|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352 |
- <?php
-
- /*
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- */
-
- class User {
-
- private $uid = null;
- private $username;
- private $email;
- private $realname;
- private $has2fa = false;
- private $exists = false;
-
- public function __construct(int $uid, string $username = "") {
- // Check if user exists
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "userexists",
- 'uid' => $uid
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK" && $resp['exists'] === true) {
- $this->exists = true;
- } else {
- $this->uid = $uid;
- $this->username = $username;
- $this->exists = false;
- }
-
- if ($this->exists) {
- // Get user info
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "userinfo",
- 'uid' => $uid
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- $this->uid = $resp['data']['uid'] * 1;
- $this->username = $resp['data']['username'];
- $this->email = $resp['data']['email'];
- $this->realname = $resp['data']['name'];
- } else {
- sendError("Login server error: " . $resp['msg']);
- }
- }
- }
-
- public static function byUsername(string $username): User {
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'username' => $username,
- 'action' => "userinfo"
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if (!isset($resp['status'])) {
- sendError("Login server error: " . $resp);
- }
- if ($resp['status'] == "OK") {
- return new self($resp['data']['uid'] * 1);
- } else {
- return new self(-1, $username);
- }
- }
-
- public function exists(): bool {
- return $this->exists;
- }
-
- public function has2fa(): bool {
- if (!$this->exists) {
- return false;
- }
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "hastotp",
- 'username' => $this->username
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return $resp['otp'] == true;
- } else {
- return false;
- }
- }
-
- function getUsername() {
- return $this->username;
- }
-
- function getUID() {
- return $this->uid;
- }
-
- function getEmail() {
- return $this->email;
- }
-
- function getName() {
- return $this->realname;
- }
-
- /**
- * Check the given plaintext password against the stored hash.
- * @param string $password
- * @return bool
- */
- function checkPassword(string $password): bool {
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "auth",
- 'username' => $this->username,
- 'password' => $password
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return true;
- } else {
- return false;
- }
- }
-
- function check2fa(string $code): bool {
- if (!$this->has2fa) {
- return true;
- }
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "verifytotp",
- 'username' => $this->username,
- 'code' => $code
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return $resp['valid'];
- } else {
- return false;
- }
- }
-
- /**
- * Check if the given username has the given permission (or admin access)
- * @global $database $database
- * @param string $code
- * @return boolean TRUE if the user has the permission (or admin access), else FALSE
- */
- function hasPermission(string $code): bool {
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "permission",
- 'username' => $this->username,
- 'code' => $code
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return $resp['has_permission'];
- } else {
- return false;
- }
- }
-
- /**
- * Get the account status.
- * @return \AccountStatus
- */
- function getStatus(): AccountStatus {
-
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "acctstatus",
- 'username' => $this->username
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- sendError("Login server error: " . $response->getBody());
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return AccountStatus::fromString($resp['account']);
- } else {
- return null;
- }
- }
-
- function sendAlertEmail(string $appname = SITE_TITLE) {
- $client = new GuzzleHttp\Client();
-
- $response = $client
- ->request('POST', PORTAL_API, [
- 'form_params' => [
- 'key' => PORTAL_KEY,
- 'action' => "alertemail",
- 'username' => $this->username,
- 'appname' => SITE_TITLE
- ]
- ]);
-
- if ($response->getStatusCode() > 299) {
- return "An unknown error occurred.";
- }
-
- $resp = json_decode($response->getBody(), TRUE);
- if ($resp['status'] == "OK") {
- return true;
- } else {
- return $resp['msg'];
- }
- }
-
- }
-
- class AccountStatus {
-
- const NORMAL = 1;
- const LOCKED_OR_DISABLED = 2;
- const CHANGE_PASSWORD = 3;
- const TERMINATED = 4;
- const ALERT_ON_ACCESS = 5;
-
- private $status;
-
- public function __construct(int $status) {
- $this->status = $status;
- }
-
- public static function fromString(string $status): AccountStatus {
- switch ($status) {
- case "NORMAL":
- return new self(self::NORMAL);
- case "LOCKED_OR_DISABLED":
- return new self(self::LOCKED_OR_DISABLED);
- case "CHANGE_PASSWORD":
- return new self(self::CHANGE_PASSWORD);
- case "TERMINATED":
- return new self(self::TERMINATED);
- case "ALERT_ON_ACCESS":
- return new self(self::ALERT_ON_ACCESS);
- default:
- return new self(0);
- }
- }
-
- /**
- * Get the account status/state as an integer.
- * @return int
- */
- public function get(): int {
- return $this->status;
- }
-
- /**
- * Get the account status/state as a string representation.
- * @return string
- */
- public function getString(): string {
- switch ($this->status) {
- case self::NORMAL:
- return "NORMAL";
- case self::LOCKED_OR_DISABLED:
- return "LOCKED_OR_DISABLED";
- case self::CHANGE_PASSWORD:
- return "CHANGE_PASSWORD";
- case self::TERMINATED:
- return "TERMINATED";
- case self::ALERT_ON_ACCESS:
- return "ALERT_ON_ACCESS";
- default:
- return "OTHER_" . $this->status;
- }
- }
-
- }
|