eduVPN /
vpn-server-api
| @@ 104-121 (lines=18) @@ | ||
| 101 | /** |
|
| 102 | * @return string|null |
|
| 103 | */ |
|
| 104 | public function getVootToken($userId) |
|
| 105 | { |
|
| 106 | $this->addUser($userId); |
|
| 107 | $stmt = $this->db->prepare( |
|
| 108 | <<< 'SQL' |
|
| 109 | SELECT |
|
| 110 | voot_token |
|
| 111 | FROM |
|
| 112 | users |
|
| 113 | WHERE |
|
| 114 | user_id = :user_id |
|
| 115 | SQL |
|
| 116 | ); |
|
| 117 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 118 | $stmt->execute(); |
|
| 119 | ||
| 120 | return $stmt->fetchColumn(); |
|
| 121 | } |
|
| 122 | ||
| 123 | public function setVootToken($userId, $vootToken) |
|
| 124 | { |
|
| @@ 123-140 (lines=18) @@ | ||
| 120 | return $stmt->fetchColumn(); |
|
| 121 | } |
|
| 122 | ||
| 123 | public function setVootToken($userId, $vootToken) |
|
| 124 | { |
|
| 125 | $this->addUser($userId); |
|
| 126 | $stmt = $this->db->prepare( |
|
| 127 | <<< 'SQL' |
|
| 128 | UPDATE |
|
| 129 | users |
|
| 130 | SET |
|
| 131 | voot_token = :voot_token |
|
| 132 | WHERE |
|
| 133 | user_id = :user_id |
|
| 134 | SQL |
|
| 135 | ); |
|
| 136 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 137 | $stmt->bindValue(':voot_token', $vootToken, PDO::PARAM_STR); |
|
| 138 | ||
| 139 | $stmt->execute(); |
|
| 140 | } |
|
| 141 | ||
| 142 | /** |
|
| 143 | * @return bool |
|
| @@ 145-162 (lines=18) @@ | ||
| 142 | /** |
|
| 143 | * @return bool |
|
| 144 | */ |
|
| 145 | public function hasVootToken($userId) |
|
| 146 | { |
|
| 147 | $this->addUser($userId); |
|
| 148 | $stmt = $this->db->prepare( |
|
| 149 | <<< 'SQL' |
|
| 150 | SELECT |
|
| 151 | voot_token |
|
| 152 | FROM |
|
| 153 | users |
|
| 154 | WHERE |
|
| 155 | user_id = :user_id |
|
| 156 | SQL |
|
| 157 | ); |
|
| 158 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 159 | $stmt->execute(); |
|
| 160 | ||
| 161 | return !is_null($stmt->fetchColumn()); |
|
| 162 | } |
|
| 163 | ||
| 164 | public function deleteVootToken($userId) |
|
| 165 | { |
|
| @@ 207-224 (lines=18) @@ | ||
| 204 | /** |
|
| 205 | * @return string|null |
|
| 206 | */ |
|
| 207 | public function getTotpSecret($userId) |
|
| 208 | { |
|
| 209 | $this->addUser($userId); |
|
| 210 | $stmt = $this->db->prepare( |
|
| 211 | <<< 'SQL' |
|
| 212 | SELECT |
|
| 213 | totp_secret |
|
| 214 | FROM |
|
| 215 | users |
|
| 216 | WHERE |
|
| 217 | user_id = :user_id |
|
| 218 | SQL |
|
| 219 | ); |
|
| 220 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 221 | $stmt->execute(); |
|
| 222 | ||
| 223 | return $stmt->fetchColumn(); |
|
| 224 | } |
|
| 225 | ||
| 226 | public function setTotpSecret($userId, $totpSecret) |
|
| 227 | { |
|
| @@ 245-260 (lines=16) @@ | ||
| 242 | $stmt->execute(); |
|
| 243 | } |
|
| 244 | ||
| 245 | public function deleteTotpSecret($userId) |
|
| 246 | { |
|
| 247 | $this->addUser($userId); |
|
| 248 | $stmt = $this->db->prepare( |
|
| 249 | <<< 'SQL' |
|
| 250 | UPDATE |
|
| 251 | users |
|
| 252 | SET |
|
| 253 | totp_secret = NULL |
|
| 254 | WHERE |
|
| 255 | user_id = :user_id |
|
| 256 | SQL |
|
| 257 | ); |
|
| 258 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 259 | $stmt->execute(); |
|
| 260 | } |
|
| 261 | ||
| 262 | public function deleteUser($userId) |
|
| 263 | { |
|
| @@ 262-275 (lines=14) @@ | ||
| 259 | $stmt->execute(); |
|
| 260 | } |
|
| 261 | ||
| 262 | public function deleteUser($userId) |
|
| 263 | { |
|
| 264 | $this->addUser($userId); |
|
| 265 | $stmt = $this->db->prepare( |
|
| 266 | <<< 'SQL' |
|
| 267 | DELETE FROM |
|
| 268 | users |
|
| 269 | WHERE |
|
| 270 | user_id = :user_id |
|
| 271 | SQL |
|
| 272 | ); |
|
| 273 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 274 | $stmt->execute(); |
|
| 275 | } |
|
| 276 | ||
| 277 | public function addCertificate($userId, $commonName, $displayName, DateTime $validFrom, DateTime $validTo) |
|
| 278 | { |
|
| @@ 374-389 (lines=16) @@ | ||
| 371 | $stmt->execute(); |
|
| 372 | } |
|
| 373 | ||
| 374 | public function disableUser($userId) |
|
| 375 | { |
|
| 376 | $this->addUser($userId); |
|
| 377 | $stmt = $this->db->prepare( |
|
| 378 | <<< 'SQL' |
|
| 379 | UPDATE |
|
| 380 | users |
|
| 381 | SET |
|
| 382 | is_disabled = 1 |
|
| 383 | WHERE |
|
| 384 | user_id = :user_id |
|
| 385 | SQL |
|
| 386 | ); |
|
| 387 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 388 | $stmt->execute(); |
|
| 389 | } |
|
| 390 | ||
| 391 | public function enableUser($userId) |
|
| 392 | { |
|
| @@ 391-406 (lines=16) @@ | ||
| 388 | $stmt->execute(); |
|
| 389 | } |
|
| 390 | ||
| 391 | public function enableUser($userId) |
|
| 392 | { |
|
| 393 | $this->addUser($userId); |
|
| 394 | $stmt = $this->db->prepare( |
|
| 395 | <<< 'SQL' |
|
| 396 | UPDATE |
|
| 397 | users |
|
| 398 | SET |
|
| 399 | is_disabled = 0 |
|
| 400 | WHERE |
|
| 401 | user_id = :user_id |
|
| 402 | SQL |
|
| 403 | ); |
|
| 404 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 405 | $stmt->execute(); |
|
| 406 | } |
|
| 407 | ||
| 408 | /** |
|
| 409 | * @return bool |
|
| @@ 411-428 (lines=18) @@ | ||
| 408 | /** |
|
| 409 | * @return bool |
|
| 410 | */ |
|
| 411 | public function isDisabledUser($userId) |
|
| 412 | { |
|
| 413 | $this->addUser($userId); |
|
| 414 | $stmt = $this->db->prepare( |
|
| 415 | <<< 'SQL' |
|
| 416 | SELECT |
|
| 417 | is_disabled |
|
| 418 | FROM |
|
| 419 | users |
|
| 420 | WHERE |
|
| 421 | user_id = :user_id |
|
| 422 | SQL |
|
| 423 | ); |
|
| 424 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 425 | $stmt->execute(); |
|
| 426 | ||
| 427 | return (bool) $stmt->fetchColumn(); |
|
| 428 | } |
|
| 429 | ||
| 430 | /** |
|
| 431 | * @return array |
|
| @@ 537-566 (lines=30) @@ | ||
| 534 | /** |
|
| 535 | * @return array|false |
|
| 536 | */ |
|
| 537 | public function getLogEntry($dateTimeUnix, $ipAddress) |
|
| 538 | { |
|
| 539 | $stmt = $this->db->prepare( |
|
| 540 | <<< 'SQL' |
|
| 541 | SELECT |
|
| 542 | user_id, |
|
| 543 | profile_id, |
|
| 544 | common_name, |
|
| 545 | ip4, |
|
| 546 | ip6, |
|
| 547 | connected_at, |
|
| 548 | disconnected_at |
|
| 549 | FROM |
|
| 550 | connection_log |
|
| 551 | WHERE |
|
| 552 | (ip4 = :ip_address OR ip6 = :ip_address) |
|
| 553 | AND |
|
| 554 | connected_at < :date_time_unix |
|
| 555 | AND |
|
| 556 | (disconnected_at > :date_time_unix OR disconnected_at IS NULL) |
|
| 557 | SQL |
|
| 558 | ); |
|
| 559 | $stmt->bindValue(':ip_address', $ipAddress, PDO::PARAM_STR); |
|
| 560 | $stmt->bindValue(':date_time_unix', $dateTimeUnix, PDO::PARAM_STR); |
|
| 561 | $stmt->execute(); |
|
| 562 | ||
| 563 | // XXX can this also contain multiple results? I don't think so, but |
|
| 564 | // make sure! |
|
| 565 | return $stmt->fetch(PDO::FETCH_ASSOC); |
|
| 566 | } |
|
| 567 | ||
| 568 | /** |
|
| 569 | * @return int |
|
| @@ 571-588 (lines=18) @@ | ||
| 568 | /** |
|
| 569 | * @return int |
|
| 570 | */ |
|
| 571 | public function getTotpAttemptCount($userId) |
|
| 572 | { |
|
| 573 | $this->addUser($userId); |
|
| 574 | $stmt = $this->db->prepare( |
|
| 575 | <<< 'SQL' |
|
| 576 | SELECT |
|
| 577 | COUNT(*) |
|
| 578 | FROM |
|
| 579 | totp_log |
|
| 580 | WHERE user_id = :user_id |
|
| 581 | SQL |
|
| 582 | ); |
|
| 583 | ||
| 584 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 585 | $stmt->execute(); |
|
| 586 | ||
| 587 | return (int) $stmt->fetchColumn(); |
|
| 588 | } |
|
| 589 | ||
| 590 | /** |
|
| 591 | * @return bool true if recording succeeds, false if it cannot due to replay |
|
| @@ 725-745 (lines=21) @@ | ||
| 722 | /** |
|
| 723 | * @return array |
|
| 724 | */ |
|
| 725 | public function userMessages($userId) |
|
| 726 | { |
|
| 727 | $this->addUser($userId); |
|
| 728 | $stmt = $this->db->prepare( |
|
| 729 | <<< 'SQL' |
|
| 730 | SELECT |
|
| 731 | id, type, message, date_time |
|
| 732 | FROM |
|
| 733 | user_messages |
|
| 734 | WHERE |
|
| 735 | user_id = :user_id |
|
| 736 | ORDER BY |
|
| 737 | date_time DESC |
|
| 738 | SQL |
|
| 739 | ); |
|
| 740 | ||
| 741 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 742 | $stmt->execute(); |
|
| 743 | ||
| 744 | return $stmt->fetchAll(PDO::FETCH_ASSOC); |
|
| 745 | } |
|
| 746 | ||
| 747 | public function addUserMessage($userId, $type, $message) |
|
| 748 | { |
|
