Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

UserToken small fixes

Browse Source
This commit is contained in:
Roman Hergenreder 2020-06-22 21:50:58 +02:00
parent 0f21a6941d
commit 5a4256cf47
3 changed files with 403 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
core/Api/UserAPI.class.php
View File

@ -63,6 +63,7 @@ namespace Api\User {
use Api\UserAPI; use Api\UserAPI;
use DateTime; use DateTime;
use Driver\SQL\Condition\Compare; use Driver\SQL\Condition\Compare;
use Driver\SQL\Condition\CondBool;
use Views\Account\ConfirmEmail; use Views\Account\ConfirmEmail;
class Create extends UserAPI { class Create extends UserAPI {
@ -327,8 +328,7 @@ class Login extends UserAPI {
$this->result['logoutIn'] = $this->user->getSession()->getExpiresSeconds(); $this->result['logoutIn'] = $this->user->getSession()->getExpiresSeconds();
$this->success = true; $this->success = true;
} }
} } else {
else {
return $this->wrongCredentials(); return $this->wrongCredentials();
} }
} }
@ -448,27 +448,30 @@ class CheckToken extends UserAPI{
} }
public function execute($values = array()) { public function execute($values = array()) {
parent::execute($values); if (!parent::execute($values)) {
return false;
}
$token = $this->getParam('token'); $token = $this->getParam('token');
$sql = $this->user->getSQL(); $sql = $this->user->getSQL();
$res = $sql->select("UserToken.token_type, User.name, User.email")->from("UserToken") $res = $sql->select("UserToken.token_type", "User.name", "User.email")
->innerJoin("user", "UserToken.user_id","User.uid") ->from("UserToken")
->where(new Compare("UserToken.token",$token), ->innerJoin("User", "UserToken.user_id", "User.uid")
new Compare("UserToken.valid_until", $sql->now(), ">")) ->where(new Compare("UserToken.token", $token))
->where(new Compare("UserToken.valid_until", $sql->now(), ">"))
->where(new Compare("UserToken.used", 0))
->execute(); ->execute();
$this->lastError = $sql->getLastError(); $this->lastError = $sql->getLastError();
$this->success = ($res !== FALSE); $this->success = ($res !== FALSE);
if ($this->success) { if ($this->success) {
if(count($res) == 0) { if (count($res) > 0) {
$this->lastError = "This token does not exist or is no longer valid"; $row = $res[0];
$this->success = false; $this->result["token"] = array("type" => $row["token_type"]);
return false; $this->result["user"] = array("name" => $row["name"], "email" => $row["email"]);
} else {
return $this->createError("This token does not exist or is no longer valid");
} }
$this->result["token_type"] = $res[0]["UserToken.token_type"];
$this->result["username"] = $res[0]["User.username"];
$this->result["email"] = $res[0]["User.email"];
} }
return $this->success; return $this->success;
} }

3
core/Configuration/CreateDatabase.class.php
View File

@ -60,8 +60,9 @@ class CreateDatabase {
$queries[] = $sql->createTable("UserToken") $queries[] = $sql->createTable("UserToken")
->addInt("user_id") ->addInt("user_id")
->addString("token", 36) ->addString("token", 36)
->addEnum("token_type", array("password_reset", "confirmation")) ->addEnum("token_type", array("password_reset", "email_confirm"))
->addDateTime("valid_until") ->addDateTime("valid_until")
->addBool("used", false)
->foreignKey("user_id", "User", "uid", new CascadeStrategy()); ->foreignKey("user_id", "User", "uid", new CascadeStrategy());
$queries[] = $sql->createTable("Group") $queries[] = $sql->createTable("Group")

1
core/Driver/SQL/SQL.class.php
View File

@ -281,6 +281,7 @@ abstract class SQL {
protected abstract function columnName($col); protected abstract function columnName($col);
// Special Keywords and functions // Special Keywords and functions
public function now() { return $this->currentTimestamp(); }
public abstract function currentTimestamp(); public abstract function currentTimestamp();
public function count($col = NULL) { public function count($col = NULL) {