-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsocialauth.php
136 lines (103 loc) · 4.67 KB
/
socialauth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
require_once 'ASEngine/AS.php';
$provider = @ $_GET['p'];
$token = @ $_GET['token'];
if ( $token == '' || $token == null || $token !== ASSession::get('as_social_token') ) {
ASSession::destroy('as_social_token');
die('Wrong social auth token!');
}
if ( $provider == '' || $provider == null )
die('Wrong provider.');
switch($provider) {
case 'twitter':
if ( ! TWITTER_ENABLED ) die ('This provider is not enabled.');
break;
case 'facebook':
if ( ! FACEBOOK_ENABLED ) die ('This provider is not enabled.');
break;
case 'google':
if ( ! GOOGLE_ENABLED ) die ('This provider is not enabled.');
break;
default:
die('This provider is not supported!');
}
require_once 'vendor/hybridauth/Hybrid/Auth.php';
$config = dirname(__FILE__) . '/vendor/hybridauth/config.php';
try {
$hybridauth = new Hybrid_Auth( $config );
$adapter = $hybridauth->authenticate( $provider );
$userProfile = $adapter->getUserProfile();
// determine if this is first time that user logs in via this social network
if ( $register->registeredViaSocial($provider, $userProfile->identifier) )
{
// user already exist and his account is connected with this provider, log him in
$user = $register->getBySocial($provider, $userProfile->identifier);
$login->byId($user['user_id']);
redirect( get_redirect_page() );
}
else
{
// user is not registred via this social network, check if his email exist in db
// and associate his account with this provider
$validator = new ASValidator();
if ( $validator->emailExist($userProfile->email) )
{
// hey, this user is registered here, just associate social account with his email
$user = $register->getByEmail($userProfile->email);
$register->addSocialAccount($user['user_id'], $provider, $userProfile->identifier);
$login->byId($user['user_id']);
redirect( get_redirect_page() );
}
else
{
// this is first time that user is registring on this webiste, create his account
$user = new ASUser(null);
// generate unique username
// for example, if two users with same display name (that is usually first and last name)
// are registred, they will have the same username, so we have to add some random number here
$username = str_replace(' ', '', $userProfile->displayName);
$tmpUsername = $username;
$i = 0;
$max = 50;
while ( $validator->usernameExist($tmpUsername) ) {
//try maximum 50 times
// Note: Chances for going over 2-3 times are really really low but just in case,
// if somehow it always generate username that is already in use, prevent database from crashing
// and generate some random unique username (it can be changed by administrator later)
if ( $i > $max )
break;
$tmpUsername = $username . rand(1, 10000);
$i++;
}
// there are more than 50 trials, generate random username
if ( $i > $max )
$tmpUsername = uniqid('user', true);
$username = $tmpUsername;
$info = array(
'email' => $userProfile->email == null ? '' : $userProfile->email,
'username' => $username,
'password' => $register->hashPassword(hash('sha512', $register->randomPassword())),
'confirmed' => 'Y',
'register_date' => date('Y-m-d H:i:s')
);
$details = array(
'first_name' => $userProfile->firstName == null ? '' : $userProfile->firstName,
'last_name' => $userProfile->lastName == null ? '' : $userProfile->lastName,
'address' => $userProfile->address == null ? '' : $userProfile->address,
'phone' => $userProfile->phone == null ? '' : $userProfile->phone
);
$db->insert('as_users', $info);
$userId = $db->lastInsertId();
$details['user_id'] = $userId;
$db->insert('as_user_details', $details);
$register->addSocialAccount($userId, $provider, $userProfile->identifier);
$login->byId($userId);
redirect( get_redirect_page() );
}
}
}
catch( Exception $e ) {
// something happened (social auth cannot be completed), just redirect user to login page
// Note: to debug check hybridauth documentation for error codes
redirect('login.php');
}