Created
November 27, 2017 08:31
-
-
Save jagroop/3ac5c454d106ee3934e944dccd6bd2e7 to your computer and use it in GitHub Desktop.
Auth bugs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
defined('BASEPATH') OR exit('No direct script access allowed'); | |
class Auth extends Rest_Controller { | |
/** | |
* Device types allowed in app | |
*/ | |
const DEVICE_TYPES = ['ios', 'android']; | |
/** | |
* User's default avatar. | |
*/ | |
const DEFAULT_AVATAR = 'avatar.png'; | |
/** | |
* Check if a specific device ID already exist or not | |
* @param string $deviceID device ID | |
* @return boolean | |
*/ | |
public function deviceIdAlreadyExsit($deviceID, $getUser = false) { | |
$user = $this->db->select('id')->get_where('users', ['device_id' => $deviceID])->row(); | |
if ($getUser === true) { | |
return (count($user) > 0) ? $user->id : null; | |
} | |
return (count($user) > 0) ? true : false; | |
} | |
/** | |
* Update User's DEvice ID | |
* @return [type] [description] | |
*/ | |
public function updateDeviceId() { | |
$this->validate($this->input->post(), [ | |
'user_id' => 'required|exist,users:id', | |
'device_id' => 'required', | |
]); | |
$deviceID = $this->input->post('device_id'); | |
$uid = $this->input->post('user_id'); | |
$userID = $this->deviceIdAlreadyExsit($deviceID, $getUser = true); | |
if ($userID) { | |
$this->db->update('users', ['device_id' => NULL], ['id' => $userID]); | |
//Notify User Via Push Notification | |
} | |
$update = $this->db->update('users', ['device_id' => $deviceID], ['id' => $uid]); | |
return ($update) ? $this->success(msg('device_id_updated')) : $this->error(msg('oops')); | |
} | |
/** | |
* Generate a random unique user Identification code | |
* @param integer $length Length of the code | |
* @return string Code | |
*/ | |
protected function generateVerificationCode($length = 7) { | |
$str = strtoupper(str_random($length)); | |
$row = $this->db->get_where('users', ['otp' => $str])->row(); | |
if (count($row) > 0) { | |
return $this->generateVerificationCode($length); | |
} | |
return $str; | |
} | |
/** | |
* Get User Data | |
* @param int $id User ID | |
* @return array | |
*/ | |
protected function getUser($id) { | |
$id = (int) $id; | |
$user = $this->db->get_where('users', ['id', $id])->row(); | |
if (!count($user)) { | |
return []; | |
} | |
$tmpData['user_id'] = (int) $user->id; | |
$tmpData['user_type'] = (int) $user->user_type; | |
$tmpData['first_name'] = (string) $user->first_name; | |
$tmpData['last_name'] = (string) $user->last_name; | |
$tmpData['created_at'] = (string) $user->created_at; | |
return $tmpData; | |
} | |
/** | |
* Update Device Details (device_type, device_token) | |
* @param [type] $uid [description] | |
* @param [type] $data [description] | |
* @return [type] [description] | |
*/ | |
public function updateDeviceDetails($uid, $data) { | |
$this->db->where('id', $uid); | |
return $this->db->update('users', $data); | |
} | |
/** | |
* Send Email Verification code to User | |
* @return JSON | |
*/ | |
public function sendVerificationCode() { | |
$this->validate($this->input->post(), [ | |
'email' => 'required|valid_email|unique,users:email', | |
]); | |
$email = trim($this->input->post('email')); | |
$this->load->model('user'); | |
if ($this->user->isVerified($email)) { | |
return $this->error(msg('already_verified')); | |
} | |
//Generate Unique Verification code | |
$code = $this->generateVerificationCode(); | |
//Send Verification code via Email | |
$this->load->library('mailer'); | |
$send = $this->mailer->send('verification_code', compact('code')) | |
->to($email) | |
->subject('Email Verification Code.') | |
->deliver(); | |
if ($send) { | |
//Save It in Database | |
$insert = $this->user->addVerificationCode($email, $code); | |
return ($insert) ? $this->success(msg('verification_code_sent'), ['verification_code' => $code]) : $this->error(msg('verification_code_err')); | |
} else { | |
return $this->error(msg('verification_code_err')); | |
} | |
} | |
/** | |
* Verify Email Verification code. | |
* @return Mixed | |
*/ | |
public function verifyCode() { | |
$this->validate($this->input->post(), [ | |
'email' => 'required|valid_email', | |
'code' => 'required', | |
]); | |
$code = (string) trim($this->input->post('code')); | |
$email = (string) trim($this->input->post('email')); | |
$user = $this->db->get_where('users', ['otp' => $code, 'email' => $email])->row(); | |
return (count($user)) ? $this->success(msg('valid_code'), ['code' => $code, 'email' => $user->email]) : $this->error(msg('invalid_code')); | |
} | |
/** | |
* Set user role | |
*/ | |
public function setUserType() { | |
$this->validate($this->input->post(), [ | |
'user_id' => 'required|exist,users:id', | |
'user_type' => 'required', | |
]); | |
$userID = (int) $this->input->post('user_id'); | |
$userType = (int) $this->input->post('user_type'); | |
$user = $this->db->get_where('users', ['id' => $userID, 'verified' => 1])->row(); | |
if (!count($user)) { | |
return $this->error(msg('user_404')); | |
} | |
//Set user type | |
$this->db->where('id', $user->id); | |
$update = $this->db->update('users', ['user_type' => $userType]); | |
return ($update) ? $this->success('Success!!') : $this->error('Error.'); | |
} | |
/** | |
* User registration. | |
* @return JSON | |
*/ | |
public function register() { | |
$this->validate($this->input->post(), [ | |
'first_name' => 'required', | |
'last_name' => 'required', | |
'password' => 'required|max_len,100|min_len,6', | |
'email' => 'required|valid_email', | |
'user_type' => 'required' | |
]); | |
$firstName = $this->input->post('first_name'); | |
$lastName = $this->input->post('last_name'); | |
$email = $this->input->post('email'); | |
$this->load->model('user'); | |
//Valid Email Verif. Code | |
$user = $this->db->get_where('users', ['email' => $email])->row(); | |
//Register User | |
$tmpData = [ | |
'first_name' => $this->input->post('first_name'), | |
'last_name' => $this->input->post('last_name'), | |
'email' => $this->input->post('email'), | |
'password' => sha1($this->input->post('password')), | |
'profile_pic' => 'avatar.png', | |
'verified' => 1, | |
'created_at' => date('Y-m-d H:i:s'), | |
]; | |
//Check user type | |
$user_type = $this->input->post('user_type'); | |
if($user_type == "admin") { | |
return $this->error(msg('user_type_not_exists')); | |
} | |
$tmpData['user_type'] = 2; | |
$deviceType = $this->input->post('device_type'); | |
$deviceToken = trim($this->input->post('device_token')); | |
if (in_array($deviceType, self::DEVICE_TYPES) && $deviceToken != "") { | |
$tmpData['device_type'] = $deviceType; | |
$tmpData['device_token'] = $deviceToken; | |
} | |
if(count($user)){ | |
return $this->error(msg('email_exists')); | |
} | |
$insert = $this->user->signUp($tmpData); | |
if ($insert) { | |
$response = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'user_type' => $user_type, | |
'user_id' => $insert | |
]; | |
} | |
return ($insert) ? $this->success(msg('signup_success'), $response) : $this->error(msg('signup_error')); | |
} | |
public function facebook() { | |
$this->validate($this->input->post(), [ | |
'facebook_id' => 'required', | |
'email' => 'required|valid_email', | |
'first_name' => 'required', | |
'last_name' => 'required', | |
'user_type' => 'required' | |
]); | |
//Facebook Login Registration | |
$fbID = (string) trim($this->input->post('facebook_id')); | |
$firstName = $this->input->post('first_name'); | |
$lastName = $this->input->post('last_name'); | |
$email = $this->input->post('email'); | |
$user_type = $this->input->post('user_type'); | |
$deviceType = $this->input->post('device_type'); | |
$deviceToken = trim($this->input->post('device_token')); | |
$user = $this->db->from('users') | |
->where('fb_id', $fbID) | |
->or_where('email', $email) | |
->get() | |
->row(); | |
$this->load->model('user'); | |
if (!count($user)) { | |
//Register User | |
$tmpData = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'fb_id' => $fbID, | |
// 'user_type' => 0, | |
'verified' => 1, | |
'created_at' => date('Y-m-d H:i:s'), | |
]; | |
if($user_type == "user") { | |
$tmpData['user_type'] = 2; | |
} | |
$insert = $this->user->socialSignUp($tmpData); | |
if ($insert) { | |
$response = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'user_type' => $user_type, | |
'user_id' => $insert | |
]; | |
} | |
return ($insert) ? $this->success(msg('signup_success'), $response) : $this->error(msg('signup_error')); | |
} elseif (count($user) > 0) { | |
$response['first_name'] = $user->first_name; | |
$response['last_name'] = $user->last_name; | |
$response['email'] = $user->email; | |
if($user->user_type == 2){ | |
$response['user_type'] = 'user'; | |
} | |
$response['user_id'] = (int) $user->id; | |
if ($user->email != "" && trim($user->fb_id) != "") { | |
//Login user | |
return $this->success(msg('login_success'), $response); | |
} elseif ($user->email != "" && trim($user->fb_id) == "") { | |
$this->db->where('id', $user->id); | |
$update = $this->db->update('users', ['fb_id' => $fbID]); | |
return $this->success(msg('signup_success'), $response); | |
} | |
} | |
return $this->error(msg('oops')); | |
} | |
public function google() { | |
$this->validate($this->input->post(), [ | |
'google_id' => 'required', | |
'email' => 'required|valid_email', | |
'first_name' => 'required', | |
'last_name' => 'required', | |
'password' => 'required', | |
'user_type' => 'required' | |
]); | |
//Google Login Registration | |
$googleID = (string) trim($this->input->post('google_id')); | |
$firstName = $this->input->post('first_name'); | |
$lastName = $this->input->post('last_name'); | |
$email = $this->input->post('email'); | |
$password = sha1($this->input->post('password')); | |
$user_type = $this->input->post('user_type'); | |
$deviceType = $this->input->post('device_type'); | |
$deviceToken = trim($this->input->post('device_token')); | |
$user = $this->db->from('users') | |
->where('google_id', $googleID) | |
->or_where('email', $email) | |
->get() | |
->row(); | |
$this->load->model('user'); | |
if (!count($user)) { | |
//Register User | |
$tmpData = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
// 'user_type' => 0, | |
'email' => $email, | |
'password' => $password, | |
'google_id' => $googleID, | |
'verified' => 1, | |
'created_at' => date('Y-m-d H:i:s'), | |
]; | |
if($user_type == "user") { | |
$tmpData['user_type'] = 2; | |
} | |
$insert = $this->user->socialSignUp($tmpData); | |
if ($insert) { | |
$response = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'user_type' => $user_type, | |
'user_id' => $insert | |
]; | |
} | |
return ($insert) ? $this->success(msg('signup_success'), $response) : $this->error(msg('signup_error')); | |
} elseif (count($user) > 0) { | |
$response['first_name'] = $user->first_name; | |
$response['last_name'] = $user->last_name; | |
$response['email'] = $user->email; | |
if($user->user_type == 2){ | |
$response['user_type'] = 'user'; | |
} | |
$response['user_id'] = (int) $user->id; | |
if (in_array($deviceType, self::DEVICE_TYPES) && $deviceToken != "") { | |
$tmp['device_type'] = $deviceType; | |
$tmp['device_token'] = $deviceToken; | |
$this->updateDeviceDetails($user->id, $tmp); | |
} | |
if ($user->email != "" && trim($user->google_id) != "") { | |
//Login user | |
return $this->success(msg('login_success'), $response); | |
} elseif ($user->email != "" && trim($user->google_id) == "") { | |
$this->db->where('id', $user->id); | |
$update = $this->db->update('users', ['google_id' => $googleID]); | |
return $this->success(msg('signup_success'), $response); | |
} | |
} | |
return $this->error(msg('oops')); | |
} | |
public function linkedIn() { | |
$this->validate($this->input->post(), [ | |
'linkedin_id' => 'required', | |
'email' => 'required|valid_email', | |
'first_name' => 'required', | |
'last_name' => 'required', | |
'user_type' => 'required' | |
]); | |
//Google Login Registration | |
$linkedIn = (string) trim($this->input->post('linkedin_id')); | |
$firstName = $this->input->post('first_name'); | |
$lastName = $this->input->post('last_name'); | |
$email = $this->input->post('email'); | |
$user_type = $this->input->post('user_type'); | |
$deviceType = $this->input->post('device_type'); | |
$deviceToken = trim($this->input->post('device_token')); | |
$user = $this->db->from('users') | |
->where('linkedin_id', $linkedIn) | |
->or_where('email', $email) | |
->get() | |
->row(); | |
$this->load->model('user'); | |
if (!count($user)) { | |
//Register User | |
$tmpData = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'linkedin_id' => $linkedIn, | |
'verified' => 1, | |
'created_at' => date('Y-m-d H:i:s'), | |
]; | |
if($user_type == "user") { | |
$tmpData['user_type'] = 2; | |
} | |
$insert = $this->user->socialSignUp($tmpData); | |
if ($insert) { | |
$response = [ | |
'first_name' => $firstName, | |
'last_name' => $lastName, | |
'email' => $email, | |
'user_type' => $user_type, | |
'user_id' => $insert | |
]; | |
} | |
return ($insert) ? $this->success(msg('signup_success'), $response) : $this->error(msg('signup_error')); | |
} elseif (count($user) > 0) { | |
$response['first_name'] = $user->first_name; | |
$response['last_name'] = $user->last_name; | |
$response['email'] = $user->email; | |
if($user->user_type == 2){ | |
$response['user_type'] = 'user'; | |
} | |
$response['user_id'] = (int) $user->id; | |
if (in_array($deviceType, self::DEVICE_TYPES) && $deviceToken != "") { | |
$tmp['device_type'] = $deviceType; | |
$tmp['device_token'] = $deviceToken; | |
$this->updateDeviceDetails($user->id, $tmp); | |
} | |
if ($user->email != "" && trim($user->linkedin_id) != "") { | |
//Login user | |
return $this->success(msg('login_success'), $response); | |
} elseif ($user->email != "" && trim($user->linkedin_id) == "") { | |
$this->db->where('id', $user->id); | |
$update = $this->db->update('users', ['linkedin_id' => $linkedIn]); | |
return $this->success(msg('signup_success'), $response); | |
} | |
} | |
return $this->error(msg('oops')); | |
} | |
/** | |
* User login | |
* @return JSON | |
*/ | |
public function login() { | |
$this->validate($this->input->post(), [ | |
'email' => 'required', | |
'password' => 'required', | |
'user_type' => 'required' | |
]); | |
//User Login Check | |
$email = $this->input->post('email'); | |
$password = $this->input->post('password'); | |
$user_type = (string) $this->input->post('user_type'); | |
if($user_type == 'admin') { | |
$user_type = 1; | |
}else { | |
$user_type = 2; | |
} | |
$this->load->model('user'); | |
$user = $this->user->login($email, $password, $user_type); | |
$tmpData = []; | |
if (count($user) > 0) { | |
if ($this->user->isVerified($user->email) == false) { | |
return $this->error(msg('acc_not_verif')); | |
} | |
$tmpData['first_name'] = $user->first_name; | |
$tmpData['last_name'] = $user->last_name; | |
$tmpData['email'] = (string) $user->email; | |
if($user->user_type == 1) { | |
$tmpData['user_type'] = 'admin'; | |
}else { | |
$tmpData['user_type'] = 'user'; | |
} | |
$tmpData['user_id'] = (int) $user->id; | |
// $tmpData['created_at'] = (string) $user->created_at; | |
// $tmpData['profile_pic'] = base_url().'uploads/'.$user->profile_pic; | |
$deviceType = $this->input->post('device_type'); | |
$deviceToken = trim($this->input->post('device_token')); | |
if (in_array($deviceType, self::DEVICE_TYPES) && $deviceToken != "") { | |
$tmp['device_type'] = $deviceType; | |
$tmp['device_token'] = $deviceToken; | |
$this->updateDeviceDetails($user->id, $tmp); | |
} | |
} | |
return (count($user) > 0) ? $this->success(msg('login_success'), $tmpData) : $this->error(msg('login_error')); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment