|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Craft; |
|
4
|
|
|
|
|
5
|
|
|
/** |
|
6
|
|
|
* Class ApiAuthController |
|
7
|
|
|
* |
|
8
|
|
|
* Api authentication using user keys |
|
9
|
|
|
* |
|
10
|
|
|
* @author Nerds & Company |
|
11
|
|
|
* @copyright Copyright (c) 2015, Nerds & Company |
|
12
|
|
|
* @license MIT |
|
13
|
|
|
* |
|
14
|
|
|
* @link http://www.nerds.company |
|
15
|
|
|
*/ |
|
16
|
|
|
class ApiAuthController extends BaseController |
|
17
|
|
|
{ |
|
18
|
|
|
/** @var bool */ |
|
19
|
|
|
protected $allowAnonymous = array('authenticate', 'resetPassword'); |
|
20
|
|
|
|
|
21
|
|
|
/** |
|
22
|
|
|
* Set cors headers and check for options request |
|
23
|
|
|
*/ |
|
24
|
|
|
public function init() |
|
25
|
|
|
{ |
|
26
|
|
|
craft()->apiAuth->setCorsHeaders(); |
|
27
|
|
|
if (craft()->apiAuth->isOptionsRequest()) { |
|
28
|
|
|
craft()->end(); |
|
29
|
|
|
} |
|
30
|
|
|
} |
|
31
|
|
|
|
|
32
|
|
|
/** |
|
33
|
|
|
* Authenticate action. |
|
34
|
|
|
*/ |
|
35
|
4 |
|
public function actionAuthenticate() |
|
36
|
|
|
{ |
|
37
|
|
|
try { |
|
38
|
4 |
|
$this->requirePostRequest(); |
|
39
|
|
|
|
|
40
|
3 |
|
$username = craft()->request->getRequiredPost('username'); |
|
41
|
3 |
|
$password = craft()->request->getRequiredPost('password'); |
|
42
|
|
|
|
|
43
|
3 |
|
if (craft()->userSession->login($username, $password)) { |
|
44
|
2 |
|
$key = craft()->apiAuth->generateKey(); |
|
45
|
2 |
|
$user = craft()->userSession->getUser(); |
|
46
|
|
|
|
|
47
|
2 |
|
if (craft()->apiAuth->saveKey($user, $key)) { |
|
48
|
1 |
|
$this->returnJson(array( |
|
49
|
1 |
|
'key' => $key, |
|
50
|
1 |
|
)); |
|
51
|
1 |
|
} else { |
|
52
|
1 |
|
HeaderHelper::setHeader('HTTP/ 500 Internal server error'); |
|
53
|
1 |
|
$this->returnErrorJson(Craft::t('Something went wrong')); |
|
54
|
|
|
} |
|
55
|
2 |
|
} else { |
|
56
|
1 |
|
HeaderHelper::setHeader('HTTP/ 401 Bad Credentials'); |
|
57
|
1 |
|
$this->returnErrorJson(Craft::t('Invalid username or password')); |
|
58
|
|
|
} |
|
59
|
4 |
|
} catch (HttpException $e) { |
|
|
|
|
|
|
60
|
1 |
|
HeaderHelper::setHeader('HTTP/ ' . $e->statusCode); |
|
61
|
1 |
|
$this->returnErrorJson($e->getMessage()); |
|
62
|
|
|
} |
|
63
|
4 |
|
} |
|
64
|
|
|
|
|
65
|
|
|
/** |
|
66
|
|
|
* Forgot password action |
|
67
|
|
|
*/ |
|
68
|
3 |
|
public function actionResetPassword() |
|
69
|
|
|
{ |
|
70
|
|
|
try { |
|
71
|
3 |
|
$this->requirePostRequest(); |
|
72
|
|
|
|
|
73
|
2 |
|
$username = craft()->request->getRequiredPost('username'); |
|
74
|
2 |
|
$user = craft()->users->getUserByUsernameOrEmail($username); |
|
75
|
|
|
|
|
76
|
2 |
|
if ($user) { |
|
77
|
1 |
|
craft()->users->sendPasswordResetEmail($user); |
|
78
|
1 |
|
} |
|
79
|
|
|
|
|
80
|
2 |
|
$this->returnJson(array('message' => Craft::t('Email has been sent if address exists'))); |
|
81
|
|
|
|
|
82
|
3 |
|
} catch (HttpException $e) { |
|
|
|
|
|
|
83
|
1 |
|
HeaderHelper::setHeader('HTTP/ ' . $e->statusCode); |
|
84
|
1 |
|
$this->returnErrorJson($e->getMessage()); |
|
85
|
|
|
} |
|
86
|
3 |
|
} |
|
87
|
|
|
} |
|
88
|
|
|
|
nerds-and-company /
craft-api-authentication-plugin
Loading history...
Scrutinizer analyzes your
composer.json/composer.lockfile if available to determine the classes, and functions that are defined by your dependencies.It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis.