Proyectos de Subversion LeadersLinked - Backend

Rev

Ir a la última revisión | Autoría | Comparar con el anterior | Ultima modificación | Ver Log | 

<?php

declare(strict_types=1);

namespace LeadersLinked\Authentication;

use Laminas\Authentication\Adapter\AdapterInterface as AuthAdapterInterface; 
use Laminas\Authentication\Result;
use Laminas\Db\Adapter\AdapterInterface;
use Laminas\Log\LoggerInterface;
use LeadersLinked\Model\User;
use LeadersLinked\Mapper\UserMapper;
use LeadersLinked\Library\Functions;
use LeadersLinked\Mapper\DeviceMapper;
use LeadersLinked\Mapper\DeviceHistoryMapper;
use LeadersLinked\Model\DeviceHistory;
use LeadersLinked\Model\UserType;
use LeadersLinked\Mapper\CompanyMapper;
use LeadersLinked\Model\Company;
use LeadersLinked\Mapper\CompanyUserMapper;
use LeadersLinked\Model\CompanyUser;


class AuthOneTimePasswordAdapter implements AuthAdapterInterface
{
    /**
     *
     * @var AdapterInterface
     */
    private $adapter;
    
    /**
     * 
     * @var array
     */
    private $config;

    /**
     * 
     * @var string
     */
    private $user_uuid;
    
    /**
     *
     * @var string
     */
    private $password;
    
    /**
     * 
     * @var string
     */
    private $timestamp;
    
    
    /**
     * 
     * @var int
     */
    private $rand;
    
    
    /**
     * 
     * @var string
     */
    private $company_uuid;
    
    
    /**
     * 
     * @var int
     */
    private $usertype_id;

    /**
     * 
     * @param AdapterInterface $adapter
     * @param array $config
     */
    public function __construct(AdapterInterface $adapter, $config)
    {
        $this->adapter = $adapter; 
        $this->config = $config;
    }

    /**
     * 
     * @param string $user_uuid
     * @param string $token
     * @param string $timestamp
     * @param int $rand
     */
    public function setDataAdmin($user_uuid, $password, $timestamp, $rand)
    {
        $this->user_uuid    = $user_uuid;
        $this->password     = $password;
        $this->timestamp    = $timestamp;
        $this->rand         = $rand;
        $this->usertype_id  = UserType::ADMIN;
    }
    
    /**
     *
     * @param string $user_uuid
     * @param string $token
     * @param string $timestamp
     * @param int $rand
     * @param string company_uuid
     */
    public function setDataCompany($user_uuid, $password, $timestamp, $rand, $company_uuid)
    {
        $this->user_uuid    = $user_uuid;
        $this->password     = $password;
        $this->timestamp    = $timestamp;
        $this->rand         = $rand;
        $this->usertype_id  = UserType::COMPANY;
        $this->company_uuid = $company_uuid;
    }
    
    
    
    /**
     * 
     * {@inheritDoc}
     * @see \Laminas\Authentication\Adapter\AdapterInterface::authenticate()
     */
    public function authenticate()
    {
        $userMapper = UserMapper::getInstance($this->adapter);
        $user = $userMapper->fetchOneByUuid($this->user_uuid);
        
        if(!$user) {
            return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_USER_NOT_FOUND']);
        }

        if(User::BLOCKED_YES == $user->blocked) {
            return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_USER_IS_BLOCKED']);
        }
        
        if(User::STATUS_INACTIVE == $user->status) {
            return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_USER_IS_INACTIVE']);
        } 
        
        $company = null;
        if($this->usertype_id == UserType::COMPANY) {
            
            
            $companyMapper = CompanyMapper::getInstance($this->adapter);
            $company = $companyMapper->fetchOneByUuid($this->company_uuid);
            
            if(!$company) {
                return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_COMPANY_NOT_FOUND']);
            }
            
            if($company->status != Company::STATUS_PENDING && $company->status != Company::STATUS_ACTIVE) {
                return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_COMPANY_IS_INACTIVE']);
            }
            
            
            $companyUserMapper = CompanyUserMapper::getInstance($this->adapter);
            $companyUser = $companyUserMapper->fetchOneByCompanyIdAndUserId($company->id, $user->id);
            
            
            if(!$companyUser || !in_array($companyUser->status, [CompanyUser::STATUS_ACCEPTED, CompanyUser::STATUS_ADMIN_WILL_ADD]) || !$companyUser->backend) {
                return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_UNAUTHORIZED']);
            }
            
        }
        

        $dt = \DateTimeImmutable::createFromFormat('Y-m-d\TH:i:s',gmdate('Y-m-d\TH:i:s'));
        $t1 = $dt->sub(new \DateInterval('PT5M'));
        $t1 = $t1->getTimestamp();
        
        $t2 = $dt->add(new \DateInterval('PT5M'));
        $t2 = $t2->getTimestamp();


        if($this->timestamp < $t1 || $this->timestamp > $t2) {
            return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_WEBSERVICE_TIMESTAMP']);
        }
        
        $sandbox = $this->config['leaderslinked.runmode.sandbox'];
        if($sandbox) {
            $salt = $this->config['leaderslinked.backend.sandbox_salt'];
        } else {
            $salt = $this->config['leaderslinked.backend.production_salt'];
        }

        
        $passworVerification = md5($user->one_time_password . '-' . $this->rand . '-' . $this->timestamp . '-' . $salt);
        if($this->password != $passworVerification) 
        {
            return new Result(Result::FAILURE_UNCATEGORIZED, null, ['ERROR_WEBSERVICE_PASSWORD']);
        } else {
            $userMapper->update($user);
        }
                        
        $data = [
            'user_id' => $user->id,
            'company_id' => $company ? $company->id : 0,
        ];
                        
        return new Result(Result::SUCCESS, $data, []);
    }
}