2020-06-14 20:15:53 +02:00
|
|
|
<?php namespace MapGuesser\Controller;
|
|
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
use DateTime;
|
2020-06-25 20:26:33 +02:00
|
|
|
use MapGuesser\Database\Query\Select;
|
2020-06-28 03:18:51 +02:00
|
|
|
use MapGuesser\Http\Request;
|
2020-06-14 21:04:20 +02:00
|
|
|
use MapGuesser\Interfaces\Authorization\ISecured;
|
2020-06-25 20:26:33 +02:00
|
|
|
use MapGuesser\Interfaces\Database\IResultSet;
|
2020-06-14 20:15:53 +02:00
|
|
|
use MapGuesser\Interfaces\Request\IRequest;
|
|
|
|
|
use MapGuesser\Interfaces\Response\IContent;
|
2020-06-28 03:18:51 +02:00
|
|
|
use MapGuesser\Interfaces\Response\IRedirect;
|
|
|
|
|
use MapGuesser\OAuth\GoogleOAuth;
|
2020-06-18 00:21:18 +02:00
|
|
|
use MapGuesser\PersistentData\PersistentDataManager;
|
|
|
|
|
use MapGuesser\PersistentData\Model\User;
|
2020-06-25 20:26:33 +02:00
|
|
|
use MapGuesser\PersistentData\Model\UserConfirmation;
|
|
|
|
|
use MapGuesser\Repository\UserConfirmationRepository;
|
2020-06-14 20:15:53 +02:00
|
|
|
use MapGuesser\Response\HtmlContent;
|
|
|
|
|
use MapGuesser\Response\JsonContent;
|
2020-06-28 03:18:51 +02:00
|
|
|
use MapGuesser\Response\Redirect;
|
|
|
|
|
use MapGuesser\Util\JwtParser;
|
2020-06-14 20:15:53 +02:00
|
|
|
|
2020-06-14 21:04:20 +02:00
|
|
|
class UserController implements ISecured
|
2020-06-14 20:15:53 +02:00
|
|
|
{
|
|
|
|
|
private IRequest $request;
|
|
|
|
|
|
2020-06-18 00:21:18 +02:00
|
|
|
private PersistentDataManager $pdm;
|
|
|
|
|
|
2020-06-25 20:26:33 +02:00
|
|
|
private UserConfirmationRepository $userConfirmationRepository;
|
|
|
|
|
|
2020-06-14 20:15:53 +02:00
|
|
|
public function __construct(IRequest $request)
|
|
|
|
|
{
|
|
|
|
|
$this->request = $request;
|
2020-06-18 00:21:18 +02:00
|
|
|
$this->pdm = new PersistentDataManager();
|
2020-06-25 20:26:33 +02:00
|
|
|
$this->userConfirmationRepository = new UserConfirmationRepository();
|
2020-06-14 20:15:53 +02:00
|
|
|
}
|
|
|
|
|
|
2020-06-14 21:04:20 +02:00
|
|
|
public function authorize(): bool
|
|
|
|
|
{
|
|
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
|
|
|
|
return $user !== null;
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-25 16:44:34 +02:00
|
|
|
public function getAccount(): IContent
|
2020-06-14 20:15:53 +02:00
|
|
|
{
|
2020-06-18 00:21:18 +02:00
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
2020-06-14 20:15:53 +02:00
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
|
|
|
|
$data = ['user' => $user->toArray()];
|
2020-06-25 20:26:33 +02:00
|
|
|
return new HtmlContent('account/account', $data);
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
public function getGoogleAuthenticateRedirect(): IRedirect
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
|
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
|
|
|
|
$state = bin2hex(random_bytes(16));
|
|
|
|
|
|
|
|
|
|
$this->request->session()->set('oauth_state', $state);
|
|
|
|
|
|
|
|
|
|
$oAuth = new GoogleOAuth(new Request());
|
|
|
|
|
|
|
|
|
|
$url = $oAuth->getDialogUrl(
|
|
|
|
|
$state,
|
|
|
|
|
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
|
|
|
|
|
$user->getEmail()
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return new Redirect($url, IRedirect::TEMPORARY);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function authenticateWithGoogle(): IContent
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
|
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
|
|
|
|
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
|
|
|
|
$data = ['success' => false];
|
|
|
|
|
return new HtmlContent('account/google_authenticate', $data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$oAuth = new GoogleOAuth(new Request());
|
|
|
|
|
$tokenData = $oAuth->getToken($this->request->query('code'), $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink());
|
|
|
|
|
|
|
|
|
|
if (!isset($tokenData['id_token'])) {
|
|
|
|
|
$data = ['success' => false];
|
|
|
|
|
return new HtmlContent('account/google_authenticate', $data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$jwtParser = new JwtParser($tokenData['id_token']);
|
|
|
|
|
$userData = $jwtParser->getPayload();
|
|
|
|
|
|
|
|
|
|
if ($userData['sub'] !== $user->getGoogleSub()) {
|
|
|
|
|
$data = ['success' => false, 'errorText' => 'This Google account is not linked to your account.'];
|
|
|
|
|
return new HtmlContent('account/google_authenticate', $data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$authenticatedWithGoogleUntil = new DateTime('+45 seconds');
|
|
|
|
|
$this->request->session()->set('authenticated_with_google_until', $authenticatedWithGoogleUntil);
|
|
|
|
|
|
|
|
|
|
$data = ['success' => true, 'authenticatedWithGoogleUntil' => $authenticatedWithGoogleUntil];
|
|
|
|
|
return new HtmlContent('account/google_authenticate', $data);
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-25 20:26:33 +02:00
|
|
|
public function getDeleteAccount(): IContent
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
|
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
|
|
|
|
$data = ['user' => $user->toArray()];
|
|
|
|
|
return new HtmlContent('account/delete', $data);
|
2020-06-14 20:15:53 +02:00
|
|
|
}
|
|
|
|
|
|
2020-06-25 16:44:34 +02:00
|
|
|
public function saveAccount(): IContent
|
2020-06-14 20:15:53 +02:00
|
|
|
{
|
2020-06-18 00:21:18 +02:00
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
2020-06-14 20:15:53 +02:00
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
if (!$this->confirmUserIdentity(
|
|
|
|
|
$user,
|
|
|
|
|
$this->request->session()->get('authenticated_with_google_until'),
|
|
|
|
|
$this->request->post('password'),
|
|
|
|
|
$error
|
|
|
|
|
)) {
|
|
|
|
|
$data = ['error' => ['errorText' => $error]];
|
2020-06-14 20:15:53 +02:00
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (strlen($this->request->post('password_new')) > 0) {
|
|
|
|
|
if (strlen($this->request->post('password_new')) < 6) {
|
2020-06-25 20:26:33 +02:00
|
|
|
$data = ['error' => ['errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!']];
|
2020-06-14 20:15:53 +02:00
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) {
|
2020-06-25 20:26:33 +02:00
|
|
|
$data = ['error' => ['errorText' => 'The given new passwords do not match.']];
|
2020-06-14 20:15:53 +02:00
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user->setPlainPassword($this->request->post('password_new'));
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-18 00:21:18 +02:00
|
|
|
$this->pdm->saveToDb($user);
|
2020-06-14 20:15:53 +02:00
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
$this->request->session()->delete('authenticated_with_google_until');
|
|
|
|
|
|
2020-06-14 20:15:53 +02:00
|
|
|
$data = ['success' => true];
|
|
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
2020-06-25 20:26:33 +02:00
|
|
|
|
|
|
|
|
public function deleteAccount(): IContent
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* @var User $user
|
|
|
|
|
*/
|
|
|
|
|
$user = $this->request->user();
|
|
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
if (!$this->confirmUserIdentity(
|
|
|
|
|
$user,
|
|
|
|
|
$this->request->session()->get('authenticated_with_google_until'),
|
|
|
|
|
$this->request->post('password'),
|
|
|
|
|
$error
|
|
|
|
|
)) {
|
|
|
|
|
$data = ['error' => ['errorText' => $error]];
|
2020-06-25 20:26:33 +02:00
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
\Container::$dbConnection->startTransaction();
|
|
|
|
|
|
|
|
|
|
foreach ($this->userConfirmationRepository->getByUser($user) as $userConfirmation) {
|
|
|
|
|
$this->pdm->deleteFromDb($userConfirmation);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->pdm->deleteFromDb($user);
|
|
|
|
|
|
|
|
|
|
\Container::$dbConnection->commit();
|
|
|
|
|
|
2020-06-28 03:18:51 +02:00
|
|
|
$this->request->session()->delete('authenticated_with_google_until');
|
|
|
|
|
|
2020-06-25 20:26:33 +02:00
|
|
|
$data = ['success' => true];
|
|
|
|
|
return new JsonContent($data);
|
|
|
|
|
}
|
2020-06-28 03:18:51 +02:00
|
|
|
|
|
|
|
|
private function confirmUserIdentity(User $user, ?DateTime $authenticatedWithGoogleUntil, ?string $password, &$error): bool
|
|
|
|
|
{
|
|
|
|
|
if ($authenticatedWithGoogleUntil !== null && $authenticatedWithGoogleUntil > new DateTime()) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($password !== null) {
|
|
|
|
|
if ($user->checkPassword($password)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$error = 'The given current password is wrong.';
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$error = 'Could not confirm your identity. Please try again!';
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2020-06-14 20:15:53 +02:00
|
|
|
}
|
