Second implementation with matrix_synapse_rest_auth #2
10
database.php
10
database.php
@@ -53,8 +53,8 @@ class mxDatabase
|
|||||||
$this->db->exec("CREATE TABLE logins (
|
$this->db->exec("CREATE TABLE logins (
|
||||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||||
active INT DEFAULT 1,
|
active INT DEFAULT 1,
|
||||||
firstname TEXT,
|
first_name TEXT,
|
||||||
lastname TEXT,
|
last_name TEXT,
|
||||||
localpart TEXT,
|
localpart TEXT,
|
||||||
password_hash TEXT,
|
password_hash TEXT,
|
||||||
email TEXT,
|
email TEXT,
|
||||||
@@ -225,12 +225,12 @@ class mxDatabase
|
|||||||
$sql = "SELECT COUNT(*) FROM logins WHERE localpart = '" . $localpart
|
$sql = "SELECT COUNT(*) FROM logins WHERE localpart = '" . $localpart
|
||||||
. "' AND active = 1 LIMIT 1;";
|
. "' AND active = 1 LIMIT 1;";
|
||||||
$res = $this->db->query($sql);
|
$res = $this->db->query($sql);
|
||||||
$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
|
|
||||||
|
|
||||||
if ($res->fetchColumn() > 0) {
|
if ($res->fetchColumn() > 0) {
|
||||||
$sql = "SELECT first_name, last_name, email, password_hash FROM logins "
|
$sql = "SELECT first_name, last_name, email, password_hash FROM logins "
|
||||||
. " WHERE verify_token = '" . $token . "' LIMIT 1;";
|
. " WHERE localpart = '" . $localpart . "' LIMIT 1;";
|
||||||
foreach ($this->db->query($sql) as $row) {
|
foreach ($this->db->query($sql) as $row) {
|
||||||
|
error_log($password . "-" . $row["password_hash"]);
|
||||||
// will only be executed once
|
// will only be executed once
|
||||||
if (password_verify($password, $row["password_hash"])) {
|
if (password_verify($password, $row["password_hash"])) {
|
||||||
return $row;
|
return $row;
|
||||||
@@ -258,7 +258,7 @@ class mxDatabase
|
|||||||
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
||||||
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost"=>12]);
|
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost"=>12]);
|
||||||
|
|
||||||
$sql = "INSERT INTO logins (firstname, lastname, localpart, password_hash, email) VALUES "
|
$sql = "INSERT INTO logins (first_name, last_name, localpart, password_hash, email) VALUES "
|
||||||
. '("' . $first_name.'","' . $last_name . '","' . $username . '","'
|
. '("' . $first_name.'","' . $last_name . '","' . $username . '","'
|
||||||
. $password_hash . '","' . $email . '")';
|
. $password_hash . '","' . $email . '")';
|
||||||
|
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ $response = [
|
|||||||
]
|
]
|
||||||
];
|
];
|
||||||
|
|
||||||
require_once("config.php");
|
require_once("../config.php");
|
||||||
require_once("database.php");
|
require_once("../database.php");
|
||||||
abstract class LoginRequester {
|
abstract class LoginRequester {
|
||||||
const UNDEFINED = 0;
|
const UNDEFINED = 0;
|
||||||
const MXISD = 1;
|
const MXISD = 1;
|
||||||
@@ -23,6 +23,8 @@ try {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
',true);
|
',true);
|
||||||
|
$inputJSON = file_get_contents('php://input');
|
||||||
|
$input = json_decode($inputJSON, TRUE);
|
||||||
$mxid = NULL;
|
$mxid = NULL;
|
||||||
$localpart = NULL;
|
$localpart = NULL;
|
||||||
if (isset($input["user"])) {
|
if (isset($input["user"])) {
|
||||||
@@ -72,7 +74,7 @@ try {
|
|||||||
}
|
}
|
||||||
$response["auth"]["success"] = true;
|
$response["auth"]["success"] = true;
|
||||||
$response["auth"]["profile"] = [
|
$response["auth"]["profile"] = [
|
||||||
"display_name" => $user["first_name"] . " " . $user["first_name"],
|
"display_name" => $user["first_name"] . " " . $user["last_name"],
|
||||||
"three_pids" => [
|
"three_pids" => [
|
||||||
[
|
[
|
||||||
"medium" => "email",
|
"medium" => "email",
|
||||||
|
|||||||
Reference in New Issue
Block a user