2024-10-17 16:47:04 +03:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace kernel\modules\secure\controllers;
|
|
|
|
|
|
2024-10-18 13:45:18 +03:00
|
|
|
use Firebase\JWT\JWT;
|
|
|
|
|
use Firebase\JWT\Key;
|
2024-10-17 16:47:04 +03:00
|
|
|
use JetBrains\PhpStorm\NoReturn;
|
2024-10-22 16:40:40 +03:00
|
|
|
use kernel\App;
|
2024-10-17 16:47:04 +03:00
|
|
|
use kernel\helpers\Debug;
|
2024-12-09 13:46:10 +03:00
|
|
|
use kernel\Mailing;
|
|
|
|
|
use kernel\modules\secure\models\SecretCode;
|
|
|
|
|
use kernel\modules\secure\services\SecureService;
|
2024-10-17 16:47:04 +03:00
|
|
|
use kernel\modules\user\models\User;
|
2024-12-09 13:46:10 +03:00
|
|
|
use kernel\modules\user\service\UserService;
|
2024-10-17 16:47:04 +03:00
|
|
|
use kernel\Request;
|
|
|
|
|
use kernel\RestController;
|
2024-10-22 16:40:40 +03:00
|
|
|
use kernel\services\TokenService;
|
2024-12-09 13:46:10 +03:00
|
|
|
use PHPMailer\PHPMailer\Exception;
|
2024-10-23 11:38:53 +03:00
|
|
|
use Random\RandomException;
|
2024-10-17 16:47:04 +03:00
|
|
|
|
|
|
|
|
class SecureRestController extends RestController
|
|
|
|
|
{
|
|
|
|
|
public function __construct()
|
|
|
|
|
{
|
|
|
|
|
$this->model = new User();
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-23 11:38:53 +03:00
|
|
|
/**
|
|
|
|
|
* @throws RandomException
|
|
|
|
|
*/
|
2024-10-17 16:47:04 +03:00
|
|
|
#[NoReturn] public function actionAuth(): void
|
|
|
|
|
{
|
|
|
|
|
$request = new Request();
|
|
|
|
|
$data = $request->post();
|
2024-10-18 13:45:18 +03:00
|
|
|
$model = $this->model->where('username', $data['username'])->first();
|
|
|
|
|
$res = [];
|
|
|
|
|
if ($model) {
|
|
|
|
|
if (password_verify($data["password"], $model->password_hash)) {
|
2024-12-13 17:29:36 +03:00
|
|
|
if ($model->access_token_expires_at < date("Y-m-d H:i:s") or $model->access_token === null){
|
|
|
|
|
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
|
|
|
|
$model->access_token = match (App::$secure['token_type']) {
|
|
|
|
|
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
|
|
|
|
|
"md5" => TokenService::md5(),
|
|
|
|
|
"crypt" => TokenService::crypt(),
|
|
|
|
|
"hash" => TokenService::hash('sha256'),
|
|
|
|
|
default => TokenService::random_bytes(20),
|
|
|
|
|
};
|
|
|
|
|
}
|
2024-10-18 13:45:18 +03:00
|
|
|
|
|
|
|
|
$res = [
|
2024-10-21 15:56:51 +03:00
|
|
|
"access_token" => $model->access_token,
|
|
|
|
|
"access_token_expires_at" => $model->access_token_expires_at,
|
2024-10-18 13:45:18 +03:00
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
$model->save();
|
2024-10-17 16:47:04 +03:00
|
|
|
}
|
2024-10-18 13:45:18 +03:00
|
|
|
|
|
|
|
|
$this->renderApi($res);
|
2024-10-17 16:47:04 +03:00
|
|
|
}
|
2024-10-23 15:03:06 +03:00
|
|
|
|
2024-12-09 13:46:10 +03:00
|
|
|
/**
|
|
|
|
|
* @throws Exception
|
|
|
|
|
* @throws RandomException
|
|
|
|
|
*/
|
|
|
|
|
#[NoReturn] public function actionEmailAuth(): void
|
|
|
|
|
{
|
|
|
|
|
$mailing = new Mailing();
|
|
|
|
|
$request = new Request();
|
|
|
|
|
$data = $request->post();
|
|
|
|
|
$model = $this->model->where('email', $data['email'])->first();
|
|
|
|
|
|
|
|
|
|
if (!$model) {
|
|
|
|
|
$password = bin2hex(random_bytes(8));
|
|
|
|
|
|
|
|
|
|
UserService::createUserByEmailAndPassword($data['email'], $password);
|
|
|
|
|
$model = UserService::getByField('email', $data['email']);
|
|
|
|
|
|
|
|
|
|
SecureService::createSecretCode($model);
|
|
|
|
|
$secretCode = SecureService::getByField("user_id", $model->id);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
|
|
|
|
|
'address' => $data['email'],
|
|
|
|
|
'subject' => "Код регистрации",
|
|
|
|
|
"from_name" => $_ENV['APP_NAME']
|
|
|
|
|
]);
|
|
|
|
|
} else {
|
|
|
|
|
SecureService::updateSecretCode($model);
|
|
|
|
|
$secretCode = SecureService::getByField("user_id", $model->id);
|
|
|
|
|
|
|
|
|
|
$mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
|
|
|
|
|
'address' => $data['email'],
|
|
|
|
|
'subject' => "Код авторизации",
|
|
|
|
|
"from_name" => $_ENV['APP_NAME']
|
|
|
|
|
]);
|
|
|
|
|
}
|
2024-12-09 14:45:44 +03:00
|
|
|
|
|
|
|
|
$res = [
|
2024-12-09 16:14:43 +03:00
|
|
|
"status" => "success",
|
2024-12-09 14:45:44 +03:00
|
|
|
"code_expires_at" => $secretCode->code_expires_at,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
|
|
|
|
|
$this->renderApi($res);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @throws Exception
|
|
|
|
|
*/
|
2024-12-09 16:14:43 +03:00
|
|
|
#[NoReturn] public function actionCodeCheck(): void
|
2024-12-09 14:45:44 +03:00
|
|
|
{
|
|
|
|
|
$request = new Request();
|
2024-12-09 16:14:43 +03:00
|
|
|
$code = $request->post("code");
|
|
|
|
|
|
|
|
|
|
$model = SecretCode::where("code", $code)->first();
|
|
|
|
|
if (time() <= strtotime($model->code_expires_at)) {
|
|
|
|
|
$user = $this->model->where("id", $model->user_id)->first();
|
|
|
|
|
if ($user){
|
|
|
|
|
$user->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
|
|
|
|
$user->access_token = SecureService::generateAccessToken();
|
|
|
|
|
$user->save();
|
|
|
|
|
$this->renderApi([
|
|
|
|
|
"access_token" => $user->access_token,
|
|
|
|
|
"access_token_expires_at" => $user->access_token_expires_at,
|
|
|
|
|
]);
|
2024-12-09 14:45:44 +03:00
|
|
|
}
|
|
|
|
|
}
|
2024-12-09 16:14:43 +03:00
|
|
|
|
|
|
|
|
$this->renderApi(['status' => 'error', 'message' => 'incorrect code']);
|
2024-12-09 13:46:10 +03:00
|
|
|
}
|
2024-12-05 16:50:58 +03:00
|
|
|
|
2024-12-09 13:46:10 +03:00
|
|
|
}
|
