/apps/user/handlers/login/openid.php

https://bitbucket.org/jonphipps/elefant-vocabhub · PHP · 85 lines · 63 code · 11 blank · 11 comment · 12 complexity · 647dc19409954e918fbf08c060d5a15c MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * OpenID social login handler.
    5. 

  5.  */
    6. 

  6. 

  7. if (! in_array ('openid', $appconf['User']['login_methods'])) {
    8. 

  8. 	echo $this->error (404, __ ('Not found'), __ ('The page you requested could not be found.'));
    9. 

  9. 	return;
    10. 

  10. }
    11. 

  11. 

  12. $openid = new LightOpenID ($_SERVER['HTTP_HOST']);
    13. 

  13. 

  14. // handle the openid request
    15. 

  15. if (! $openid->mode) {
    16. 

  16. 	if (isset ($_POST['openid_identifier'])) {
    17. 

  17. 		$openid->identity = $_POST['openid_identifier'];
    18. 

  18. 		$openid->required = array ('namePerson/first', 'namePerson/last', 'contact/email');
    19. 

  19. 		$this->redirect ($openid->authUrl ());
    20. 

  20. 	}
    21. 

  21. 	$page->title = 'Sign in with OpenID';
    22. 

  22. 	echo $tpl->render ('user/login/openid');
    23. 

  23. 	return;
    24. 

  24. } elseif ($openid->mode == 'cancel') {
    25. 

  25. 	$this->redirect ($_GET['redirect']);
    26. 

  26. } elseif (! $openid->validate ()) {
    27. 

  27. 	$this->redirect ($_GET['redirect']);
    28. 

  28. }
    29. 

  29. 

  30. // get the openid token and data
    31. 

  31. $token = $openid->identity;
    32. 

  32. $data = $openid->getAttributes ();
    33. 

  33. 

  34. if (isset ($data['contact/email'])) {
    35. 

  35. 	// fetch by email
    36. 

  36. 	$u = User::query ()->where ('email', $data['contact/email'])->single ();
    37. 

  37. } else {
    38. 

  38. 	// no email, fetch by token
    39. 

  39. 	$uid = User_OpenID::get_user_id ($token);
    40. 

  40. 	if ($uid) {
    41. 

  41. 		$u = new User ($uid);
    42. 

  42. 	}
    43. 

  43. }
    44. 

  44. 

  45. @session_start ();
    46. 

  46. $_SESSION['session_openid'] = $token;
    47. 

  47. 

  48. if ($u) {
    49. 

  49. 	// already have an account, log them in
    50. 

  50. 	$u->session_id = md5 (uniqid (mt_rand (), 1));
    51. 

  51. 	$u->expires = gmdate ('Y-m-d H:i:s', time () + 2592000);
    52. 

  52. 	$try = 0;
    53. 

  53. 	while (! $u->put ()) {
    54. 

  54. 		$u->session_id = md5 (uniqid (mt_rand (), 1));
    55. 

  55. 		$try++;
    56. 

  56. 		if ($try == 5) {
    57. 

  57. 			$this->redirect ($_GET['redirect']);
    58. 

  58. 		}
    59. 

  59. 	}
    60. 

  60. 	$_SESSION['session_id'] = $u->session_id;
    61. 

  61. 

  62. 	// save openid token
    63. 

  63. 	$oid = new User_OpenID (array (
    64. 

  64. 		'token' => $token,
    65. 

  65. 		'user_id' => $u->id
    66. 

  66. 	));
    67. 

  67. 	$oid->put ();
    68. 

  68. 

  69. 	$this->redirect ($_GET['redirect']);
    70. 

  70. } elseif (isset ($data['contact/email'])) {
    71. 

  71. 	// signup form to create a linked account, prefill name and email
    72. 

  72. 	$_POST['name'] = $data['namePerson/first'] . ' ' . $data['namePerson/last'];
    73. 

  73. 	$_POST['email'] = $data['contact/email'];
    74. 

  74. 	$_POST['redirect'] = $_GET['redirect'];
    75. 

  75. 	$_POST['token'] = $token;
    76. 

  76. 	echo $this->run ('user/login/newuser');
    77. 

  77. } else {
    78. 

  78. 	// signup form to create a linked account, prefill name
    79. 

  79. 	$_POST['name'] = $data['namePerson/first'] . ' ' . $data['namePerson/last'];
    80. 

  80. 	$_POST['redirect'] = $_GET['redirect'];
    81. 

  81. 	$_POST['token'] = $token;
    82. 

  82. 	echo $this->run ('user/login/newuser');
    83. 

  83. }
    84. 

  84. 

  85. ?>
    86.