eduVPN /
vpn-server-api
| @@ 107-124 (lines=18) @@ | ||
| 104 | /** |
|
| 105 | * @return string|null |
|
| 106 | */ |
|
| 107 | public function getVootToken($userId) |
|
| 108 | { |
|
| 109 | $this->addUser($userId); |
|
| 110 | $stmt = $this->db->prepare( |
|
| 111 | <<< 'SQL' |
|
| 112 | SELECT |
|
| 113 | voot_token |
|
| 114 | FROM |
|
| 115 | users |
|
| 116 | WHERE |
|
| 117 | user_id = :user_id |
|
| 118 | SQL |
|
| 119 | ); |
|
| 120 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 121 | $stmt->execute(); |
|
| 122 | ||
| 123 | return $stmt->fetchColumn(); |
|
| 124 | } |
|
| 125 | ||
| 126 | public function setVootToken($userId, AccessToken $vootToken) |
|
| 127 | { |
|
| @@ 148-165 (lines=18) @@ | ||
| 145 | /** |
|
| 146 | * @return bool |
|
| 147 | */ |
|
| 148 | public function hasVootToken($userId) |
|
| 149 | { |
|
| 150 | $this->addUser($userId); |
|
| 151 | $stmt = $this->db->prepare( |
|
| 152 | <<< 'SQL' |
|
| 153 | SELECT |
|
| 154 | voot_token |
|
| 155 | FROM |
|
| 156 | users |
|
| 157 | WHERE |
|
| 158 | user_id = :user_id |
|
| 159 | SQL |
|
| 160 | ); |
|
| 161 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 162 | $stmt->execute(); |
|
| 163 | ||
| 164 | return !is_null($stmt->fetchColumn()); |
|
| 165 | } |
|
| 166 | ||
| 167 | public function deleteVootToken($userId) |
|
| 168 | { |
|
| @@ 188-205 (lines=18) @@ | ||
| 185 | /** |
|
| 186 | * @return bool |
|
| 187 | */ |
|
| 188 | public function hasTotpSecret($userId) |
|
| 189 | { |
|
| 190 | $this->addUser($userId); |
|
| 191 | $stmt = $this->db->prepare( |
|
| 192 | <<< 'SQL' |
|
| 193 | SELECT |
|
| 194 | totp_secret |
|
| 195 | FROM |
|
| 196 | users |
|
| 197 | WHERE |
|
| 198 | user_id = :user_id |
|
| 199 | SQL |
|
| 200 | ); |
|
| 201 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 202 | $stmt->execute(); |
|
| 203 | ||
| 204 | return !is_null($stmt->fetchColumn()); |
|
| 205 | } |
|
| 206 | ||
| 207 | /** |
|
| 208 | * @return string|null |
|
| @@ 210-227 (lines=18) @@ | ||
| 207 | /** |
|
| 208 | * @return string|null |
|
| 209 | */ |
|
| 210 | public function getTotpSecret($userId) |
|
| 211 | { |
|
| 212 | $this->addUser($userId); |
|
| 213 | $stmt = $this->db->prepare( |
|
| 214 | <<< 'SQL' |
|
| 215 | SELECT |
|
| 216 | totp_secret |
|
| 217 | FROM |
|
| 218 | users |
|
| 219 | WHERE |
|
| 220 | user_id = :user_id |
|
| 221 | SQL |
|
| 222 | ); |
|
| 223 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 224 | $stmt->execute(); |
|
| 225 | ||
| 226 | return $stmt->fetchColumn(); |
|
| 227 | } |
|
| 228 | ||
| 229 | public function setTotpSecret($userId, $totpSecret) |
|
| 230 | { |
|
| @@ 248-263 (lines=16) @@ | ||
| 245 | $stmt->execute(); |
|
| 246 | } |
|
| 247 | ||
| 248 | public function deleteTotpSecret($userId) |
|
| 249 | { |
|
| 250 | $this->addUser($userId); |
|
| 251 | $stmt = $this->db->prepare( |
|
| 252 | <<< 'SQL' |
|
| 253 | UPDATE |
|
| 254 | users |
|
| 255 | SET |
|
| 256 | totp_secret = NULL |
|
| 257 | WHERE |
|
| 258 | user_id = :user_id |
|
| 259 | SQL |
|
| 260 | ); |
|
| 261 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 262 | $stmt->execute(); |
|
| 263 | } |
|
| 264 | ||
| 265 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 266 | { |
|
| @@ 287-304 (lines=18) @@ | ||
| 284 | /** |
|
| 285 | * @return bool |
|
| 286 | */ |
|
| 287 | public function hasYubiKeyId($userId) |
|
| 288 | { |
|
| 289 | $this->addUser($userId); |
|
| 290 | $stmt = $this->db->prepare( |
|
| 291 | <<< 'SQL' |
|
| 292 | SELECT |
|
| 293 | yubi_key_id |
|
| 294 | FROM |
|
| 295 | users |
|
| 296 | WHERE |
|
| 297 | user_id = :user_id |
|
| 298 | SQL |
|
| 299 | ); |
|
| 300 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 301 | $stmt->execute(); |
|
| 302 | ||
| 303 | return !is_null($stmt->fetchColumn()); |
|
| 304 | } |
|
| 305 | ||
| 306 | /** |
|
| 307 | * @return string|null |
|
| @@ 309-326 (lines=18) @@ | ||
| 306 | /** |
|
| 307 | * @return string|null |
|
| 308 | */ |
|
| 309 | public function getYubiKeyId($userId) |
|
| 310 | { |
|
| 311 | $this->addUser($userId); |
|
| 312 | $stmt = $this->db->prepare( |
|
| 313 | <<< 'SQL' |
|
| 314 | SELECT |
|
| 315 | yubi_key_id |
|
| 316 | FROM |
|
| 317 | users |
|
| 318 | WHERE |
|
| 319 | user_id = :user_id |
|
| 320 | SQL |
|
| 321 | ); |
|
| 322 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 323 | $stmt->execute(); |
|
| 324 | ||
| 325 | return $stmt->fetchColumn(); |
|
| 326 | } |
|
| 327 | ||
| 328 | public function deleteYubiKeyId($userId) |
|
| 329 | { |
|
| @@ 328-341 (lines=14) @@ | ||
| 325 | return $stmt->fetchColumn(); |
|
| 326 | } |
|
| 327 | ||
| 328 | public function deleteYubiKeyId($userId) |
|
| 329 | { |
|
| 330 | $this->addUser($userId); |
|
| 331 | $stmt = $this->db->prepare( |
|
| 332 | <<< 'SQL' |
|
| 333 | UPDATE |
|
| 334 | users |
|
| 335 | SET |
|
| 336 | yubi_key_id = NULL |
|
| 337 | WHERE |
|
| 338 | user_id = :user_id |
|
| 339 | SQL |
|
| 340 | ); |
|
| 341 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 342 | $stmt->execute(); |
|
| 343 | } |
|
| 344 | ||
| @@ 345-360 (lines=16) @@ | ||
| 342 | $stmt->execute(); |
|
| 343 | } |
|
| 344 | ||
| 345 | public function deleteUser($userId) |
|
| 346 | { |
|
| 347 | $this->addUser($userId); |
|
| 348 | $stmt = $this->db->prepare( |
|
| 349 | <<< 'SQL' |
|
| 350 | DELETE FROM |
|
| 351 | users |
|
| 352 | WHERE |
|
| 353 | user_id = :user_id |
|
| 354 | SQL |
|
| 355 | ); |
|
| 356 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 357 | $stmt->execute(); |
|
| 358 | } |
|
| 359 | ||
| 360 | public function addCertificate($userId, $commonName, $displayName, DateTime $validFrom, DateTime $validTo) |
|
| 361 | { |
|
| 362 | $this->addUser($userId); |
|
| 363 | $stmt = $this->db->prepare( |
|
| @@ 457-472 (lines=16) @@ | ||
| 454 | $stmt->execute(); |
|
| 455 | } |
|
| 456 | ||
| 457 | public function disableUser($userId) |
|
| 458 | { |
|
| 459 | $this->addUser($userId); |
|
| 460 | $stmt = $this->db->prepare( |
|
| 461 | <<< 'SQL' |
|
| 462 | UPDATE |
|
| 463 | users |
|
| 464 | SET |
|
| 465 | is_disabled = 1 |
|
| 466 | WHERE |
|
| 467 | user_id = :user_id |
|
| 468 | SQL |
|
| 469 | ); |
|
| 470 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 471 | $stmt->execute(); |
|
| 472 | } |
|
| 473 | ||
| 474 | public function enableUser($userId) |
|
| 475 | { |
|
| @@ 494-511 (lines=18) @@ | ||
| 491 | /** |
|
| 492 | * @return bool |
|
| 493 | */ |
|
| 494 | public function isDisabledUser($userId) |
|
| 495 | { |
|
| 496 | $this->addUser($userId); |
|
| 497 | $stmt = $this->db->prepare( |
|
| 498 | <<< 'SQL' |
|
| 499 | SELECT |
|
| 500 | is_disabled |
|
| 501 | FROM |
|
| 502 | users |
|
| 503 | WHERE |
|
| 504 | user_id = :user_id |
|
| 505 | SQL |
|
| 506 | ); |
|
| 507 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 508 | $stmt->execute(); |
|
| 509 | ||
| 510 | return (bool) $stmt->fetchColumn(); |
|
| 511 | } |
|
| 512 | ||
| 513 | /** |
|
| 514 | * @return array |
|
| @@ 620-649 (lines=30) @@ | ||
| 617 | /** |
|
| 618 | * @return array|false |
|
| 619 | */ |
|
| 620 | public function getLogEntry(DateTime $dateTime, $ipAddress) |
|
| 621 | { |
|
| 622 | $stmt = $this->db->prepare( |
|
| 623 | <<< 'SQL' |
|
| 624 | SELECT |
|
| 625 | user_id, |
|
| 626 | profile_id, |
|
| 627 | common_name, |
|
| 628 | ip4, |
|
| 629 | ip6, |
|
| 630 | connected_at, |
|
| 631 | disconnected_at |
|
| 632 | FROM |
|
| 633 | connection_log |
|
| 634 | WHERE |
|
| 635 | (ip4 = :ip_address OR ip6 = :ip_address) |
|
| 636 | AND |
|
| 637 | connected_at < :date_time |
|
| 638 | AND |
|
| 639 | (disconnected_at > :date_time OR disconnected_at IS NULL) |
|
| 640 | SQL |
|
| 641 | ); |
|
| 642 | $stmt->bindValue(':ip_address', $ipAddress, PDO::PARAM_STR); |
|
| 643 | $stmt->bindValue(':date_time', $dateTime->format('Y-m-d H:i:s'), PDO::PARAM_STR); |
|
| 644 | $stmt->execute(); |
|
| 645 | ||
| 646 | // XXX can this also contain multiple results? I don't think so, but |
|
| 647 | // make sure! |
|
| 648 | return $stmt->fetch(PDO::FETCH_ASSOC); |
|
| 649 | } |
|
| 650 | ||
| 651 | /** |
|
| 652 | * @return int |
|
| @@ 654-671 (lines=18) @@ | ||
| 651 | /** |
|
| 652 | * @return int |
|
| 653 | */ |
|
| 654 | public function getTotpAttemptCount($userId) |
|
| 655 | { |
|
| 656 | $this->addUser($userId); |
|
| 657 | $stmt = $this->db->prepare( |
|
| 658 | <<< 'SQL' |
|
| 659 | SELECT |
|
| 660 | COUNT(*) |
|
| 661 | FROM |
|
| 662 | totp_log |
|
| 663 | WHERE user_id = :user_id |
|
| 664 | SQL |
|
| 665 | ); |
|
| 666 | ||
| 667 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 668 | $stmt->execute(); |
|
| 669 | ||
| 670 | return (int) $stmt->fetchColumn(); |
|
| 671 | } |
|
| 672 | ||
| 673 | /** |
|
| 674 | * @return bool true if recording succeeds, false if it cannot due to replay |
|
| @@ 808-828 (lines=21) @@ | ||
| 805 | /** |
|
| 806 | * @return array |
|
| 807 | */ |
|
| 808 | public function userMessages($userId) |
|
| 809 | { |
|
| 810 | $this->addUser($userId); |
|
| 811 | $stmt = $this->db->prepare( |
|
| 812 | <<< 'SQL' |
|
| 813 | SELECT |
|
| 814 | id, type, message, date_time |
|
| 815 | FROM |
|
| 816 | user_messages |
|
| 817 | WHERE |
|
| 818 | user_id = :user_id |
|
| 819 | ORDER BY |
|
| 820 | date_time DESC |
|
| 821 | SQL |
|
| 822 | ); |
|
| 823 | ||
| 824 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 825 | $stmt->execute(); |
|
| 826 | ||
| 827 | return $stmt->fetchAll(PDO::FETCH_ASSOC); |
|
| 828 | } |
|
| 829 | ||
| 830 | public function addUserMessage($userId, $type, $message) |
|
| 831 | { |
|
| @@ 229-246 (lines=18) @@ | ||
| 226 | return $stmt->fetchColumn(); |
|
| 227 | } |
|
| 228 | ||
| 229 | public function setTotpSecret($userId, $totpSecret) |
|
| 230 | { |
|
| 231 | $this->addUser($userId); |
|
| 232 | $stmt = $this->db->prepare( |
|
| 233 | <<< 'SQL' |
|
| 234 | UPDATE |
|
| 235 | users |
|
| 236 | SET |
|
| 237 | totp_secret = :totp_secret |
|
| 238 | WHERE |
|
| 239 | user_id = :user_id |
|
| 240 | SQL |
|
| 241 | ); |
|
| 242 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 243 | $stmt->bindValue(':totp_secret', $totpSecret, PDO::PARAM_STR); |
|
| 244 | ||
| 245 | $stmt->execute(); |
|
| 246 | } |
|
| 247 | ||
| 248 | public function deleteTotpSecret($userId) |
|
| 249 | { |
|
| @@ 265-282 (lines=18) @@ | ||
| 262 | $stmt->execute(); |
|
| 263 | } |
|
| 264 | ||
| 265 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 266 | { |
|
| 267 | $this->addUser($userId); |
|
| 268 | $stmt = $this->db->prepare( |
|
| 269 | <<< 'SQL' |
|
| 270 | UPDATE |
|
| 271 | users |
|
| 272 | SET |
|
| 273 | yubi_key_id = :yubi_key_id |
|
| 274 | WHERE |
|
| 275 | user_id = :user_id |
|
| 276 | SQL |
|
| 277 | ); |
|
| 278 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 279 | $stmt->bindValue(':yubi_key_id', $yubiKeyId, PDO::PARAM_STR); |
|
| 280 | ||
| 281 | $stmt->execute(); |
|
| 282 | } |
|
| 283 | ||
| 284 | /** |
|
| 285 | * @return bool |
|
| @@ 126-143 (lines=18) @@ | ||
| 123 | return $stmt->fetchColumn(); |
|
| 124 | } |
|
| 125 | ||
| 126 | public function setVootToken($userId, AccessToken $vootToken) |
|
| 127 | { |
|
| 128 | $this->addUser($userId); |
|
| 129 | $stmt = $this->db->prepare( |
|
| 130 | <<< 'SQL' |
|
| 131 | UPDATE |
|
| 132 | users |
|
| 133 | SET |
|
| 134 | voot_token = :voot_token |
|
| 135 | WHERE |
|
| 136 | user_id = :user_id |
|
| 137 | SQL |
|
| 138 | ); |
|
| 139 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 140 | $stmt->bindValue(':voot_token', $vootToken->toStorage(), PDO::PARAM_STR); |
|
| 141 | ||
| 142 | $stmt->execute(); |
|
| 143 | } |
|
| 144 | ||
| 145 | /** |
|
| 146 | * @return bool |
|
