Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Build the user context based on hashed token

Browse Source
This commit is contained in:
Mike Koch 2017-01-21 16:34:03 -05:00
parent 17f6bb770d
commit 93431e9a98
2 changed files with 39 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/businesslogic/security/UserContextBuilder.php
View File

@ -3,10 +3,12 @@
namespace BusinessLogic\Security;
use DataAccess\Security\UserDao;
class UserContextBuilder {
static function buildUserContext($authToken, $hesk_settings) {
//$userForToken = gateway.getUserForToken($authToken);
$hashedToken = hash('sha512', $authToken);
return UserDao::getUserForAuthToken($hashedToken, $hesk_settings);
}
/**
@ -14,7 +16,7 @@ class UserContextBuilder {
* @param $dataRow array the $_SESSION superglobal or the hesk_users result set
* @return UserContext the built user context
*/
static function fromSession($dataRow) {
static function fromDataRow($dataRow) {
require_once(__DIR__ . '/UserContext.php');
require_once(__DIR__ . '/UserContextPreferences.php');
require_once(__DIR__ . '/UserContextNotifications.php');

34
api/dao/UserDao.php Normal file
View File

@ -0,0 +1,34 @@
<?php
/**
* Created by PhpStorm.
* User: user
* Date: 1/21/17
* Time: 4:23 PM
*/
namespace DataAccess\Security;
use BusinessLogic\Security\UserContextBuilder;
use Exception;
class UserDao {
static function getUserForAuthToken($hashedToken, $hesk_settings) {
require_once(__DIR__ . '/../businesslogic/security/UserContextBuilder.php');
if (!function_exists('hesk_dbConnect')) {
throw new Exception('Database not loaded!');
}
hesk_dbConnect();
$rs = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = (
SELECT ``
FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'user_api_tokens`
WHERE `token` = ' . hesk_dbEscape($hashedToken) . '
)');
$row = hesk_dbFetchAssoc($rs);
return UserContextBuilder::fromDataRow($row);
}
}