertype_id = UserType::USER;
                    $user->status = User::STATUS_ACTIVE;
                    $user->show_in_search = User::SHOW_IN_SEARCH_YES;
 

 
                    if ($userMapper->insert($user)) {
                        echo json_encode(['success' => false, 'data' => $userMapper->getError()]);
                        exit;

Rev 291	Rev 301
Línea 1911...	Línea 1911...
1911	`$config_password = $this->config['leaderslinked.moodle.password'];`	1911	`$config_password = $this->config['leaderslinked.moodle.password'];`
1912	`$config_rsa_n = $this->config['leaderslinked.moodle.rsa_n'];`	1912	`$config_rsa_n = $this->config['leaderslinked.moodle.rsa_n'];`
1913	`$config_rsa_d = $this->config['leaderslinked.moodle.rsa_d'];`	1913	`$config_rsa_d = $this->config['leaderslinked.moodle.rsa_d'];`
1914	`//$config_rsa_e = $this->config['leaderslinked.moodle.rsa_e'];`	1914	`//$config_rsa_e = $this->config['leaderslinked.moodle.rsa_e'];`
Línea 1915...	Línea -...
1915		-
1916		-
1917		-
1918		1915
1919	`if (empty($username) \|\| empty($password) \|\| empty($timestamp) \|\| empty($rand) \|\| !is_integer($rand)) {`	1916	`if (empty($username) \|\| empty($password) \|\| empty($timestamp) \|\| empty($rand) \|\| !is_integer($rand)) {`
1920	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);`	1917	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);`
1921	`exit;`	1918	`exit;`
Línea 1939...	Línea 1936...
1939		1936
1940	`$t0 = $dt->getTimestamp();`	1937	`$t0 = $dt->getTimestamp();`
1941	`$t1 = $dtMin->getTimestamp();`	1938	`$t1 = $dtMin->getTimestamp();`
1942	`$t2 = $dtMax->getTimestamp();`	1939	`$t2 = $dtMax->getTimestamp();`
1943	`if ($t0 < $t1 \|\| $t0 > $t2) {`	1940	`if ($t0 < $t1 \|\| $t0 > $t2) {`
1944	`//echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;`	1941	`echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;`
1945	`//exit;`	1942	`exit;`
Línea 1946...	Línea 1943...
1946	`}`	1943	`}`
1947		1944
1948	`if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {`	1945	`if (!password_verify($username . '-' . $config_password . '-' . $rand . '-' . $timestamp, $password)) {`
Línea 1959...	Línea 1956...
1959	`if (empty($data)) {`	1956	`if (empty($data)) {`
1960	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);`	1957	`echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);`
1961	`exit;`	1958	`exit;`
1962	`}`	1959	`}`
Línea 1963...	Línea -...
1963		-
1964		1960
1965	`try {`	1961	`try {`
1966	`$rsa = Rsa::getInstance();`	1962	`$rsa = Rsa::getInstance();`
1967	`$data = $rsa->decrypt($data, $config_rsa_d, $config_rsa_n);`	1963	`$data = $rsa->decrypt($data, $config_rsa_d, $config_rsa_n);`
1968	`} catch (\Throwable $e) {`	1964	`} catch (\Throwable $e) {`
Línea 2000...	Línea 1996...
2000	`$user->login_attempt = 0;`	1996	`$user->login_attempt = 0;`
2001	`$user->password = password_hash($password, PASSWORD_DEFAULT);`	1997	`$user->password = password_hash($password, PASSWORD_DEFAULT);`
2002	`$user->usertype_id = UserType::USER;`	1998	`$user->usertype_id = UserType::USER;`
2003	`$user->status = User::STATUS_ACTIVE;`	1999	`$user->status = User::STATUS_ACTIVE;`
2004	`$user->show_in_search = User::SHOW_IN_SEARCH_YES;`	2000	`$user->show_in_search = User::SHOW_IN_SEARCH_YES;`
2005		-
Línea 2006...	Línea 2001...
2006		2001
2007	`if ($userMapper->insert($user)) {`	2002	`if ($userMapper->insert($user)) {`
2008	`echo json_encode(['success' => false, 'data' => $userMapper->getError()]);`	2003	`echo json_encode(['success' => false, 'data' => $userMapper->getError()]);`
2009	`exit;`	2004	`exit;`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Controller/AuthController.php – Rev 291 → 301