eduVPN /
vpn-server-api
| @@ 105-122 (lines=18) @@ | ||
| 102 | /** |
|
| 103 | * @return string|null |
|
| 104 | */ |
|
| 105 | public function getVootToken($userId) |
|
| 106 | { |
|
| 107 | $this->addUser($userId); |
|
| 108 | $stmt = $this->db->prepare( |
|
| 109 | <<< 'SQL' |
|
| 110 | SELECT |
|
| 111 | voot_token |
|
| 112 | FROM |
|
| 113 | users |
|
| 114 | WHERE |
|
| 115 | user_id = :user_id |
|
| 116 | SQL |
|
| 117 | ); |
|
| 118 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 119 | $stmt->execute(); |
|
| 120 | ||
| 121 | return $stmt->fetchColumn(); |
|
| 122 | } |
|
| 123 | ||
| 124 | public function setVootToken($userId, $vootToken) |
|
| 125 | { |
|
| @@ 124-141 (lines=18) @@ | ||
| 121 | return $stmt->fetchColumn(); |
|
| 122 | } |
|
| 123 | ||
| 124 | public function setVootToken($userId, $vootToken) |
|
| 125 | { |
|
| 126 | $this->addUser($userId); |
|
| 127 | $stmt = $this->db->prepare( |
|
| 128 | <<< 'SQL' |
|
| 129 | UPDATE |
|
| 130 | users |
|
| 131 | SET |
|
| 132 | voot_token = :voot_token |
|
| 133 | WHERE |
|
| 134 | user_id = :user_id |
|
| 135 | SQL |
|
| 136 | ); |
|
| 137 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 138 | $stmt->bindValue(':voot_token', $vootToken, PDO::PARAM_STR); |
|
| 139 | ||
| 140 | $stmt->execute(); |
|
| 141 | } |
|
| 142 | ||
| 143 | /** |
|
| 144 | * @return bool |
|
| @@ 146-163 (lines=18) @@ | ||
| 143 | /** |
|
| 144 | * @return bool |
|
| 145 | */ |
|
| 146 | public function hasVootToken($userId) |
|
| 147 | { |
|
| 148 | $this->addUser($userId); |
|
| 149 | $stmt = $this->db->prepare( |
|
| 150 | <<< 'SQL' |
|
| 151 | SELECT |
|
| 152 | voot_token |
|
| 153 | FROM |
|
| 154 | users |
|
| 155 | WHERE |
|
| 156 | user_id = :user_id |
|
| 157 | SQL |
|
| 158 | ); |
|
| 159 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 160 | $stmt->execute(); |
|
| 161 | ||
| 162 | return !is_null($stmt->fetchColumn()); |
|
| 163 | } |
|
| 164 | ||
| 165 | public function deleteVootToken($userId) |
|
| 166 | { |
|
| @@ 208-225 (lines=18) @@ | ||
| 205 | /** |
|
| 206 | * @return string|null |
|
| 207 | */ |
|
| 208 | public function getTotpSecret($userId) |
|
| 209 | { |
|
| 210 | $this->addUser($userId); |
|
| 211 | $stmt = $this->db->prepare( |
|
| 212 | <<< 'SQL' |
|
| 213 | SELECT |
|
| 214 | totp_secret |
|
| 215 | FROM |
|
| 216 | users |
|
| 217 | WHERE |
|
| 218 | user_id = :user_id |
|
| 219 | SQL |
|
| 220 | ); |
|
| 221 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 222 | $stmt->execute(); |
|
| 223 | ||
| 224 | return $stmt->fetchColumn(); |
|
| 225 | } |
|
| 226 | ||
| 227 | public function setTotpSecret($userId, $totpSecret) |
|
| 228 | { |
|
| @@ 246-261 (lines=16) @@ | ||
| 243 | $stmt->execute(); |
|
| 244 | } |
|
| 245 | ||
| 246 | public function deleteTotpSecret($userId) |
|
| 247 | { |
|
| 248 | $this->addUser($userId); |
|
| 249 | $stmt = $this->db->prepare( |
|
| 250 | <<< 'SQL' |
|
| 251 | UPDATE |
|
| 252 | users |
|
| 253 | SET |
|
| 254 | totp_secret = NULL |
|
| 255 | WHERE |
|
| 256 | user_id = :user_id |
|
| 257 | SQL |
|
| 258 | ); |
|
| 259 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 260 | $stmt->execute(); |
|
| 261 | } |
|
| 262 | ||
| 263 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 264 | { |
|
| @@ 186-203 (lines=18) @@ | ||
| 183 | /** |
|
| 184 | * @return bool |
|
| 185 | */ |
|
| 186 | public function hasTotpSecret($userId) |
|
| 187 | { |
|
| 188 | $this->addUser($userId); |
|
| 189 | $stmt = $this->db->prepare( |
|
| 190 | <<< 'SQL' |
|
| 191 | SELECT |
|
| 192 | totp_secret |
|
| 193 | FROM |
|
| 194 | users |
|
| 195 | WHERE |
|
| 196 | user_id = :user_id |
|
| 197 | SQL |
|
| 198 | ); |
|
| 199 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 200 | $stmt->execute(); |
|
| 201 | ||
| 202 | return !is_null($stmt->fetchColumn()); |
|
| 203 | } |
|
| 204 | ||
| 205 | /** |
|
| 206 | * @return string|null |
|
| @@ 227-244 (lines=18) @@ | ||
| 224 | return $stmt->fetchColumn(); |
|
| 225 | } |
|
| 226 | ||
| 227 | public function setTotpSecret($userId, $totpSecret) |
|
| 228 | { |
|
| 229 | $this->addUser($userId); |
|
| 230 | $stmt = $this->db->prepare( |
|
| 231 | <<< 'SQL' |
|
| 232 | UPDATE |
|
| 233 | users |
|
| 234 | SET |
|
| 235 | totp_secret = :totp_secret |
|
| 236 | WHERE |
|
| 237 | user_id = :user_id |
|
| 238 | SQL |
|
| 239 | ); |
|
| 240 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 241 | $stmt->bindValue(':totp_secret', $totpSecret, PDO::PARAM_STR); |
|
| 242 | ||
| 243 | $stmt->execute(); |
|
| 244 | } |
|
| 245 | ||
| 246 | public function deleteTotpSecret($userId) |
|
| 247 | { |
|
| @@ 263-280 (lines=18) @@ | ||
| 260 | $stmt->execute(); |
|
| 261 | } |
|
| 262 | ||
| 263 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 264 | { |
|
| 265 | $this->addUser($userId); |
|
| 266 | $stmt = $this->db->prepare( |
|
| 267 | <<< 'SQL' |
|
| 268 | UPDATE |
|
| 269 | users |
|
| 270 | SET |
|
| 271 | yubi_key_id = :yubi_key_id |
|
| 272 | WHERE |
|
| 273 | user_id = :user_id |
|
| 274 | SQL |
|
| 275 | ); |
|
| 276 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 277 | $stmt->bindValue(':yubi_key_id', $yubiKeyId, PDO::PARAM_STR); |
|
| 278 | ||
| 279 | $stmt->execute(); |
|
| 280 | } |
|
| 281 | ||
| 282 | /** |
|
| 283 | * @return bool |
|
| @@ 285-302 (lines=18) @@ | ||
| 282 | /** |
|
| 283 | * @return bool |
|
| 284 | */ |
|
| 285 | public function hasYubiKeyId($userId) |
|
| 286 | { |
|
| 287 | $this->addUser($userId); |
|
| 288 | $stmt = $this->db->prepare( |
|
| 289 | <<< 'SQL' |
|
| 290 | SELECT |
|
| 291 | yubi_key_id |
|
| 292 | FROM |
|
| 293 | users |
|
| 294 | WHERE |
|
| 295 | user_id = :user_id |
|
| 296 | SQL |
|
| 297 | ); |
|
| 298 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 299 | $stmt->execute(); |
|
| 300 | ||
| 301 | return !is_null($stmt->fetchColumn()); |
|
| 302 | } |
|
| 303 | ||
| 304 | /** |
|
| 305 | * @return string|null |
|
| @@ 307-324 (lines=18) @@ | ||
| 304 | /** |
|
| 305 | * @return string|null |
|
| 306 | */ |
|
| 307 | public function getYubiKeyId($userId) |
|
| 308 | { |
|
| 309 | $this->addUser($userId); |
|
| 310 | $stmt = $this->db->prepare( |
|
| 311 | <<< 'SQL' |
|
| 312 | SELECT |
|
| 313 | yubi_key_id |
|
| 314 | FROM |
|
| 315 | users |
|
| 316 | WHERE |
|
| 317 | user_id = :user_id |
|
| 318 | SQL |
|
| 319 | ); |
|
| 320 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 321 | $stmt->execute(); |
|
| 322 | ||
| 323 | return $stmt->fetchColumn(); |
|
| 324 | } |
|
| 325 | ||
| 326 | public function deleteYubiKeyId($userId) |
|
| 327 | { |
|
| @@ 326-339 (lines=14) @@ | ||
| 323 | return $stmt->fetchColumn(); |
|
| 324 | } |
|
| 325 | ||
| 326 | public function deleteYubiKeyId($userId) |
|
| 327 | { |
|
| 328 | $this->addUser($userId); |
|
| 329 | $stmt = $this->db->prepare( |
|
| 330 | <<< 'SQL' |
|
| 331 | UPDATE |
|
| 332 | users |
|
| 333 | SET |
|
| 334 | yubi_key_id = NULL |
|
| 335 | WHERE |
|
| 336 | user_id = :user_id |
|
| 337 | SQL |
|
| 338 | ); |
|
| 339 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 340 | $stmt->execute(); |
|
| 341 | } |
|
| 342 | ||
| @@ 343-358 (lines=16) @@ | ||
| 340 | $stmt->execute(); |
|
| 341 | } |
|
| 342 | ||
| 343 | public function deleteUser($userId) |
|
| 344 | { |
|
| 345 | $this->addUser($userId); |
|
| 346 | $stmt = $this->db->prepare( |
|
| 347 | <<< 'SQL' |
|
| 348 | DELETE FROM |
|
| 349 | users |
|
| 350 | WHERE |
|
| 351 | user_id = :user_id |
|
| 352 | SQL |
|
| 353 | ); |
|
| 354 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 355 | $stmt->execute(); |
|
| 356 | } |
|
| 357 | ||
| 358 | public function addCertificate($userId, $commonName, $displayName, DateTime $validFrom, DateTime $validTo) |
|
| 359 | { |
|
| 360 | $this->addUser($userId); |
|
| 361 | $stmt = $this->db->prepare( |
|
| @@ 455-470 (lines=16) @@ | ||
| 452 | $stmt->execute(); |
|
| 453 | } |
|
| 454 | ||
| 455 | public function disableUser($userId) |
|
| 456 | { |
|
| 457 | $this->addUser($userId); |
|
| 458 | $stmt = $this->db->prepare( |
|
| 459 | <<< 'SQL' |
|
| 460 | UPDATE |
|
| 461 | users |
|
| 462 | SET |
|
| 463 | is_disabled = 1 |
|
| 464 | WHERE |
|
| 465 | user_id = :user_id |
|
| 466 | SQL |
|
| 467 | ); |
|
| 468 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 469 | $stmt->execute(); |
|
| 470 | } |
|
| 471 | ||
| 472 | public function enableUser($userId) |
|
| 473 | { |
|
| @@ 492-509 (lines=18) @@ | ||
| 489 | /** |
|
| 490 | * @return bool |
|
| 491 | */ |
|
| 492 | public function isDisabledUser($userId) |
|
| 493 | { |
|
| 494 | $this->addUser($userId); |
|
| 495 | $stmt = $this->db->prepare( |
|
| 496 | <<< 'SQL' |
|
| 497 | SELECT |
|
| 498 | is_disabled |
|
| 499 | FROM |
|
| 500 | users |
|
| 501 | WHERE |
|
| 502 | user_id = :user_id |
|
| 503 | SQL |
|
| 504 | ); |
|
| 505 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 506 | $stmt->execute(); |
|
| 507 | ||
| 508 | return (bool) $stmt->fetchColumn(); |
|
| 509 | } |
|
| 510 | ||
| 511 | /** |
|
| 512 | * @return array |
|
| @@ 618-647 (lines=30) @@ | ||
| 615 | /** |
|
| 616 | * @return array|false |
|
| 617 | */ |
|
| 618 | public function getLogEntry($dateTimeUnix, $ipAddress) |
|
| 619 | { |
|
| 620 | $stmt = $this->db->prepare( |
|
| 621 | <<< 'SQL' |
|
| 622 | SELECT |
|
| 623 | user_id, |
|
| 624 | profile_id, |
|
| 625 | common_name, |
|
| 626 | ip4, |
|
| 627 | ip6, |
|
| 628 | connected_at, |
|
| 629 | disconnected_at |
|
| 630 | FROM |
|
| 631 | connection_log |
|
| 632 | WHERE |
|
| 633 | (ip4 = :ip_address OR ip6 = :ip_address) |
|
| 634 | AND |
|
| 635 | connected_at < :date_time_unix |
|
| 636 | AND |
|
| 637 | (disconnected_at > :date_time_unix OR disconnected_at IS NULL) |
|
| 638 | SQL |
|
| 639 | ); |
|
| 640 | $stmt->bindValue(':ip_address', $ipAddress, PDO::PARAM_STR); |
|
| 641 | $stmt->bindValue(':date_time_unix', $dateTimeUnix, PDO::PARAM_STR); |
|
| 642 | $stmt->execute(); |
|
| 643 | ||
| 644 | // XXX can this also contain multiple results? I don't think so, but |
|
| 645 | // make sure! |
|
| 646 | return $stmt->fetch(PDO::FETCH_ASSOC); |
|
| 647 | } |
|
| 648 | ||
| 649 | /** |
|
| 650 | * @return int |
|
| @@ 652-669 (lines=18) @@ | ||
| 649 | /** |
|
| 650 | * @return int |
|
| 651 | */ |
|
| 652 | public function getTotpAttemptCount($userId) |
|
| 653 | { |
|
| 654 | $this->addUser($userId); |
|
| 655 | $stmt = $this->db->prepare( |
|
| 656 | <<< 'SQL' |
|
| 657 | SELECT |
|
| 658 | COUNT(*) |
|
| 659 | FROM |
|
| 660 | totp_log |
|
| 661 | WHERE user_id = :user_id |
|
| 662 | SQL |
|
| 663 | ); |
|
| 664 | ||
| 665 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 666 | $stmt->execute(); |
|
| 667 | ||
| 668 | return (int) $stmt->fetchColumn(); |
|
| 669 | } |
|
| 670 | ||
| 671 | /** |
|
| 672 | * @return bool true if recording succeeds, false if it cannot due to replay |
|
| @@ 806-826 (lines=21) @@ | ||
| 803 | /** |
|
| 804 | * @return array |
|
| 805 | */ |
|
| 806 | public function userMessages($userId) |
|
| 807 | { |
|
| 808 | $this->addUser($userId); |
|
| 809 | $stmt = $this->db->prepare( |
|
| 810 | <<< 'SQL' |
|
| 811 | SELECT |
|
| 812 | id, type, message, date_time |
|
| 813 | FROM |
|
| 814 | user_messages |
|
| 815 | WHERE |
|
| 816 | user_id = :user_id |
|
| 817 | ORDER BY |
|
| 818 | date_time DESC |
|
| 819 | SQL |
|
| 820 | ); |
|
| 821 | ||
| 822 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 823 | $stmt->execute(); |
|
| 824 | ||
| 825 | return $stmt->fetchAll(PDO::FETCH_ASSOC); |
|
| 826 | } |
|
| 827 | ||
| 828 | public function addUserMessage($userId, $type, $message) |
|
| 829 | { |
|
