eduVPN /
vpn-server-api
| @@ 98-115 (lines=18) @@ | ||
| 95 | /** |
|
| 96 | * @return string|null |
|
| 97 | */ |
|
| 98 | public function getVootToken($userId) |
|
| 99 | { |
|
| 100 | $this->addUser($userId); |
|
| 101 | $stmt = $this->db->prepare( |
|
| 102 | <<< 'SQL' |
|
| 103 | SELECT |
|
| 104 | voot_token |
|
| 105 | FROM |
|
| 106 | users |
|
| 107 | WHERE |
|
| 108 | user_id = :user_id |
|
| 109 | SQL |
|
| 110 | ); |
|
| 111 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 112 | $stmt->execute(); |
|
| 113 | ||
| 114 | return $stmt->fetchColumn(); |
|
| 115 | } |
|
| 116 | ||
| 117 | public function setVootToken($userId, AccessToken $vootToken) |
|
| 118 | { |
|
| @@ 139-156 (lines=18) @@ | ||
| 136 | /** |
|
| 137 | * @return bool |
|
| 138 | */ |
|
| 139 | public function hasVootToken($userId) |
|
| 140 | { |
|
| 141 | $this->addUser($userId); |
|
| 142 | $stmt = $this->db->prepare( |
|
| 143 | <<< 'SQL' |
|
| 144 | SELECT |
|
| 145 | voot_token |
|
| 146 | FROM |
|
| 147 | users |
|
| 148 | WHERE |
|
| 149 | user_id = :user_id |
|
| 150 | SQL |
|
| 151 | ); |
|
| 152 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 153 | $stmt->execute(); |
|
| 154 | ||
| 155 | return !is_null($stmt->fetchColumn()); |
|
| 156 | } |
|
| 157 | ||
| 158 | public function deleteVootToken($userId) |
|
| 159 | { |
|
| @@ 179-196 (lines=18) @@ | ||
| 176 | /** |
|
| 177 | * @return bool |
|
| 178 | */ |
|
| 179 | public function hasTotpSecret($userId) |
|
| 180 | { |
|
| 181 | $this->addUser($userId); |
|
| 182 | $stmt = $this->db->prepare( |
|
| 183 | <<< 'SQL' |
|
| 184 | SELECT |
|
| 185 | totp_secret |
|
| 186 | FROM |
|
| 187 | users |
|
| 188 | WHERE |
|
| 189 | user_id = :user_id |
|
| 190 | SQL |
|
| 191 | ); |
|
| 192 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 193 | $stmt->execute(); |
|
| 194 | ||
| 195 | return !is_null($stmt->fetchColumn()); |
|
| 196 | } |
|
| 197 | ||
| 198 | /** |
|
| 199 | * @return string|null |
|
| @@ 201-218 (lines=18) @@ | ||
| 198 | /** |
|
| 199 | * @return string|null |
|
| 200 | */ |
|
| 201 | public function getTotpSecret($userId) |
|
| 202 | { |
|
| 203 | $this->addUser($userId); |
|
| 204 | $stmt = $this->db->prepare( |
|
| 205 | <<< 'SQL' |
|
| 206 | SELECT |
|
| 207 | totp_secret |
|
| 208 | FROM |
|
| 209 | users |
|
| 210 | WHERE |
|
| 211 | user_id = :user_id |
|
| 212 | SQL |
|
| 213 | ); |
|
| 214 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 215 | $stmt->execute(); |
|
| 216 | ||
| 217 | return $stmt->fetchColumn(); |
|
| 218 | } |
|
| 219 | ||
| 220 | public function setTotpSecret($userId, $totpSecret) |
|
| 221 | { |
|
| @@ 220-237 (lines=18) @@ | ||
| 217 | return $stmt->fetchColumn(); |
|
| 218 | } |
|
| 219 | ||
| 220 | public function setTotpSecret($userId, $totpSecret) |
|
| 221 | { |
|
| 222 | $this->addUser($userId); |
|
| 223 | $stmt = $this->db->prepare( |
|
| 224 | <<< 'SQL' |
|
| 225 | UPDATE |
|
| 226 | users |
|
| 227 | SET |
|
| 228 | totp_secret = :totp_secret |
|
| 229 | WHERE |
|
| 230 | user_id = :user_id |
|
| 231 | SQL |
|
| 232 | ); |
|
| 233 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 234 | $stmt->bindValue(':totp_secret', $totpSecret, PDO::PARAM_STR); |
|
| 235 | ||
| 236 | $stmt->execute(); |
|
| 237 | } |
|
| 238 | ||
| 239 | public function deleteTotpSecret($userId) |
|
| 240 | { |
|
| @@ 239-254 (lines=16) @@ | ||
| 236 | $stmt->execute(); |
|
| 237 | } |
|
| 238 | ||
| 239 | public function deleteTotpSecret($userId) |
|
| 240 | { |
|
| 241 | $this->addUser($userId); |
|
| 242 | $stmt = $this->db->prepare( |
|
| 243 | <<< 'SQL' |
|
| 244 | UPDATE |
|
| 245 | users |
|
| 246 | SET |
|
| 247 | totp_secret = NULL |
|
| 248 | WHERE |
|
| 249 | user_id = :user_id |
|
| 250 | SQL |
|
| 251 | ); |
|
| 252 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 253 | $stmt->execute(); |
|
| 254 | } |
|
| 255 | ||
| 256 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 257 | { |
|
| @@ 256-273 (lines=18) @@ | ||
| 253 | $stmt->execute(); |
|
| 254 | } |
|
| 255 | ||
| 256 | public function setYubiKeyId($userId, $yubiKeyId) |
|
| 257 | { |
|
| 258 | $this->addUser($userId); |
|
| 259 | $stmt = $this->db->prepare( |
|
| 260 | <<< 'SQL' |
|
| 261 | UPDATE |
|
| 262 | users |
|
| 263 | SET |
|
| 264 | yubi_key_id = :yubi_key_id |
|
| 265 | WHERE |
|
| 266 | user_id = :user_id |
|
| 267 | SQL |
|
| 268 | ); |
|
| 269 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 270 | $stmt->bindValue(':yubi_key_id', $yubiKeyId, PDO::PARAM_STR); |
|
| 271 | ||
| 272 | $stmt->execute(); |
|
| 273 | } |
|
| 274 | ||
| 275 | /** |
|
| 276 | * @return bool |
|
| @@ 278-295 (lines=18) @@ | ||
| 275 | /** |
|
| 276 | * @return bool |
|
| 277 | */ |
|
| 278 | public function hasYubiKeyId($userId) |
|
| 279 | { |
|
| 280 | $this->addUser($userId); |
|
| 281 | $stmt = $this->db->prepare( |
|
| 282 | <<< 'SQL' |
|
| 283 | SELECT |
|
| 284 | yubi_key_id |
|
| 285 | FROM |
|
| 286 | users |
|
| 287 | WHERE |
|
| 288 | user_id = :user_id |
|
| 289 | SQL |
|
| 290 | ); |
|
| 291 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 292 | $stmt->execute(); |
|
| 293 | ||
| 294 | return !is_null($stmt->fetchColumn()); |
|
| 295 | } |
|
| 296 | ||
| 297 | /** |
|
| 298 | * @return string|null |
|
| @@ 300-317 (lines=18) @@ | ||
| 297 | /** |
|
| 298 | * @return string|null |
|
| 299 | */ |
|
| 300 | public function getYubiKeyId($userId) |
|
| 301 | { |
|
| 302 | $this->addUser($userId); |
|
| 303 | $stmt = $this->db->prepare( |
|
| 304 | <<< 'SQL' |
|
| 305 | SELECT |
|
| 306 | yubi_key_id |
|
| 307 | FROM |
|
| 308 | users |
|
| 309 | WHERE |
|
| 310 | user_id = :user_id |
|
| 311 | SQL |
|
| 312 | ); |
|
| 313 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 314 | $stmt->execute(); |
|
| 315 | ||
| 316 | return $stmt->fetchColumn(); |
|
| 317 | } |
|
| 318 | ||
| 319 | public function deleteYubiKeyId($userId) |
|
| 320 | { |
|
| @@ 319-332 (lines=14) @@ | ||
| 316 | return $stmt->fetchColumn(); |
|
| 317 | } |
|
| 318 | ||
| 319 | public function deleteYubiKeyId($userId) |
|
| 320 | { |
|
| 321 | $this->addUser($userId); |
|
| 322 | $stmt = $this->db->prepare( |
|
| 323 | <<< 'SQL' |
|
| 324 | UPDATE |
|
| 325 | users |
|
| 326 | SET |
|
| 327 | yubi_key_id = NULL |
|
| 328 | WHERE |
|
| 329 | user_id = :user_id |
|
| 330 | SQL |
|
| 331 | ); |
|
| 332 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 333 | $stmt->execute(); |
|
| 334 | } |
|
| 335 | ||
| @@ 336-351 (lines=16) @@ | ||
| 333 | $stmt->execute(); |
|
| 334 | } |
|
| 335 | ||
| 336 | public function deleteUser($userId) |
|
| 337 | { |
|
| 338 | $this->addUser($userId); |
|
| 339 | $stmt = $this->db->prepare( |
|
| 340 | <<< 'SQL' |
|
| 341 | DELETE FROM |
|
| 342 | users |
|
| 343 | WHERE |
|
| 344 | user_id = :user_id |
|
| 345 | SQL |
|
| 346 | ); |
|
| 347 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 348 | $stmt->execute(); |
|
| 349 | } |
|
| 350 | ||
| 351 | public function addCertificate($userId, $commonName, $displayName, DateTime $validFrom, DateTime $validTo) |
|
| 352 | { |
|
| 353 | $this->addUser($userId); |
|
| 354 | $stmt = $this->db->prepare( |
|
| @@ 448-463 (lines=16) @@ | ||
| 445 | $stmt->execute(); |
|
| 446 | } |
|
| 447 | ||
| 448 | public function disableUser($userId) |
|
| 449 | { |
|
| 450 | $this->addUser($userId); |
|
| 451 | $stmt = $this->db->prepare( |
|
| 452 | <<< 'SQL' |
|
| 453 | UPDATE |
|
| 454 | users |
|
| 455 | SET |
|
| 456 | is_disabled = 1 |
|
| 457 | WHERE |
|
| 458 | user_id = :user_id |
|
| 459 | SQL |
|
| 460 | ); |
|
| 461 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 462 | $stmt->execute(); |
|
| 463 | } |
|
| 464 | ||
| 465 | public function enableUser($userId) |
|
| 466 | { |
|
| @@ 485-502 (lines=18) @@ | ||
| 482 | /** |
|
| 483 | * @return bool |
|
| 484 | */ |
|
| 485 | public function isDisabledUser($userId) |
|
| 486 | { |
|
| 487 | $this->addUser($userId); |
|
| 488 | $stmt = $this->db->prepare( |
|
| 489 | <<< 'SQL' |
|
| 490 | SELECT |
|
| 491 | is_disabled |
|
| 492 | FROM |
|
| 493 | users |
|
| 494 | WHERE |
|
| 495 | user_id = :user_id |
|
| 496 | SQL |
|
| 497 | ); |
|
| 498 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 499 | $stmt->execute(); |
|
| 500 | ||
| 501 | return (bool) $stmt->fetchColumn(); |
|
| 502 | } |
|
| 503 | ||
| 504 | /** |
|
| 505 | * @return array |
|
| @@ 611-640 (lines=30) @@ | ||
| 608 | /** |
|
| 609 | * @return array|false |
|
| 610 | */ |
|
| 611 | public function getLogEntry(DateTime $dateTime, $ipAddress) |
|
| 612 | { |
|
| 613 | $stmt = $this->db->prepare( |
|
| 614 | <<< 'SQL' |
|
| 615 | SELECT |
|
| 616 | user_id, |
|
| 617 | profile_id, |
|
| 618 | common_name, |
|
| 619 | ip4, |
|
| 620 | ip6, |
|
| 621 | connected_at, |
|
| 622 | disconnected_at |
|
| 623 | FROM |
|
| 624 | connection_log |
|
| 625 | WHERE |
|
| 626 | (ip4 = :ip_address OR ip6 = :ip_address) |
|
| 627 | AND |
|
| 628 | connected_at < :date_time |
|
| 629 | AND |
|
| 630 | (disconnected_at > :date_time OR disconnected_at IS NULL) |
|
| 631 | SQL |
|
| 632 | ); |
|
| 633 | $stmt->bindValue(':ip_address', $ipAddress, PDO::PARAM_STR); |
|
| 634 | $stmt->bindValue(':date_time', $dateTime->format('Y-m-d H:i:s'), PDO::PARAM_STR); |
|
| 635 | $stmt->execute(); |
|
| 636 | ||
| 637 | // XXX can this also contain multiple results? I don't think so, but |
|
| 638 | // make sure! |
|
| 639 | return $stmt->fetch(PDO::FETCH_ASSOC); |
|
| 640 | } |
|
| 641 | ||
| 642 | /** |
|
| 643 | * @return int |
|
| @@ 645-662 (lines=18) @@ | ||
| 642 | /** |
|
| 643 | * @return int |
|
| 644 | */ |
|
| 645 | public function getTotpAttemptCount($userId) |
|
| 646 | { |
|
| 647 | $this->addUser($userId); |
|
| 648 | $stmt = $this->db->prepare( |
|
| 649 | <<< 'SQL' |
|
| 650 | SELECT |
|
| 651 | COUNT(*) |
|
| 652 | FROM |
|
| 653 | totp_log |
|
| 654 | WHERE user_id = :user_id |
|
| 655 | SQL |
|
| 656 | ); |
|
| 657 | ||
| 658 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 659 | $stmt->execute(); |
|
| 660 | ||
| 661 | return (int) $stmt->fetchColumn(); |
|
| 662 | } |
|
| 663 | ||
| 664 | /** |
|
| 665 | * @return bool true if recording succeeds, false if it cannot due to replay |
|
| @@ 799-819 (lines=21) @@ | ||
| 796 | /** |
|
| 797 | * @return array |
|
| 798 | */ |
|
| 799 | public function userMessages($userId) |
|
| 800 | { |
|
| 801 | $this->addUser($userId); |
|
| 802 | $stmt = $this->db->prepare( |
|
| 803 | <<< 'SQL' |
|
| 804 | SELECT |
|
| 805 | id, type, message, date_time |
|
| 806 | FROM |
|
| 807 | user_messages |
|
| 808 | WHERE |
|
| 809 | user_id = :user_id |
|
| 810 | ORDER BY |
|
| 811 | date_time DESC |
|
| 812 | SQL |
|
| 813 | ); |
|
| 814 | ||
| 815 | $stmt->bindValue(':user_id', $userId, PDO::PARAM_STR); |
|
| 816 | $stmt->execute(); |
|
| 817 | ||
| 818 | return $stmt->fetchAll(PDO::FETCH_ASSOC); |
|
| 819 | } |
|
| 820 | ||
| 821 | public function addUserMessage($userId, $type, $message) |
|
| 822 | { |
|
