AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Google authentication

Browse Source
This commit is contained in:
Frédéric Guillot
2014-05-03 22:24:03 -04:00
parent 9531e439cd
commit 560a12f0bd
96 changed files with 7751 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
models/acl.php
View File

@@ -19,7 +19,7 @@ class Acl extends Base
* @var array
*/
private $public_actions = array(
'user' => array('login', 'check'),
'user' => array('login', 'check', 'google'),
'task' => array('add'),
'board' => array('readonly'),
);
@@ -36,7 +36,7 @@ class Acl extends Base
'project' => array('tasks', 'index', 'forbidden'),
'task' => array('show', 'create', 'save', 'edit', 'update', 'close', 'confirmclose', 'open', 'confirmopen', 'description', 'duplicate'),
'comment' => array('save', 'confirm', 'remove', 'update', 'edit'),
'user' => array('index', 'edit', 'update', 'forbidden', 'logout', 'index'),
'user' => array('index', 'edit', 'update', 'forbidden', 'logout', 'index', 'unlinkgoogle'),
'config' => array('index', 'removeremembermetoken'),
);

1
models/base.php
View File

@@ -13,6 +13,7 @@ require __DIR__.'/../vendor/SimpleValidator/Validators/Equals.php';
require __DIR__.'/../vendor/SimpleValidator/Validators/AlphaNumeric.php';
require __DIR__.'/../vendor/SimpleValidator/Validators/GreaterThan.php';
require __DIR__.'/../vendor/SimpleValidator/Validators/Date.php';
require __DIR__.'/../vendor/SimpleValidator/Validators/Email.php';
/**
* Base model class

151
models/google.php Normal file
View File

@@ -0,0 +1,151 @@
<?php
namespace Model;
require_once __DIR__.'/base.php';
require __DIR__.'/../vendor/OAuth/bootstrap.php';
use \OAuth\Common\Storage\Session;
use \OAuth\Common\Consumer\Credentials;
use \OAuth\Common\Http\Uri\UriFactory;
use \OAuth\ServiceFactory;
use \OAuth\Common\Http\Exception\TokenResponseException;
/**
* Google model
*
* @package model
* @author Frederic Guillot
*/
class Google extends Base
{
/**
* Authenticate a Google user
*
* @access public
* @param string $google_id Google unique id
* @return boolean
*/
public function authenticate($google_id)
{
$userModel = new User($this->db, $this->event);
$user = $userModel->getByGoogleId($google_id);
if ($user) {
// Create the user session
$userModel->updateSession($user);
// Update login history
$lastLogin = new LastLogin($this->db, $this->event);
$lastLogin->create(
LastLogin::AUTH_GOOGLE,
$user['id'],
$userModel->getIpAddress(),
$userModel->getUserAgent()
);
return true;
}
return false;
}
/**
* Unlink a Google account for a given user
*
* @access public
* @param integer $user_id User id
* @return boolean
*/
public function unlink($user_id)
{
$userModel = new User($this->db, $this->event);
return $userModel->update(array(
'id' => $user_id,
'google_id' => '',
));
}
/**
* Update the user table based on the Google profile information
*
* @access public
* @param integer $user_id User id
* @param array $profile Google profile
* @return boolean
*/
public function updateUser($user_id, array $profile)
{
$userModel = new User($this->db, $this->event);
return $userModel->update(array(
'id' => $user_id,
'google_id' => $profile['id'],
'email' => $profile['email'],
'name' => $profile['name'],
));
}
/**
* Get the Google service instance
*
* @access public
* @return \OAuth\OAuth2\Service\Google
*/
public function getService()
{
$uriFactory = new UriFactory();
$currentUri = $uriFactory->createFromSuperGlobalArray($_SERVER);
$currentUri->setQuery('controller=user&action=google');
$storage = new Session(false);
$credentials = new Credentials(
GOOGLE_CLIENT_ID,
GOOGLE_CLIENT_SECRET,
$currentUri->getAbsoluteUri()
);
$serviceFactory = new ServiceFactory();
return $serviceFactory->createService(
'google',
$credentials,
$storage,
array('userinfo_email', 'userinfo_profile')
);
}
/**
* Get the authorization URL
*
* @access public
* @return \OAuth\Common\Http\Uri\Uri
*/
public function getAuthorizationUrl()
{
return $this->getService()->getAuthorizationUri();
}
/**
* Get Google profile information from the API
*
* @access public
* @param string $code Google authorization code
* @return bool|array
*/
public function getGoogleProfile($code)
{
try {
$googleService = $this->getService();
$googleService->requestAccessToken($code);
return json_decode($googleService->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);
}
catch (TokenResponseException $e) {}
return false;
}
}

2
models/last_login.php
View File

@@ -24,7 +24,7 @@ class LastLogin extends Base
*
* @var integer
*/
const NB_LOGINS = 15;
const NB_LOGINS = 10;
/**
* Authentication methods

26
models/user.php
View File

@@ -41,6 +41,18 @@ class User extends Base
return $this->db->table(self::TABLE)->eq('id', $user_id)->findOne();
}
/**
* Get a specific user by the Google id
*
* @access public
* @param string $google_id Google unique id
* @return array
*/
public function getByGoogleId($google_id)
{
return $this->db->table(self::TABLE)->eq('google_id', $google_id)->findOne();
}
/**
* Get a specific user by the username
*
@@ -64,7 +76,7 @@ class User extends Base
return $this->db
->table(self::TABLE)
->asc('username')
->columns('id', 'username', 'is_admin', 'default_project_id', 'is_ldap_user')
->columns('id', 'username', 'name', 'email', 'is_admin', 'default_project_id', 'is_ldap_user')
->findAll();
}
@@ -115,8 +127,13 @@ class User extends Base
unset($values['password']);
}
if (isset($values['confirmation'])) unset($values['confirmation']);
if (isset($values['current_password'])) unset($values['current_password']);
if (isset($values['confirmation'])) {
unset($values['confirmation']);
}
if (isset($values['current_password'])) {
unset($values['current_password']);
}
$result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values);
@@ -191,6 +208,7 @@ class User extends Base
new Validators\Equals('password', 'confirmation', t('Passwords doesn\'t matches')),
new Validators\Integer('default_project_id', t('This value must be an integer')),
new Validators\Integer('is_admin', t('This value must be an integer')),
new Validators\Email('email', t('Email address invalid')),
));
return array(
@@ -220,6 +238,7 @@ class User extends Base
new Validators\Unique('username', t('The username must be unique'), $this->db->getConnection(), self::TABLE, 'id'),
new Validators\Integer('default_project_id', t('This value must be an integer')),
new Validators\Integer('is_admin', t('This value must be an integer')),
new Validators\Email('email', t('Email address invalid')),
));
return array(
@@ -250,6 +269,7 @@ class User extends Base
new Validators\Equals('password', 'confirmation', t('Passwords doesn\'t matches')),
new Validators\Integer('default_project_id', t('This value must be an integer')),
new Validators\Integer('is_admin', t('This value must be an integer')),
new Validators\Email('email', t('Email address invalid')),
));
if ($v->execute()) {