bruno
/
pabx-app
forked from SimplesIP/pabx-app
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
376 Commits
12 Branches
2 Tags
260 MiB
 
 
 
 
 
 
Tree: 6021ea7bc5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6021ea7bc5'
${ noResults }
pabx-app/app/controllers/AuthController.php

113 lines
3.9 KiB
Raw Blame History

<?php
namespace app\controllers;
use app\models\AuditaFull;
use app\models\OrganizacaoUsuario;
use app\models\Token;
use app\models\Usuario;
use Slim\Routing\RouteCollectorProxy;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Firebase\JWT\JWT;
use DateTime;
class AuthController
{
const CONF_JWT_SECRET_KEY = '$2y$10$SfYYXbZxidLwSlFjoVIzJOOWbZzXQyvPDbCtI5E998Hn.TASJVnkm';
static function route()
{
return function (RouteCollectorProxy $group) {
$group->post('/auth', [self::class, 'auth']);
};
}
function auth(Request $request, Response $response, $args)
{
$body = json_decode($request->getBody()->getContents(), true);
if (empty($body['senha']) || empty($body['email'])) {
$response->getBody()->write(json_encode(
[
'status' => false,
'data' => ["message" => "Por favor verifique as informacoes passadas!"]
]
));
return $response;
}
$usuario = Usuario::find(["email" => $body['email']], ['id', 'nome', 'apelido', 'email', 'senha']);
if (!$usuario || md5($body['senha']) != $usuario->senha) {
$response->getBody()->write(json_encode(['status' => false, 'data' => ["message" => "Usuario e senha nao confere, por favor verifique as informacoes passadas!"]]));
return $response;
}
$expiredat = (new \DateTime())->modify('+1 days')->format('Y-m-d H:i:s');
$tokenPayload = ['sub' => $usuario->id, 'name' => $usuario->nome, 'email' => $usuario->email, 'expired_at' => $expiredat];
$tokens = Token::find(["id_usuario" => $usuario->id]);
if ($tokens) {
$expiredDate = new DateTime($tokens->expired_at);
$now = new DateTime();
if ($expiredDate < $now) {
Token::delete(["id" => $tokens->id]);
} else {
$response->getBody()->write(json_encode(['status' => true, 'data' => ["token" => $tokens->token, "refresh_token" => $tokens->refresh_token]]));
return $response;
}
}
$token = JWT::encode($tokenPayload, self::CONF_JWT_SECRET_KEY, 'HS256');
$refreshToken = JWT::encode(['email' => $usuario->email], self::CONF_JWT_SECRET_KEY, 'HS256');
$insert = [
"token" => $token,
"id_usuario" => $usuario->id,
"refresh_token" => $refreshToken,
"expired_at" => $expiredat,
"updated_at" => date('Y-m-d H:i:s')
];
$isCreated = Token::create($insert);
if (!$isCreated) {
$response->getBody()->write(json_encode(['status' => false, 'data' => ["message" => "Nao foi possivel gerar o Token de autenticacao!"]]));
return $response;
}
$org = OrganizacaoUsuario::find(['id_usuario' => $usuario->id], ['id_organizacao']);
$org_id = $org->id_organizacao ?? '0';
$auditoria = [
'login' => $usuario->apelido,
'id_prog' => '1',
'full_ip' => $_SERVER['REMOTE_ADDR'],
'full_uid' => time(),
'full_prog_nome' => 'api.php',
'full_tipo' => 'POST',
'full_log' => json_encode(
[
"usuario" => [
'id' => $usuario->id,
'nome' => $usuario->nome,
'email' => $usuario->email
],
"request" => $body,
"server" => $_SERVER
],
true
),
'org_id' => $org_id
];
AuditaFull::create($auditoria);
$response->getBody()->write(
json_encode(['status' => true, 'data' => ["token" => $token, "refresh_token" => $refreshToken]])
);
return $response;
}
}