mirror of
https://git.imnavajas.es/jjimenez/safekat.git
synced 2025-07-25 22:52:08 +00:00
falta lenguaje de user y usermodel. Repasar funcionalidades
This commit is contained in:
Jaime Jimenez
@ -10,8 +10,8 @@ use App\Models\PasswordRecoveryModel;
|
||||
use App\Models\SettingsModel;
|
||||
use App\Models\TemplateModel;
|
||||
use App\Models\Usuarios\UserModel;
|
||||
use App\Models\UserGroupModel;
|
||||
use App\Models\GroupUserModel;
|
||||
use App\Models\Usuarios\UserGroupModel;
|
||||
use App\Models\Usuarios\GroupUserModel;
|
||||
|
||||
class login extends BaseController
|
||||
{
|
||||
@ -127,15 +127,15 @@ class login extends BaseController
|
||||
if(!empty($login))
|
||||
{
|
||||
// Blocked Validation
|
||||
if($login['blocked']!=null){
|
||||
$dateBlocked = date($login['blocked']);
|
||||
if($login->blocked!=null){
|
||||
$dateBlocked = date($login->blocked);
|
||||
$dateNow = date('Y-m-d H:i:s');
|
||||
if($dateBlocked > $dateNow){
|
||||
$session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_user_blocked").$settings['throttle_auth_lockour_time'].' '.lang("App.global_hours")]);
|
||||
return redirect()->to('login');
|
||||
}else{
|
||||
$this->user_model->save([
|
||||
'id_user' => $login['id_user'],
|
||||
'id_user' => $login->id_user,
|
||||
'blocked' => null
|
||||
]);
|
||||
}
|
||||
@ -148,23 +148,23 @@ class login extends BaseController
|
||||
if(empty($session->get('oauth'))){
|
||||
// Check user password
|
||||
$phpass = new PasswordHash(8, true);
|
||||
if(!$phpass->CheckPassword($getVar['password']??'', $login['password'])){
|
||||
if(!$phpass->CheckPassword($getVar['password']??'', $login->password)){
|
||||
// Throttling Validation
|
||||
if($settings['throttle_auth']??false){
|
||||
$initialDate = date('Y-m-d H:i:s', strtotime('-12 hour', time()));
|
||||
$finalDate = date('Y-m-d H:i:s');
|
||||
$amount = $this->activity_model->where('user',$login['token'])->where('level','throttling')->where('created_at between \''.$initialDate.'\' and \''.$finalDate.'\'')->countAllResults();
|
||||
$amount = $this->activity_model->where('user',$login->token)->where('level','throttling')->where('created_at between \''.$initialDate.'\' and \''.$finalDate.'\'')->countAllResults();
|
||||
if($amount >= intval($settings['throttle_auth_max_attempts']??'')){
|
||||
$session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_user_blocked").$settings['throttle_auth_lockour_time'].' '.lang("App.global_hours")]);
|
||||
$blocked = date('Y-m-d H:i:s', strtotime('+'.$settings['throttle_auth_lockour_time'].' hour', time()));
|
||||
$this->user_model->save([
|
||||
'id_user' => $login['id_user'],
|
||||
'id_user' => $login->id_user,
|
||||
'blocked' => $blocked
|
||||
]);
|
||||
return redirect()->to('login');
|
||||
}else{
|
||||
// Register Throttling Log
|
||||
$this->integration->setLog('throttling','login-authenticate',$login['token']);
|
||||
$this->integration->setLog('throttling','login-authenticate',$login->token);
|
||||
$session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_pass_invalid_2"). ($amount+1) .lang("App.login_alert_pass_attempt"). $settings['throttle_auth_max_attempts']??0]);
|
||||
return redirect()->to('login');
|
||||
}
|
||||
@ -174,7 +174,7 @@ class login extends BaseController
|
||||
}
|
||||
// Check email confirmed
|
||||
if($settings['email_confirmation']??false){
|
||||
if(!$login['email_confirmed']){
|
||||
if(!$login->email_confirmed){
|
||||
$session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.user_alert_email_confirmed")]);
|
||||
return redirect()->to('login');
|
||||
}
|
||||
@ -182,23 +182,23 @@ class login extends BaseController
|
||||
}
|
||||
|
||||
// Check user status
|
||||
if(!$login['status']){
|
||||
if(!$login->status){
|
||||
$session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_disabled_access")]);
|
||||
return redirect()->to('/login');
|
||||
}
|
||||
|
||||
// Get access rules
|
||||
#$rules = $this->group_model->where('token', $login['group'])->first();
|
||||
#$rules = $this->group_model->where('token', $login->'group'])->first();
|
||||
$groups = $this->group_user_model
|
||||
->select('token_group')
|
||||
->where('token_user',$login['token'])->findAll();
|
||||
->where('token_user',$login->token)->findAll();
|
||||
|
||||
if (sizeof($groups)>1){
|
||||
|
||||
$rules = $this->group_model->select('rules')->where('token',$groups[0])->first()['rules'];
|
||||
$rules = $this->group_model->select('rules')->where('token',$groups[0])->first()->rules;
|
||||
$rules = json_decode(html_entity_decode($rules), true);
|
||||
for ($i=1; $i<sizeof($groups); $i++){
|
||||
$temp_rules = $this->group_model->select('rules')->where('token',$groups[$i])->first()['rules'];
|
||||
$temp_rules = $this->group_model->select('rules')->where('token',$groups[$i])->first()->rules;
|
||||
foreach ($rules as $key => $value){
|
||||
if (array_key_exists($key, json_decode(html_entity_decode($temp_rules), true))){
|
||||
$value2 = json_decode(html_entity_decode($temp_rules), true)[$key];
|
||||
@ -223,26 +223,26 @@ class login extends BaseController
|
||||
|
||||
|
||||
// Save data in session
|
||||
$session->set('id_user', $login['id_user']);
|
||||
//$session->set('group', $login['group']);
|
||||
$session->set('first_name', $login['first_name']);
|
||||
$session->set('last_name', $login['last_name']);
|
||||
$session->set('email', $login['email']);
|
||||
$session->set('token', $login['token']);
|
||||
$session->set('id_user', $login->id_user);
|
||||
//$session->set('group', $login->'group']);
|
||||
$session->set('first_name', $login->first_name);
|
||||
$session->set('last_name', $login->last_name);
|
||||
$session->set('email', $login->email);
|
||||
$session->set('token', $login->token);
|
||||
// JJO
|
||||
$dashboard = 'user';
|
||||
foreach ($groups as $group){
|
||||
if($this->group_model->select('dashboard')->where('token',$group)->first()['dashboard'] == 'admin')
|
||||
if($this->group_model->select('dashboard')->where('token',$group)->first()->dashboard == 'admin')
|
||||
$dashboard = 'admin';
|
||||
}
|
||||
$session->set('dashboard', $dashboard);
|
||||
|
||||
$session->set('rules', html_entity_decode(json_encode($rules)));
|
||||
$session->set('picture', $login['picture']);
|
||||
$session->set('tfa', $login['tfa']);
|
||||
$session->set('tfa_secret', $login['tfa_secret']);
|
||||
$session->set('tfa_code', $login['tfa_code']);
|
||||
$session->set('lang', $login['language'] ?? 'en');
|
||||
$session->set('picture', $login->picture);
|
||||
$session->set('tfa', $login->tfa);
|
||||
$session->set('tfa_secret', $login->tfa_secret);
|
||||
$session->set('tfa_code', $login->tfa_code);
|
||||
$session->set('lang', $login->language ?? 'en');
|
||||
// Update last access
|
||||
$last_access = date('Y-m-d H:i:s');
|
||||
$this->user_model->set('last_access', $last_access)->set('last_ip', $last_ip)->where('id_user', $session->get('id_user'))->update();
|
||||
@ -252,7 +252,7 @@ class login extends BaseController
|
||||
$integration->setLog('information','login-authenticate');
|
||||
|
||||
// Check if it has two factors
|
||||
if($login['tfa']??false){
|
||||
if($login->tfa??false){
|
||||
return redirect()->to('/login/authentication');
|
||||
}else{
|
||||
return redirect()->to('home');
|
||||
|
||||
Reference in New Issue
Block a user