|
|
|
@ -4,7 +4,6 @@ use MSFD\Services\PgSql;
@@ -4,7 +4,6 @@ use MSFD\Services\PgSql;
|
|
|
|
|
use MSFD\Services\GeoserverAPI; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class AuthController { |
|
|
|
|
|
|
|
|
|
public function index() { |
|
|
|
@ -28,7 +27,7 @@ class AuthController {
@@ -28,7 +27,7 @@ class AuthController {
|
|
|
|
|
$user_id = PgSql::getCol($sql); |
|
|
|
|
|
|
|
|
|
if (!empty($user_id)) { |
|
|
|
|
$res = $api->getUser($user_id); |
|
|
|
|
// $res = $api->getUser($user_id); |
|
|
|
|
$sql_groups = "SELECT group_id FROM webapp.users u |
|
|
|
|
JOIN webapp.users__groups ug ON u.geo_id = ug.user_id |
|
|
|
|
WHERE geo_id = '${user_id}'"; |
|
|
|
@ -37,27 +36,14 @@ class AuthController {
@@ -37,27 +36,14 @@ class AuthController {
|
|
|
|
|
WHERE geo_id = '${user_id}'"; |
|
|
|
|
$user_name = PgSql::getCol($sql_name); |
|
|
|
|
|
|
|
|
|
if ($res !== FALSE) { |
|
|
|
|
foreach($res->users as $entry) { |
|
|
|
|
// if user id exists in geoserver |
|
|
|
|
if ($entry->userName == $user_id) { |
|
|
|
|
// STORE ROLE HERE IN SESSION USING API |
|
|
|
|
$role = $api->getRole($user_id); |
|
|
|
|
$_SESSION['user_id'] = $user_id; |
|
|
|
|
$_SESSION['user_groups'] = $user_groups; |
|
|
|
|
$_SESSION['user_name'] = $user_name; |
|
|
|
|
|
|
|
|
|
header('Location: /'); |
|
|
|
|
exit(0); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
header('HTTP/1.1 403 Forbidden'); |
|
|
|
|
header('Refresh: 2; URL = index.php'); |
|
|
|
|
exit(403); |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
echo 'No such user in geoserver'; |
|
|
|
|
echo 'No such user'; |
|
|
|
|
header('HTTP/1.1 403 Forbidden'); |
|
|
|
|
header('Refresh: 2; URL = index.php'); |
|
|
|
|
exit(403); |
|
|
|
@ -76,7 +62,6 @@ class AuthController {
@@ -76,7 +62,6 @@ class AuthController {
|
|
|
|
|
exit(422); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$api = new GeoserverAPI(); |
|
|
|
|
$sql = "select geo_id from webapp.users where email = '{$email}' and origin <> 'GUEST'"; |
|
|
|
|
$user_id = PgSql::getCol($sql); |
|
|
|
|
|
|
|
|
@ -110,7 +95,6 @@ class AuthController {
@@ -110,7 +95,6 @@ class AuthController {
|
|
|
|
|
$_SESSION = array(); |
|
|
|
|
header("Location: login"); |
|
|
|
|
exit(); |
|
|
|
|
header('Refresh: 2; URL = index.php'); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -131,7 +115,6 @@ function guidv4($data = null) {
@@ -131,7 +115,6 @@ function guidv4($data = null) {
|
|
|
|
|
// Generate 16 bytes (128 bits) of random data or use the data passed into the function. |
|
|
|
|
$data = $data ?? random_bytes(16); |
|
|
|
|
assert(strlen($data) == 16); |
|
|
|
|
|
|
|
|
|
// Set version to 0100 |
|
|
|
|
$data[6] = chr(ord($data[6]) & 0x0f | 0x40); |
|
|
|
|
// Set bits 6-7 to 10 |
|
|
|
@ -142,7 +125,6 @@ function guidv4($data = null) {
@@ -142,7 +125,6 @@ function guidv4($data = null) {
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function valid_email($str) { |
|
|
|
|
return (!preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; |
|
|
|
|
} |
|
|
|
|