diff --git a/app/libs/auth/AuthService.php b/app/libs/auth/AuthService.php index 47ad6537..b894f076 100644 --- a/app/libs/auth/AuthService.php +++ b/app/libs/auth/AuthService.php @@ -3,9 +3,9 @@ namespace auth; use Auth; +use Member; use Session; use utils\services\IAuthService; -use \Member; class AuthService implements IAuthService { @@ -15,7 +15,16 @@ class AuthService implements IAuthService */ public function isUserLogged() { - return Auth::check(); + $res = Auth::check(); + if ($res) { + $user = $this->getCurrentUser(); + if (!$user->hasAssociatedMember()) { + $this->logout(); + $res = false; + } + } + + return $res; } /** @@ -23,7 +32,13 @@ class AuthService implements IAuthService */ public function getCurrentUser() { - return Auth::user(); + $user = Auth::user(); + if (!is_null($user) && !$user->hasAssociatedMember()) { + $this->logout(); + $user = null; + } + + return $user; } /** @@ -49,12 +64,15 @@ class AuthService implements IAuthService { if (Session::has("openid.authorization.response")) { $value = Session::get("openid.authorization.response"); + return $value; } + return IAuthService::AuthorizationResponse_None; } - public function clearUserAuthorizationResponse(){ + public function clearUserAuthorizationResponse() + { if (Session::has("openid.authorization.response")) { Session::remove("openid.authorization.response"); } @@ -68,14 +86,17 @@ class AuthService implements IAuthService public function getUserByOpenId($openid) { $user = User::where('identifier', '=', $openid)->first(); + return $user; } public function getUserByUsername($username) { $member = Member::where('Email', '=', $username)->first(); - if(!is_null($member)) - return User::where('external_identifier', '=', $member->ID)->first(); + if (!is_null($member)) { + return User::where('external_identifier', '=', $member->ID)->first(); + } + return false; } @@ -84,26 +105,28 @@ class AuthService implements IAuthService return User::find($id); } - // Authentication + // Authentication - public function getUserAuthenticationResponse() - { - if (Session::has("openstackid.authentication.response")) { - $value = Session::get("openstackid.authentication.response"); - return $value; - } - return IAuthService::AuthenticationResponse_None; - } + public function getUserAuthenticationResponse() + { + if (Session::has("openstackid.authentication.response")) { + $value = Session::get("openstackid.authentication.response"); - public function setUserAuthenticationResponse($auth_response) - { - Session::set("openstackid.authentication.response", $auth_response); - } + return $value; + } - public function clearUserAuthenticationResponse() - { - if (Session::has("openstackid.authentication.response")) { - Session::remove("openstackid.authentication.response"); - } - } + return IAuthService::AuthenticationResponse_None; + } + + public function setUserAuthenticationResponse($auth_response) + { + Session::set("openstackid.authentication.response", $auth_response); + } + + public function clearUserAuthenticationResponse() + { + if (Session::has("openstackid.authentication.response")) { + Session::remove("openstackid.authentication.response"); + } + } } \ No newline at end of file diff --git a/app/libs/auth/User.php b/app/libs/auth/User.php index 167ca6fa..e4f08a34 100644 --- a/app/libs/auth/User.php +++ b/app/libs/auth/User.php @@ -2,276 +2,309 @@ namespace auth; +use Eloquent; use Illuminate\Auth\UserInterface; use Member; use MemberPhoto; -use openid\model\IOpenIdUser; use oauth2\models\IOAuth2User; -use Eloquent; +use openid\model\IOpenIdUser; use utils\model\BaseModelEloquent; + /** * Class User * @package auth */ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAuth2User { - protected $table = 'openid_users'; + protected $table = 'openid_users'; - private $member; + private $member; - public function trusted_sites() - { - return $this->hasMany("OpenIdTrustedSite", 'user_id'); - } + public function trusted_sites() + { + return $this->hasMany("OpenIdTrustedSite", 'user_id'); + } - public function access_tokens() - { - return $this->hasMany('AccessToken','user_id'); - } + public function access_tokens() + { + return $this->hasMany('AccessToken', 'user_id'); + } - public function refresh_tokens() - { - return $this->hasMany('RefreshToken','user_id'); - } + public function refresh_tokens() + { + return $this->hasMany('RefreshToken', 'user_id'); + } - public function consents() - { - return $this->hasMany('UserConsent','user_id'); - } + public function consents() + { + return $this->hasMany('UserConsent', 'user_id'); + } - public function clients() - { - return $this->hasMany("Client", 'user_id'); - } + public function clients() + { + return $this->hasMany("Client", 'user_id'); + } - public function getActions() - { - return $this->actions()->orderBy('created_at', 'desc')->take(10)->get(); - } + public function getActions() + { + return $this->actions()->orderBy('created_at', 'desc')->take(10)->get(); + } - public function actions() - { - return $this->hasMany("UserAction", 'user_id'); - } + public function actions() + { + return $this->hasMany("UserAction", 'user_id'); + } - public function setMember($member) - { - $this->member = $member; - } + public function setMember($member) + { + $this->member = $member; + } - private function getAssociatedMember(){ + private function getAssociatedMember() + { if (is_null($this->member)) { - $this->member = Member::where('ID', '=', $this->external_identifier)->first(); + $this->member = Member::where('ID', '=', $this->external_identifier)->first(); } + return $this->member; } - /** - * Get the unique identifier for the user. - * the one that is saved as session id on vendor/laravel/framework/src/Illuminate/Auth/Guard.php - * @return mixed - */ - public function getAuthIdentifier() { - return $this->external_identifier; - } - /** - * Get the password for the user. - * - * @return string - */ - public function getAuthPassword() - { + /** + * @return bool + */ + public function hasAssociatedMember() + { $this->getAssociatedMember(); - return $this->member->Password; - } + return !is_null($this->member); + } - public function getIdentifier() - { + /** + * Get the unique identifier for the user. + * the one that is saved as session id on vendor/laravel/framework/src/Illuminate/Auth/Guard.php + * @return mixed + */ + public function getAuthIdentifier() + { + return $this->external_identifier; + } + + /** + * Get the password for the user. + * @return string + */ + public function getAuthPassword() + { $this->getAssociatedMember(); - return $this->identifier; - } - public function getEmail() - { + return $this->member->Password; + } + + public function getIdentifier() + { $this->getAssociatedMember(); - return $this->member->Email; - } - public function getFullName() - { - return $this->getFirstName() . " " . $this->getLastName(); - } + return $this->identifier; + } - public function getFirstName() - { + public function getEmail() + { $this->getAssociatedMember(); - return $this->member->FirstName; - } - public function getLastName() - { + return $this->member->Email; + } + + public function getFullName() + { + return $this->getFirstName() . " " . $this->getLastName(); + } + + public function getFirstName() + { $this->getAssociatedMember(); - return $this->member->Surname; - } - public function getNickName() - { - return $this->getFullName(); - } + return $this->member->FirstName; + } - public function getGender() - { + public function getLastName() + { $this->getAssociatedMember(); - return $this->member->Gender; - } - public function getCountry() - { + return $this->member->Surname; + } + + public function getNickName() + { + return $this->getFullName(); + } + + public function getGender() + { $this->getAssociatedMember(); - return $this->member->Country; - } - public function getLanguage() - { + return $this->member->Gender; + } + + public function getCountry() + { $this->getAssociatedMember(); - return $this->member->Locale; - } - public function getTimeZone() - { + return $this->member->Country; + } + + public function getLanguage() + { $this->getAssociatedMember(); - return ""; - } - public function getDateOfBirth() - { + return $this->member->Locale; + } + + public function getTimeZone() + { $this->getAssociatedMember(); - return ""; - } - public function getId() - { - return $this->id; - } + return ""; + } - public function getShowProfileFullName() - { - return $this->public_profile_show_fullname; - } - - public function getShowProfilePic() - { - return $this->public_profile_show_photo; - } - - public function getShowProfileBio() - { - return false; - } - - public function getShowProfileEmail() - { - return $this->public_profile_show_email; - } - - public function getBio() - { + public function getDateOfBirth() + { $this->getAssociatedMember(); - return $this->member->Bio; - } - public function getPic() - { + return ""; + } + + public function getId() + { + return $this->id; + } + + public function getShowProfileFullName() + { + return $this->public_profile_show_fullname; + } + + public function getShowProfilePic() + { + return $this->public_profile_show_photo; + } + + public function getShowProfileBio() + { + return false; + } + + public function getShowProfileEmail() + { + return $this->public_profile_show_email; + } + + public function getBio() + { $this->getAssociatedMember(); - $url = asset('img/generic-profile-photo.png'); - $photoId = $this->member->PhotoID; - if (!is_null($photoId) && is_numeric($photoId) && $photoId > 0) { - $photo = MemberPhoto::where('ID', '=', $photoId)->first(); - if(!is_null($photo)){ - $url = $photo->Filename; - } - } - return $url; - } - public function getClients() - { - return $this->clients()->get(); - } - /** - * Could use system scopes on registered clients - * @return bool - */ - public function canUseSystemScopes() - { + return $this->member->Bio; + } + + public function getPic() + { $this->getAssociatedMember(); - $group = $this->member->groups()->where('code','=',IOAuth2User::OAuth2SystemScopeAdminGroup)->first(); - return !is_null($group); - } + $url = asset('img/generic-profile-photo.png'); + $photoId = $this->member->PhotoID; + if (!is_null($photoId) && is_numeric($photoId) && $photoId > 0) { + $photo = MemberPhoto::where('ID', '=', $photoId)->first(); + if (!is_null($photo)) { + $url = $photo->Filename; + } + } - /** - * Is Server Administrator - * @return bool - */ - public function isOAuth2ServerAdmin() - { + return $url; + } + + public function getClients() + { + return $this->clients()->get(); + } + + /** + * Could use system scopes on registered clients + * @return bool + */ + public function canUseSystemScopes() + { $this->getAssociatedMember(); - $group = $this->member->groups()->where('code','=',IOAuth2User::OAuth2ServerAdminGroup)->first(); - return !is_null($group); - } + $group = $this->member->groups()->where('code', '=', IOAuth2User::OAuth2SystemScopeAdminGroup)->first(); - /** - * @return bool - */ - public function isOpenstackIdAdmin() - { + return !is_null($group); + } + + /** + * Is Server Administrator + * @return bool + */ + public function isOAuth2ServerAdmin() + { $this->getAssociatedMember(); - $group = $this->member->groups()->where('code','=',IOpenIdUser::OpenstackIdServerAdminGroup)->first(); - return !is_null($group); - } + $group = $this->member->groups()->where('code', '=', IOAuth2User::OAuth2ServerAdminGroup)->first(); - public function getStreetAddress() - { + return !is_null($group); + } + + /** + * @return bool + */ + public function isOpenstackIdAdmin() + { $this->getAssociatedMember(); - return sprintf("%s, %s ",$this->member->Address,$this->member->Suburb); - } + $group = $this->member->groups()->where('code', '=', IOpenIdUser::OpenstackIdServerAdminGroup)->first(); - public function getRegion() - { + return !is_null($group); + } + + public function getStreetAddress() + { $this->getAssociatedMember(); - return $this->member->State; - } - public function getLocality() - { + return sprintf("%s, %s ", $this->member->Address, $this->member->Suburb); + } + + public function getRegion() + { $this->getAssociatedMember(); - return $this->member->City; - } - public function getPostalCode() - { + return $this->member->State; + } + + public function getLocality() + { $this->getAssociatedMember(); - return $this->member->Postcode; - } - public function getTrustedSites() - { - return $this->trusted_sites()->get(); - } + return $this->member->City; + } - public function getRememberToken() - { - return $this->remember_token; - } + public function getPostalCode() + { + $this->getAssociatedMember(); - public function setRememberToken($value) - { - $this->remember_token = $value; - } + return $this->member->Postcode; + } - public function getRememberTokenName() - { - return 'remember_token'; - } + public function getTrustedSites() + { + return $this->trusted_sites()->get(); + } + + public function getRememberToken() + { + return $this->remember_token; + } + + public function setRememberToken($value) + { + $this->remember_token = $value; + } + + public function getRememberTokenName() + { + return 'remember_token'; + } } \ No newline at end of file