This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
khosb/modules/oauth/classes/Controller/Oauth.php
2013-10-10 13:56:13 +11:00

92 lines
2.6 KiB
PHP

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides oauth capability
*
* @package OAuth
* @category Controllers
* @author Deon George
* @copyright (c) 2009-2013 Deon George
* @license http://dev.leenooks.net/license.html
*/
class Controller_Oauth extends Controller_TemplateDefault {
protected $auth_required = FALSE;
protected $secure_actions = array(
'link'=>TRUE,
);
public function action_login() {
// Make sure we are called with a valid oauth plugin
$oo = ORM::factory('Oauth',array('name'=>$this->request->param('id')));
if (! $oo->loaded() OR ! $oo->status)
HTTP::redirect('login');
$auth = NULL;
if ($oo->name == 'facebook') {
// User Denied a Facebook authorisation, so we'll go back to login
// We wouldnt normally get here, since we are doing JS authentication
if ($this->request->query('error') AND $this->request->query('error_reason') == 'user_denied')
HTTP::redirect('login');
$auth = Auth::instance($oo);
// If we are not logged in, do the facebook stuff.
// We wouldnt normally get here, since we are doing JS authentication
if (! $auth->logged_in())
HTTP::redirect($auth->login_url());
// Here we must be logged in to Facebook
// @todo Only use verified accounts - is this applicable?
$aoo = $oo->account_oauth->where('userid','=',$auth->user_id())->find();
}
// If we have an ID, we have been linked, redirect to login
if ($aoo->loaded() AND $auth->login($aoo->account,$auth->user_id(),$auth))
return $this->login();
// We need to link the ID
Session::instance()->set('login-no-oauth',TRUE);
Style::factory()
->type('file')
->data('media/theme/baseadmin/css/pages/login.css');
$this->template->content = View::factory('oauth/link')
->set('type',$oo->name);
$this->template->shownavbar = FALSE;
}
public function action_link() {
// Make sure we are called with a valid oauth plugin
$oo = ORM::factory('Oauth',array('name'=>$this->request->param('id')));
if (! $oo->loaded() OR ! $oo->status)
HTTP::redirect('login');
// Since we have logged in, get our user details
$ao = Auth::instance()->get_user();
$auth = Auth::instance($oo);
if (! $auth->logged_in())
HTTP::redirect('login');
if ($auth->login($ao,$auth->user_id(),$auth))
return $this->login();
}
/**
* When our login is complete and satisified, we execute here
*/
private function login() {
// Redirect to the user account
if ($redir = Session::instance()->get('afterlogin')) {
Session::instance()->delete('afterlogin');
HTTP::redirect($redir);
} else
HTTP::redirect(URL::link('user','welcome/index'));
}
}
?>