OpenId Login und Probleme

Gehe zu Seite:

Geschlossen

Mo. 15.10.2018 07:31 Uhr #1

MonkeyOnKeyboard Moderator

Moin Ilch Gemeinde,

um mal licht ins dunkle zu bringen. Ich arbeite gerade an einem LogIn Modul für OpenID -> respective für Wargaming OpenID.

Da mir kaum hier einer helfen konnte, liegt als Modul Grundlage die Beta von dustiii für twitter-api-anmeldung vor.

In der nutzt er um den user zu linken oder eine Verbindung zu Ilch herzustellen den AuthProider.
Nun Bekomm ich ja über OpenID keinen festen Token zurück, sondern folgende wehrte.

account_id, acces_token (welcher sich bei jeder anmeldung ändert) und dazu noch expired_at.

Somit gibt es ja auch im ILch das Modul unter user für Authtoken. Nur wie bekomm ich da einen Link zum angemelden Benutzer hin?

Ich kann euch gern die Auth.php geben, welche momentan funktioniert, aber leider mit authprovider.
Hoffe ihr könnt mir helfen, aus dem chaos ordnung zu schaffen.

<?php

namespace Modules\wargamingauth\Controllers;

use Ilch\Controller\Frontend;
use Modules\wargamingauth\Libs\wargamingOAuth;
use Modules\wargamingauth\Mappers\DbLog;
use Modules\User\Mappers\AuthProvider;
use Modules\User\Mappers\AuthToken;
use Modules\User\Mappers\User as UserMapper;
use Modules\User\Mappers\Group;
use Modules\User\Models\AuthProviderUser;
use Modules\User\Models\User;
use Modules\User\Service\Password as PasswordService;
use Ilch\Validation;

class Auth extends Frontend
{
    /**
     * @var DbLog instance
     */
    protected $dbLog;

    /**
     * Renders the register form.
     */
    public function registAction()
    {
        if (! array_dot($_SESSION, 'wargamingauth.login') || array_dot($_SESSION, 'wargamingauth.login.expires') < time()) {
            $this->addMessage('registExpired', 'danger');
            $this->redirect(['module' => 'user', 'controller' => 'regist', 'action' => 'index']);
        }

        $oauth = array_dot($_SESSION, 'wargamingauth.login');

        $this->getView()->set('rules', $this->getConfig()->get('regist_rules'));
        $this->getView()->set('user', $oauth);
    }

    /**
     * Saves the new user to the database.
     */
    public function saveAction()
    {
        if (!$this->getRequest()->isPost()) {
            $this->addMessage('badRequest');
            $this->redirect('/');
        }

        if (! array_dot($_SESSION, 'wargamingauth.login') || array_dot($_SESSION, 'wargamingauth.login.expires') < time()) {
            $this->addMessage('badRequest');
            $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
        }

        $input = [
            'userName' => trim($this->getRequest()->getPost('userName')),
            'email' => trim($this->getRequest()->getPost('email')),
        ];

        $validation = Validation::create($input, [
            'userName' => 'required|unique:users,name',
            'email' => 'required|email|unique:users,email',
        ]);

        if ($validation->isValid()) {
            // register user
            $registMapper = new UserMapper();
            $groupMapper = new Group();
            $userGroup = $groupMapper->getGroupById(2);
            $currentDate = new \Ilch\Date();

            $user = (new User())
                ->setName($input['userName'])
                ->setPassword((new PasswordService())->hash(PasswordService::generateSecurePassword(32)))
                ->setEmail($input['email'])
                ->setDateCreated($currentDate->format('Y-m-d H:i:s', true))
                ->addGroup($userGroup)
                ->setDateConfirmed($currentDate->format('Y-m-d H:i:s', true));

            $userId = $registMapper->save($user);

            $oauth = array_dot($_SESSION, 'wargamingauth.login');

            $authProviderUser = (new AuthProviderUser())
                ->setIdentifier($oauth['user_id'])
                ->setProvider('wargaming')
                ->setOauthToken($oauth['oauth_token'])
                ->setOauthTokenSecret($oauth['oauth_token_secret'])
                ->setScreenName($oauth['screen_name'])
                ->setUserId($userId);

            $link = (new AuthProvider())->linkProviderWithUser($authProviderUser);

            if ($link === true) {
                $_SESSION['user_id'] = $userId;

                $this->addMessage('wargamingauth.linksuccess');
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'index']);
            }

            $this->addMessage('wargamingauth.linkfailed', 'danger');
            $this->redirect('/');
        }

        $this->addMessage($validation->getErrorBag()->getErrorMessages(), 'danger', true);
        $this->redirect()
            ->withInput()
            ->withErrors($validation->getErrorBag())
            ->to(['action' => 'regist']);
    }

    public function unlinkAction()
    {
        if (loggedIn()) {
            if ($this->getRequest()->isPost()) {
                $authProvider = new AuthProvider();
                $res = $authProvider->unlinkUser('wargaming', currentUser()->getId());

                if ($res > 0) {
                    $this->addMessage('wargamingauth.unlinkedsuccessfully');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $this->addMessage('wargamingauth.couldnotunlink', 'danger');
                $this->redirect('/');
            }

            $this->addMessage('wargamingauth.badrequest', 'danger');
            $this->redirect('/');
        }

        $this->addMessage('wargamingauth.notauthenticated', 'danger');
        $this->redirect('/');
    }

    /**
     * Initialize authentication.
     */
    public function indexAction()
    {
        $callbackUrl = $this->getLayout()->getUrl([
            'module' => 'wargamingauth',
            'controller' => 'auth',
            'action' => 'callback',
        ]);

        $auth = new wargamingOAuth(
            $this->getConfig()->get('wargamingauth_consumer_key'),
            'popup',
            1,
            null,
            $callbackUrl
        );

        try {

            $auth->obtainTokens();


//        var_dump($auth->getAuthenticationEndpoint());
//        die();

            $this->redirect($auth->getAuthenticationEndpoint()); // wargaming openid
        } catch (\Exception $e) {
            $this->addMessage('wargamingauth.authenticationfailure', 'danger');

            if (loggedIn()) {
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            }

            $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
        }
    }

    /**
     * Callback action.
     */
    public function callbackAction()
    {
        //var_dump($_GET);
        //die();

        $auth = new wargamingOAuth(
            $this->getConfig()->get('wargamingauth_consumer_key')
        );

        try {
 
        //var_dump($this->getRequest());
        //die();
            $auth->handleCallback($this->getRequest());

//        var_dump($auth->getToken() . '<br>' . $auth->getAccount_id() . '<br>' . $auth->getExpires_at() . '<br>');
//        var_dump($_GET['nickname']);
//        die();
            
//            $auth->convertTokens();

            $wargamingUser = array(
              'user_id' => $auth->getAccount_id(),
              'oauth_token' => $auth->getToken(),
              'screen_name' => $_GET['nickname'],
              'oauth_token_user' => null
            );

            $authProvider = new AuthProvider();
            $existingLink = $authProvider->providerAccountIsLinked('wargaming', $wargamingUser['user_id']);

            if (loggedIn()) {
                if ($authProvider->hasProviderLinked('wargaming', currentUser()->getId())) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " had provider already linked.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );

                    $this->addMessage('providerAlreadyLinked', 'danger');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                if ($existingLink === true) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " tried to link an already linked wargaming account.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );

                    $this->addMessage('accountAlreadyLinkedToDifferentUser', 'danger');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $authProviderUser = (new AuthProviderUser())
                    ->setIdentifier($wargamingUser['user_id'])
                    ->setProvider('wargaming')
                    ->setOauthToken($wargamingUser['oauth_token'])
                    ->setOauthTokenSecret($wargamingUser['oauth_token_user'])
                    ->setScreenName($wargamingUser['screen_name'])
                    ->setUserId(currentUser()->getId());

                $link = $authProvider->linkProviderWithUser($authProviderUser);

                if ($link === true) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " has linked a wargaming account.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );

                    $this->addMessage('linkSuccess');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $this->dbLog()->error(
                    "User " . currentUser()->getName() . " could not link his wargaming account.",
                    [
                        'userId' => currentUser()->getId(),
                        'userName' => currentUser()->getName(),
                        'wargamingAccount' => $wargamingUser
                    ]
                );

                $this->addMessage('linkFailed', 'danger');
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            }

            if ($existingLink === true) {
                $userId = $authProvider->getUserIdByProvider('wargaming', $wargamingUser['user_id']);

                if (is_null($userId)) {
                    $this->addMessage('couldNotFindRequestedUser');
                    $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
                }

                $_SESSION['user_id'] = $userId;

                $this->addMessage('loginSuccess');
                $this->redirect('/');
            }

            if ($existingLink === false && ! loggedIn() && ! $this->getConfig()->get('regist_accept')) {
                $this->addMessage('wargamingauth.messages.registrationNotAllowed', 'danger');
                $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
            }

            array_dot_set($_SESSION, 'wargamingauth.login', $wargamingUser);
            array_dot_set($_SESSION, 'wargamingauth.login.expires', strtotime('+5 minutes'));

            $this->redirect(['action' => 'regist']);

        } catch (\Exception $e) {
            $this->addMessage('wargamingauth.authenticationfailure', 'danger');

            if (loggedIn()) {
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            } else {
                $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
            }
        }
    }

    /**
     * @return DbLog
     */
    protected function dbLog()
    {
        if ($this->dbLog instanceof DbLog) {
            return $this->dbLog;
        }

        return $this->dbLog = new DbLog();
    }
}

verwendete ilch Version: 2.1.x

betroffene Homepage: www.r1sing.de

0 Mitglieder finden den Beitrag gut.

zitieren

Di. 16.10.2018 21:14 Uhr #2

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Komme leider zurzeit nicht wirklich dazu es mir gescheit anzuschauen
Hab mich mit den Login Auth auch noch nicht wirklich mit beschäftigt

Wie poste ich falsch?
0 Mitglieder finden den Beitrag gut.
- zitieren
Mi. 17.10.2018 14:55 Uhr #3

MonkeyOnKeyboard Moderator

Registriert seit
10.02.2014

Beiträge
457

Beitragswertungen

Also das Modul an sich funktioniert.
Nur wollt ich fragen, ob es möglich ist, den user in mehrere gruppen bei der registrierung einzufügen?

Davon müsste gebrüft werden ob eine Gruppe schon vorhanden ist. wenn nicht muss er sie in dem script erstellen. und zwar auch clantag und role.
0 Mitglieder finden den Beitrag gut.
- zitieren
Mi. 17.10.2018 15:14 Uhr #4

Slipi Hall Of Fame

Registriert seit
19.01.2018

Beiträge
954

Beitragswertungen

Man könnte zb die Registrierung manuell bestätigen und danach diesen User im Admincenter einteilen.

slipi.at/
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 18.10.2018 01:00 Uhr #5

MonkeyOnKeyboard Moderator

Registriert seit
10.02.2014

Beiträge
457

Beitragswertungen

SO nun doch noch ein Problem.

in dem controller auth, welche php ich ja hier bei gelegt habe. speicher ich sachen in die session.

warum kann ich an einer anderen stelle, diese wehrte nicht mehr abrufen. zb in neum anderen modul?
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 18.10.2018 10:30 Uhr #6

Nex4T Moderator

Registriert seit
28.02.2007

Beiträge
3.414

Beitragswertungen

Wie rufst du die Daten zur session ab?

while(!asleep()) sheep++;
www.movely.biz
www.webplant.eu
0 Mitglieder finden den Beitrag gut.
- zitieren

Mi. 07.11.2018 10:22 Uhr #7

MonkeyOnKeyboard Moderator

Moin. so Modul läuft soweit. Dich gibt es kleine Probleme.

Ich POste gleich nochmal die Auth.php. Aber zuerst zu den Problemen.

Ich speichere ja in die Session mehrere Wehrte und so. das geht. Nur wenn ich min. 15 min inaktiv bin oder die Seite Schließe. werde ich ausgeloggt. Was für zukünftige Module schlecht ist. Da ich in deren Zeile Parameter mit übergebe, die ja durch ein redirect vom anmledungssystem mit api überschrieben werden.

Dann habe ich versucht mir die funktion mit dem authtoken aus der login.php zu nunutze zu machen.
Funktioniert. nur wird ja im cockie nicht dann die session variablen gespeichert, die ich vorher bei der anmeldung definiert habe.

Wie kann ich das lösen?

a. entweder alle session variablen im coocki speichern oder b. die globale logoutzeit auf min 1 stunde setzten.

<?php

namespace Modules\wargamingauth\Controllers;

use Ilch\Controller\Frontend;
use Modules\wargamingauth\Libs\wargamingOAuth;
use Modules\wargamingauth\Mappers\DbLog;
use Modules\User\Mappers\AuthProvider;
use Modules\User\Mappers\AuthToken as AuthTokenMapper;
use Modules\Phonebook\Models\Book;
use Modules\Phonebook\Mappers\Phonebook as PhonebookMapper;
use Modules\User\Mappers\User as UserMapper;
use Modules\User\Mappers\Group;
use Modules\User\Models\AuthProviderUser;
use Modules\User\Models\AuthToken as AuthTokenModel;
use Modules\User\Models\User;
use Modules\User\Service\Password as PasswordService;
use Ilch\Validation;

class Auth extends Frontend
{
    /**
     * @var DbLog instance
     */
    protected $dbLog;

    /**
     * Renders the register form.
     */
    public function registAction()
    {
        $oauth = array_dot($_SESSION, 'wargamingauth.login');
        $groupMapper = new Group();
        $userGroup = $groupMapper->getGroupByName($oauth['clantag']);
        //var_dump($userGroup);
        //die();
        if (! array_dot($_SESSION, 'wargamingauth.login') || array_dot($_SESSION, 'wargamingauth.login.expires') < time() || !$userGroup ) {
            $this->addMessage('wargamingauth.logindenied', 'danger');
            $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
        }


        $this->getView()->set('rules', $this->getConfig()->get('regist_rules'));
        $this->getView()->set('user', $oauth);
    }

    /**
     * Saves the new user to the database.
     */
    public function saveAction()
    {
        if (!$this->getRequest()->isPost()) {
            $this->addMessage('badRequest');
            $this->redirect('/');
        }

        if (! array_dot($_SESSION, 'wargamingauth.login') || array_dot($_SESSION, 'wargamingauth.login.expires') < time()) {
            $this->addMessage('badRequest');
            $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
        }

        $input = [
            'userName' => trim($this->getRequest()->getPost('userName')),
            'email' => trim($this->getRequest()->getPost('email')),
            'phonenumber' => trim($this->getRequest()->getPost('phonenumber')),
        ];

        $validation = Validation::create($input, [
            'userName' => 'required|unique:users,name',
            'email' => 'required|email|unique:users,email',
            'phonenumber' => 'required',
        ]);
        
        
        $oauth = array_dot($_SESSION, 'wargamingauth.login');
        
        
        if ($validation->isValid()) {
            // register user
            $registMapper = new UserMapper();
            $groupMapper = new Group();
            $userGroup = $groupMapper->getGroupByName($oauth['clantag']);
            $currentDate = new \Ilch\Date();

            $user = (new User())
                ->setName($input['userName'])
                ->setPassword((new PasswordService())->hash(PasswordService::generateSecurePassword(32)))
                ->setEmail($input['email'])
                ->setDateCreated($currentDate->format('Y-m-d H:i:s', true))
                ->addGroup($userGroup)
                ->setDateConfirmed($currentDate->format('Y-m-d H:i:s', true));

            $userId = $registMapper->save($user);
           
            $phoneBookMapper = new PhonebookMapper();
                        
            $phonebook = (new Book())
            ->setUser_id($userId)
            ->setClantag($oauth['clantag'])
                ->setPhonenumber($input['phonenumber']);
            
           $phonenumberentry = $phoneBookMapper->save($phonebook);          
                

            

            $authProviderUser = (new AuthProviderUser())
                ->setIdentifier($oauth['user_id'])
                ->setProvider('wargaming')
                ->setOauthToken($oauth['oauth_token'])
                ->setOauthTokenSecret($oauth['oauth_token_secret'])
                ->setScreenName($oauth['screen_name'])
                ->setUserId($userId);

            $link = (new AuthProvider())->linkProviderWithUser($authProviderUser);

            if ($link === true) {
                $_SESSION['user_id'] = $userId;
                $this->addMessage('wargamingauth.linksuccess');
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'index']);
            }

            $this->addMessage('wargamingauth.linkfailed', 'danger');
            $this->redirect('/');
        }

        $this->addMessage($validation->getErrorBag()->getErrorMessages(), 'danger', true);
        $this->redirect()
            ->withInput()
            ->withErrors($validation->getErrorBag())
            ->to(['action' => 'regist']);
    }

    public function unlinkAction()
    {
        if (loggedIn()) {
            if ($this->getRequest()->isPost()) {
                $authProvider = new AuthProvider();
                $res = $authProvider->unlinkUser('wargaming', currentUser()->getId());

                if ($res > 0) {
                    $this->addMessage('wargamingauth.unlinkedsuccessfully');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $this->addMessage('wargamingauth.couldnotunlink', 'danger');
                $this->redirect('/');
            }

            $this->addMessage('wargamingauth.badrequest', 'danger');
            $this->redirect('/');
        }

        $this->addMessage('wargamingauth.notauthenticated', 'danger');
        $this->redirect('/');
    }

    /**
     * Initialize authentication.
     */
    public function indexAction()
    {
        $callbackUrl = $this->getLayout()->getUrl([
            'module' => 'wargamingauth',
            'controller' => 'auth',
            'action' => 'callback',
        ]);

        $auth = new wargamingOAuth(
            $this->getConfig()->get('wargamingauth_consumer_key'),
            'popup',
            1,
            null,
            $callbackUrl
        );

        try {

            $auth->obtainTokens();


//        var_dump($auth->getAuthenticationEndpoint());
//        die();

            $this->redirect($auth->getAuthenticationEndpoint()); // wargaming openid
        } catch (\Exception $e) {
            $this->addMessage('wargamingauth.authenticationfailure', 'danger');

            if (loggedIn()) {
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            }

            $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
        }
    }

    /**
     * Callback action.
     */
    public function callbackAction()
    {
        //var_dump($_GET);
        //die();

        $auth = new wargamingOAuth(
            $this->getConfig()->get('wargamingauth_consumer_key')
        );

        try {
 
        //var_dump($this->getRequest());
        //die();
            $auth->handleCallback($this->getRequest());

        //var_dump($auth->getToken() . '<br>' . $auth->getAccount_id() . '<br>' . $auth->getExpires_at() . '<br>');
        $auth->get_clan_id();
        $auth->get_memberData();
        //var_dump($auth->getClan_id() . '<br>' . $auth->getAccount_name() . '<br>' . $auth->getClantag() . '<br>'. $auth->getRole(). '<br>' . $auth->getRole_i18n() . '<br>' );
        //die();
        
            
//            $auth->convertTokens();

            
            
            $wargamingUser = array(
              'user_id' => $auth->getAccount_id(),
              'oauth_token' => $auth->getToken(),
              'screen_name' => $auth->getAccount_name(),
              'oauth_token_user' => null,
              'clantag' => $auth->getClantag(),
              'role' => $auth->getRole(),
              'expires_at' => $auth->getExpires_at() 
            );

            $authProvider = new AuthProvider();
            $existingLink = $authProvider->providerAccountIsLinked('wargaming', $wargamingUser['user_id']);

            $_SESSION['clantag'] = $wargamingUser['clantag'];
            $_SESSION['account_name'] = $wargamingUser['screen_name'];
            $_SESSION['role'] = $wargamingUser['role'];
            
            
            if (loggedIn()) {
                if ($authProvider->hasProviderLinked('wargaming', currentUser()->getId())) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " had provider already linked.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );


                    
                    $this->addMessage('providerAlreadyLinked', 'danger');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                if ($existingLink === true) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " tried to link an already linked wargaming account.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );

                    $this->addMessage('accountAlreadyLinkedToDifferentUser', 'danger');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $authProviderUser = (new AuthProviderUser())
                    ->setIdentifier($wargamingUser['user_id'])
                    ->setProvider('wargaming')
                    ->setOauthToken($wargamingUser['oauth_token'])
                    ->setOauthTokenSecret($wargamingUser['oauth_token_user'])
                    ->setScreenName($wargamingUser['screen_name'])
                    ->setUserId(currentUser()->getId());

                $link = $authProvider->linkProviderWithUser($authProviderUser);

                if ($link === true) {
                    $this->dbLog()->info(
                        "User " . currentUser()->getName() . " has linked a wargaming account.",
                        [
                            'userId' => currentUser()->getId(),
                            'userName' => currentUser()->getName(),
                            'wargamingAccount' => $wargamingUser
                        ]
                    );

                    $this->addMessage('wargamingauth.linksuccess');
                    $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
                }

                $this->dbLog()->error(
                    "User " . currentUser()->getName() . " could not link his wargaming account.",
                    [
                        'userId' => currentUser()->getId(),
                        'userName' => currentUser()->getName(),
                        'wargamingAccount' => $wargamingUser
                    ]
                );

                $this->addMessage('linkFailed', 'danger');
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            }

            if ($existingLink === true) {
                $userId = $authProvider->getUserIdByProvider('wargaming', $wargamingUser['user_id']);

                if (is_null($userId)) {
                    $this->addMessage('couldNotFindRequestedUser');
                    $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
                }

                /**
                    $authTokenModel = new AuthTokenModel();
                    
                    // 9 bytes of random data (base64 encoded to 12 characters) for the selector.
                    // This provides 72 bits of keyspace and therefore 236 bits of collision resistance (birthday attacks)
                    $authTokenModel->setSelector(base64_encode(openssl_random_pseudo_bytes(9)));
                    // 33 bytes (264 bits) of randomness for the actual authenticator. This should be unpredictable in all practical scenarios.
                    $authenticator = openssl_random_pseudo_bytes(33);
                    // SHA256 hash of the authenticator. This mitigates the risk of user impersonation following information leaks.
                    $authTokenModel->setToken(hash('sha256', $authenticator));
                    $authTokenModel->setUserid($userId);
                    $authTokenModel->setExpires(date('Y-m-d\TH:i:s', $wargamingUser['expires_at'] ));
                    
                    setcookie('remember', $authTokenModel->getSelector().':'.base64_encode($authenticator), $wargamingUser['expires_at'], '/', $_SERVER['SERVER_NAME'], (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'),  true);
                    
                    $authTokenMapper = new AuthTokenMapper();
                    $authTokenMapper->addAuthToken($authTokenModel);
               
                **/
                
                $_SESSION['user_id'] = $userId;
                
                
                $this->addMessage('wargamingauth.loginsuccess');
                $this->redirect('/');
            }

            if ($existingLink === false && ! loggedIn() && ! $this->getConfig()->get('regist_accept')) {
                $this->addMessage('wargamingauth.messages.registrationNotAllowed', 'danger');
                $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
            }

            array_dot_set($_SESSION, 'wargamingauth.login', $wargamingUser);
            array_dot_set($_SESSION, 'wargamingauth.login.expires', strtotime('+5 minutes'));
            //array_dot_set($_SESSION, 'wargamingauth.login.expires', $wargamingUser['expires_at']);

            $this->redirect(['action' => 'regist']);

        } catch (\Exception $e) {
            $this->addMessage('wargamingauth.authenticationfailure', 'danger');

            if (loggedIn()) {
                $this->redirect(['module' => 'user', 'controller' => 'panel', 'action' => 'providers']);
            } else {
                $this->redirect(['module' => 'user', 'controller' => 'login', 'action' => 'index']);
            }
        }
    }

    /**
     * @return DbLog
     */
    protected function dbLog()
    {
        if ($this->dbLog instanceof DbLog) {
            return $this->dbLog;
        }

        return $this->dbLog = new DbLog();
    }
}

Achso. das authtoken model und so, hab ich erstmal ausgeklammert.

EDIT: hat sich erledigt. hab einfach noch mehrere Cockies initialisert mit den parametern.

Zuletzt modifiziert von magicmarkus am 07.11.2018 - 16:38:50

0 Mitglieder finden den Beitrag gut.

zitieren

Do. 08.11.2018 22:13 Uhr #8

MonkeyOnKeyboard Moderator

Gibt doch noch ein Problem. ich hab folgendes in die datei eingefügt

$authTokenModel = new AuthTokenModel();
                    
                    // 9 bytes of random data (base64 encoded to 12 characters) for the selector.
                    // This provides 72 bits of keyspace and therefore 236 bits of collision resistance (birthday attacks)
                    $authTokenModel->setSelector(base64_encode(openssl_random_pseudo_bytes(9)));
                    // 33 bytes (264 bits) of randomness for the actual authenticator. This should be unpredictable in all practical scenarios.
                    $authenticator = openssl_random_pseudo_bytes(33);
                    // SHA256 hash of the authenticator. This mitigates the risk of user impersonation following information leaks.
                    $authTokenModel->setToken(hash('sha256', $authenticator));
                    $authTokenModel->setUserid($userId);
                    $authTokenModel->setExpires(date('Y-m-d\TH:i:s', strtotime( '+1 day' ) ));
                    
                    setcookie('remember', $authTokenModel->getSelector().':'.base64_encode($authenticator), strtotime( '+1 day' ), '/', $_SERVER['SERVER_NAME'], (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'),  true);
                    setcookie('clantag', $_SESSION['clantag'], strtotime( '+1 day' ), '/', $_SERVER['SERVER_NAME'], (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'),  true);
                    setcookie('account_name', $_SESSION['account_name'], strtotime( '+1 day' ), '/', $_SERVER['SERVER_NAME'], (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'),  true);
                    setcookie('role', $_SESSION['role'], strtotime( '+1 day' ), '/', $_SERVER['SERVER_NAME'], (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'),  true);
                    
                    $authTokenMapper = new AuthTokenMapper();
                    $authTokenMapper->addAuthToken($authTokenModel);

Dennoch macht er bei remember me statt dem einen tag die 30 tage. was ich nicht brauche. soll schon nur der eine tag sein...

0 Mitglieder finden den Beitrag gut.

zitieren

Beitrag zur Merkliste hinzufügen

ilch Forum » Ilch CMS 2.X » Module und Modifikationen » OpenId Login und Probleme