docs/api/source-catalog.controller.account.authorize.html
| 1: | <?php | | 2: | namespace Opencart\Catalog\Controller\Account; | | 3: | /** | | 4: | * Class Authorize | | 5: | * | | 6: | * @package Opencart\Catalog\Controller\Account | | 7: | */ | | 8: | class Authorize extends \Opencart\System\Engine\Controller { | | 9: | /** | | 10: | * @return void | | 11: | */ | | 12: | public function index(): void { | | 13: | $this->load->language('account/authorize'); | | 14: | | | 15: | $this->document->setTitle($this->language->get('heading_title')); | | 16: | | | 17: | if (isset($this->request->cookie['authorize'])) { | | 18: | $token = $this->request->cookie['authorize']; | | 19: | } else { | | 20: | $token = ''; | | 21: | } | | 22: | | | 23: | // Check to see if user is using incorrect token | | 24: | if (isset($this->session->data['error'])) { | | 25: | $data['error_warning'] = $this->session->data['error']; | | 26: | | | 27: | unset($this->session->data['error']); | | 28: | } else { | | 29: | $data['error_warning'] = ''; | | 30: | } | | 31: | | | 32: | if (isset($this->session->data['success'])) { | | 33: | $data['success'] = $this->session->data['success']; | | 34: | | | 35: | unset($this->session->data['success']); | | 36: | } else { | | 37: | $data['success'] = ''; | | 38: | } | | 39: | | | 40: | $this->load->model('account/customer'); | | 41: | | | 42: | $login_info = $this->model_account_customer->getAuthorizeByToken($this->user->getId(), $token); | | 43: | | | 44: | if (!$login_info) { | | 45: | // Create a token that can be stored as a cookie and will be used to identify device is safe. | | 46: | $token = oc_token(32); | | 47: | | | 48: | $authorize_data = [ | | 49: | 'token' => $token, | | 50: | 'ip' => $this->request->server['REMOTE_ADDR'], | | 51: | 'user_agent' => $this->request->server['HTTP_USER_AGENT'] | | 52: | ]; | | 53: | | | 54: | $this->load->model('account/customer'); | | 55: | | | 56: | $this->model_account_customer->addAuthorize($this->customer->getId(), $authorize_data); | | 57: | | | 58: | setcookie('authorize', $token, time() + 60 * 60 * 24 * 365 * 10); | | 59: | } | | 60: | | | 61: | $data['action'] = $this->url->link('account/authorize.validate', 'user_token=' . $this->session->data['user_token']); | | 62: | | | 63: | // Set the code to be emailed | | 64: | $this->session->data['code'] = oc_token(4); | | 65: | | | 66: | if (isset($this->request->get['route']) && $this->request->get['route'] != 'account/login' && $this->request->get['route'] != 'account/authorize') { | | 67: | $args = $this->request->get; | | 68: | | | 69: | $route = $args['route']; | | 70: | | | 71: | unset($args['route']); | | 72: | unset($args['user_token']); | | 73: | | | 74: | $url = ''; | | 75: | | | 76: | if ($args) { | | 77: | $url .= http_build_query($args); | | 78: | } | | 79: | | | 80: | $data['redirect'] = $this->url->link($route, $url, true); | | 81: | } else { | | 82: | $data['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); | | 83: | } | | 84: | | | 85: | $data['user_token'] = $this->session->data['user_token']; | | 86: | | | 87: | $data['header'] = $this->load->controller('common/header'); | | 88: | $data['footer'] = $this->load->controller('common/footer'); | | 89: | | | 90: | $this->response->setOutput($this->load->view('common/authorize', $data)); | | 91: | } | | 92: | | | 93: | /** | | 94: | * Send | | 95: | * | | 96: | * @return void | | 97: | */ | | 98: | public function send(): void { | | 99: | $this->load->language('account/authorize'); | | 100: | | | 101: | $json = []; | | 102: | | | 103: | $json['success'] = $this->language->get('text_resend'); | | 104: | | | 105: | $this->response->addHeader('Content-Type: application/json'); | | 106: | $this->response->setOutput(json_encode($json)); | | 107: | } | | 108: | | | 109: | /** | | 110: | * Validate | | 111: | * | | 112: | * @return void | | 113: | */ | | 114: | public function validate(): void { | | 115: | $this->load->language('account/authorize'); | | 116: | | | 117: | $json = []; | | 118: | | | 119: | if (isset($this->request->cookie['authorize'])) { | | 120: | $token = $this->request->cookie['authorize']; | | 121: | } else { | | 122: | $token = ''; | | 123: | } | | 124: | | | 125: | $this->load->model('account/customer'); | | 126: | | | 127: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token); | | 128: | | | 129: | if ($authorize_info) { | | 130: | if (($authorize_info['attempts'] <= 2) && (!isset($this->request->post['code']) || !isset($this->session->data['code']) || ($this->request->post['code'] != $this->session->data['code']))) { | | 131: | $json['error'] = $this->language->get('error_code'); | | 132: | | | 133: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], $authorize_info['total'] + 1); | | 134: | } | | 135: | | | 136: | if ($authorize_info['attempts'] >= 2) { | | 137: | $json['redirect'] = $this->url->link('account/authorize.unlock', 'user_token=' . $this->session->data['user_token'], true); | | 138: | } | | 139: | } else { | | 140: | $json['error'] = $this->language->get('error_code'); | | 141: | } | | 142: | | | 143: | if (!$json) { | | 144: | $this->model_account_customer->editAuthorizeStatus($authorize_info['customer_authorize_id'], true); | | 145: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], 0); | | 146: | | | 147: | if (isset($this->request->post['redirect'])) { | | 148: | $redirect = urldecode(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8')); | | 149: | } else { | | 150: | $redirect = ''; | | 151: | } | | 152: | | | 153: | // Register the cookie for security. | | 154: | if ($redirect && str_starts_with($redirect, HTTP_SERVER)) { | | 155: | $json['redirect'] = $redirect . '&user_token=' . $this->session->data['user_token']; | | 156: | } else { | | 157: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); | | 158: | } | | 159: | } | | 160: | | | 161: | $this->response->addHeader('Content-Type: application/json'); | | 162: | $this->response->setOutput(json_encode($json)); | | 163: | } | | 164: | | | 165: | /** | | 166: | * Unlock | | 167: | * | | 168: | * @return void | | 169: | */ | | 170: | public function unlock(): void { | | 171: | $this->load->language('account/authorize'); | | 172: | | | 173: | if (isset($this->request->cookie['authorize'])) { | | 174: | $token = $this->request->cookie['authorize']; | | 175: | } else { | | 176: | $token = ''; | | 177: | } | | 178: | | | 179: | $this->load->model('account/customer'); | | 180: | | | 181: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token); | | 182: | | | 183: | if ($authorize_info && $authorize_info['status']) { | | 184: | // Redirect if already have a valid token. | | 185: | $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)); | | 186: | } | | 187: | | | 188: | $data['user_token'] = $this->session->data['user_token']; | | 189: | | | 190: | $data['header'] = $this->load->controller('common/header'); | | 191: | $data['footer'] = $this->load->controller('common/footer'); | | 192: | | | 193: | $this->response->setOutput($this->load->view('common/authorize_unlock', $data)); | | 194: | } | | 195: | | | 196: | /** | | 197: | * Confirm | | 198: | * | | 199: | * @return void | | 200: | */ | | 201: | public function confirm(): void { | | 202: | $this->load->language('account/authorize'); | | 203: | | | 204: | $json = []; | | 205: | | | 206: | $json['success'] = $this->language->get('text_link'); | | 207: | | | 208: | // Create reset code | | 209: | $this->load->model('account/customer'); | | 210: | | | 211: | $this->model_account_customer->editCode($this->customer->getEmail(), oc_token(32)); | | 212: | | | 213: | $this->response->addHeader('Content-Type: application/json'); | | 214: | $this->response->setOutput(json_encode($json)); | | 215: | } | | 216: | | | 217: | /** | | 218: | * Reset | | 219: | * | | 220: | * @return void | | 221: | */ | | 222: | public function reset(): void { | | 223: | $this->load->language('account/authorize'); | | 224: | | | 225: | if (isset($this->request->get['email'])) { | | 226: | $email = (string)$this->request->get['email']; | | 227: | } else { | | 228: | $email = ''; | | 229: | } | | 230: | | | 231: | if (isset($this->request->get['code'])) { | | 232: | $code = (string)$this->request->get['code']; | | 233: | } else { | | 234: | $code = ''; | | 235: | } | | 236: | | | 237: | $this->load->model('account/customer'); | | 238: | | | 239: | $customer_info = $this->model_account_customer->getCustomerByEmail($email); | | 240: | | | 241: | if ($customer_info && $customer_info['code'] && $code && $customer_info['code'] === $code) { | | 242: | $this->model_account_customer->resetAuthorizes($customer_info['customer_id']); | | 243: | | | 244: | $this->model_account_customer->editCode($email, ''); | | 245: | | | 246: | $this->session->data['success'] = $this->language->get('text_unlocked'); | | 247: | | | 248: | $this->response->redirect($this->url->link('account/authorize', 'user_token=' . $this->session->data['user_token'], true)); | | 249: | } else { | | 250: | $this->customer->logout(); | | 251: | | | 252: | $this->model_account_customer->editCode($email, ''); | | 253: | | | 254: | $this->session->data['error'] = $this->language->get('error_reset'); | | 255: | | | 256: | $this->response->redirect($this->url->link('account/login', '', true)); | | 257: | } | | 258: | } | | 259: | } | | 260: | |
OpenCart API API documentation generated by ApiGen dev-master