social_core/Core.php at master · samsonos/social_core · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
<?php
/**
 * Created by Vitaly Iegorov <egorov@samsonos.com>
 * on 11.04.14 at 15:17
 */
namespace samson\social;

use samsonframework\container\definition\analyzer\annotation\annotation\Service;
use samsonframework\orm\RecordInterface;
use samson\core\CompressableService;
use samsonphp\event\Event;

 /**
  * Generic class for user authorization.
  * TODO: Avoid $_SESSION using
  * TODO: Integrate possible javascript client authorization logic
  * TODO: Refactor code
  * TODO: Looses db() dependency
  *
  * @author Vitaly Egorov <egorov@samsonos.com>
  * @copyright 2015 SamsonOS
  * @Service("social")
  */
class Core extends CompressableService
{
    /** Initialization end */
    const EVENT_INIT_END = 'social.core.init';

    /** @var self[] Collection of social ancestors */
    protected static $ancestors = array();

    /** General hashing algorithm */
    public $hashAlgorithm = 'sha256';

    /** General hashing algorithm output size */
    public $hashLength = 64;

    /**
     * @deprecated Should be changed to events logic.
     * @var callable External initialization handler
     */
    public $initHandler;

    /** Module identifier */
    public $id = 'social';

    /** Database table name for interaction */
    public $dbTable = \samsoncms\api\generated\User::class;

    /** Database primary field name */
    public $dbPrimaryField = 'UserID';

    /* Database user email field */
    public $dbEmailField = 'email';

    /* Database user password field */
    public $dbPasswordField = 'Password';

    /** Database user token field */
    public $accessToken = 'accessToken';

    /** @var self Pointer to current social module who has authorized */
    public $active;

    /** @var RecordInterface Pointer to current user object */
    protected $user;

    /** Is user authorized */
    protected $authorized = false;

    /**
     * Update authorization status of all social services.
     *
     * @param RecordInterface $user Pointer to authorized user database record
     */
    protected function update(RecordInterface &$user)
    {
        // Load user from session
        $this->user = $user;
        $this->authorized = true;

        // Save to session
        $_SESSION[$this->identifier()] = serialize($this->user);

        // Tell all ancestors that we are in
        foreach (self::$ancestors as & $ancestor) {
            $ancestor->user = &$this->user;
            $ancestor->active = &$this;
            $ancestor->authorized = $this->authorized;
        }
    }

    /** @return RecordInterface Pointer to current authorized user object */
    public function &user()
    {
        return $this->user;
    }

    /** @return bool True if user is authorized */
    public function authorized()
    {
        return $this->authorized;
    }

    /**
     * Hashing function.
     *
     * @param string $value Valur for hashing
     * @return string Hashed value
     */
    public function hash($value)
    {
        return hash($this->hashAlgorithm, $value);
    }

    /** Module preparation */
    public function prepare()
    {
        // Create and check general database table fields configuration
        //db()->createField($this, $this->dbTable, 'dbEmailField', 'VARCHAR(64)');
        // Create and check general database table fields configuration
        //db()->createField($this, $this->dbTable, 'dbPasswordField', 'VARCHAR(64)');
        // Create and check general database table fields configuration
        //db()->createField($this, $this->dbTable, 'accessToken', 'VARCHAR(256)');

        return parent::prepare();
    }

    /**
     * Module initialization.
     *
     * @param array $params Initializarion parameters
     */
    public function init(array $params = array())
    {
        // Store this module as ancestor
        self::$ancestors[$this->id] = &$this;

        // If we are not authorized
        if (!$this->authorized) {
            // TODO: Remove session dependency as storage can be different
            // Search for user in session
            $pointer = &$_SESSION[$this->identifier()];
            if (isset($pointer)) {
                // Load user from session
                $this->user = unserialize($pointer);

                $this->update($this->user);
            }
        }

        // TODO: Should be removed in next majot version
        // If external init handler is set
        if (is_callable($this->initHandler)) {
            // Call external handler and pass reference on this object
            call_user_func_array($this->initHandler, array(&$this));
        }

        // New approach instead of old handler
        //Event::fire(self::EVENT_INIT_END, array(&$this));

        return parent::init($params);
    }

    /**
     * Generic random password generator.
     *
     * @param int $length Password length
     * @return string Generated password
     */
    public function generatePassword($length = 8)
    {
        $password = '';
        for ($i = 0; $i < $length; $i++) {
            $password .= rand(0, 9);
        }
        return $password;
    }

    /** @return string Unique module state identifier */
    public function identifier()
    {
        // TODO: Remove url() dependency
        return str_replace(array('\\', '/'), '_', __NAMESPACE__ . '/' . $this->id . '_auth_' . url()->base());
    }

    /**
     * Finish authorization process and return asynchronous response.
     *
     * @param RecordInterface $user Pointer to filled user object
     * @return array Asynchronous response array
     */
    public function authorize(RecordInterface & $user)
    {
        // Store pointer to authorized user
        $this->user = &$user;

        $this->authorized = true;

        // TODO: Remove session dependency as storage can be different
        // Save user in session
        $_SESSION[$this->identifier()] = serialize($this->user);

        $this->active = &$this;

        $this->update($this->user);

        // Return authorization status
        return $this->authorized;
    }

    /** Initiate de-authorization process */
    public function deauthorize()
    {
        // Tell all ancestors that we are out
        foreach (self::$ancestors as & $ancestor) {
            $ancestor->authorized = false;
            unset($ancestor->user);
            // TODO: Remove session dependency as storage can be different
            unset($_SESSION[$ancestor->identifier()]);
            setcookie('_cookie_accessToken');
        }
    }

    /** Serialization handler */
    public function __sleep()
    {
        // Remove all unnecessary fields from serialization
        return array_diff(parent::__sleep(), array('authorized', 'user'));
    }
}