From 530accd8bfc2e7675c1c7027165ac9d155186016 Mon Sep 17 00:00:00 2001 From: Roland Schneider Date: Tue, 22 Feb 2022 14:41:16 +0100 Subject: [PATCH] use mobiledevice as login object for mobile api --- common/manager/MobileDeviceManager.php | 11 ----- common/models/MobileDevice.php | 31 +++++++++++++- mobileapi/components/ActivatedFilter.php | 16 ++++---- mobileapi/config/main.php | 2 +- mobileapi/controllers/LoginController.php | 4 +- mobileapi/controllers/RestController.php | 13 +++--- mobileapi/manager/ApiManager.php | 49 ++++++++++++++--------- mobileapi/models/LoginForm.php | 35 +++++----------- 8 files changed, 90 insertions(+), 71 deletions(-) diff --git a/common/manager/MobileDeviceManager.php b/common/manager/MobileDeviceManager.php index 0550d3a..28a8069 100644 --- a/common/manager/MobileDeviceManager.php +++ b/common/manager/MobileDeviceManager.php @@ -119,15 +119,4 @@ class MobileDeviceManager extends BaseObject } - public function isMobileDeviceActivatedByIdCard($idCard){ - if ( !isset($idCard)){ - return false; - } - $device = MobileDevice::find()->andWhere(['id_card' => $idCard])->one(); - if ( !isset($device)){ - return false; - } - return isset($device->activated_at); - } - } diff --git a/common/models/MobileDevice.php b/common/models/MobileDevice.php index f454959..8418fba 100644 --- a/common/models/MobileDevice.php +++ b/common/models/MobileDevice.php @@ -3,8 +3,10 @@ namespace common\models; use Yii; +use yii\base\NotSupportedException; use yii\behaviors\TimestampBehavior; use yii\helpers\ArrayHelper; +use yii\web\IdentityInterface; /** * This is the model class for table "mobile_device". @@ -18,7 +20,7 @@ use yii\helpers\ArrayHelper; * @property string $created_at * @property string $updated_at */ -class MobileDevice extends \yii\db\ActiveRecord +class MobileDevice extends \yii\db\ActiveRecord implements IdentityInterface { const STATUS_ACTIVE = 'active'; @@ -95,4 +97,31 @@ class MobileDevice extends \yii\db\ActiveRecord } return $result; } + + public static function findIdentity($id) + { + self::findOne(['id' => $id]); + } + + public static function findIdentityByAccessToken($token, $type = null) + { + throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.'); + + } + + public function getId() + { + return $this->id; + } + + public function getAuthKey() + { + throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.'); + + } + + public function validateAuthKey($authKey) + { + throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.'); + } } diff --git a/mobileapi/components/ActivatedFilter.php b/mobileapi/components/ActivatedFilter.php index b96e11b..18c0f05 100644 --- a/mobileapi/components/ActivatedFilter.php +++ b/mobileapi/components/ActivatedFilter.php @@ -3,7 +3,7 @@ namespace mobileapi\components; use common\components\HttpStatus; -use common\manager\MobileDeviceManager; +use common\models\MobileDevice; use Yii; use yii\base\Action; @@ -28,18 +28,18 @@ class ActivatedFilter extends ActionFilter try { $activated = false; - // get the customer - $customer = \Yii::$app->user->getIdentity(); - if (isset($customer)) { - $idCard = $customer->id_customer_card; + // get the device + /** @var MobileDevice $mobileDevice */ + $mobileDevice = \Yii::$app->user->getIdentity(); + if (isset($mobileDevice)) { + $idCard = $mobileDevice->id_card; // find out if the device is activated - $mobileDeviceManager = new MobileDeviceManager(); - $activated = $mobileDeviceManager->isMobileDeviceActivatedByIdCard($idCard); + $activated = $mobileDevice->status === MobileDevice::STATUS_ACTIVE; } // if device is not activated, throw exception with http status 412 if ($activated === false) { - throw new HttpException( HttpStatus::PRECONDITION_FAILED,"Card not activated"); + throw new HttpException( HttpStatus::PRECONDITION_FAILED,"Device is not activated: " . $mobileDevice->id); } } catch (HttpException $e) { if ($e->statusCode === HttpStatus::PRECONDITION_FAILED && $this->isOptional($action)) { diff --git a/mobileapi/config/main.php b/mobileapi/config/main.php index 953ef10..372c65e 100644 --- a/mobileapi/config/main.php +++ b/mobileapi/config/main.php @@ -25,7 +25,7 @@ return [ ] ], 'user' => [ - 'identityClass' => 'common\models\Customer', + 'identityClass' => 'common\models\MobileDevice', 'enableSession' => false, 'enableAutoLogin' => false, 'loginUrl' => null, diff --git a/mobileapi/controllers/LoginController.php b/mobileapi/controllers/LoginController.php index baaf518..2f932de 100644 --- a/mobileapi/controllers/LoginController.php +++ b/mobileapi/controllers/LoginController.php @@ -30,7 +30,7 @@ class LoginController extends RestController $form->load(\Yii::$app->request->post(), ''); if (!$form->validate()) { - throw new BadRequestHttpException("Hibás e-mail cím vagy jelszó!"); + throw new BadRequestHttpException("Hibás bejelentkezés " . print_r($form->getErrors( ),true)); } /** @var Jwt $jwt */ @@ -47,7 +47,7 @@ class LoginController extends RestController ->identifiedBy('A989C57D19E2AF756BA9585AC4CFAF7974AE3D2BCA7CCA7307B39AB28CC7C2C8', true)// Configures the id (jti claim), replicating as a header item ->issuedAt($time)// Configures the time that the token was issue (iat claim) ->expiresAt($time + $validFor)// Configures the expiration time of the token (exp claim) - ->withClaim('uid', $form->getCustomer()->getId())// Configures a new claim, called "uid" + ->withClaim('uid', $form->getMobileDevice()->getId())// Configures a new claim, called "uid" ->getToken($signer, $key); // Retrieves the generated token return $this->asJson([ diff --git a/mobileapi/controllers/RestController.php b/mobileapi/controllers/RestController.php index 6ddb75a..a440e1e 100644 --- a/mobileapi/controllers/RestController.php +++ b/mobileapi/controllers/RestController.php @@ -4,6 +4,7 @@ namespace mobileapi\controllers; use common\models\Customer; +use common\models\MobileDevice; use Exception; use Lcobucci\JWT\Token; use mobileapi\components\ActivatedFilter; @@ -33,7 +34,7 @@ class RestController extends Controller /** * This method will check the token * @param Token $token - * @return Customer|null + * @return MobileDevice|null */ public function auth($token) { @@ -42,13 +43,13 @@ class RestController extends Controller } try { $uid = (string) $token->getClaim('uid'); - $customer = Customer::findOne(['id_customer' => $uid]); - if (isset($customer)) { - \Yii::$app->user->setIdentity($customer); - return $customer; + $mobileDevice = MobileDevice::findOne(['id' => $uid]); + if (isset($mobileDevice)) { + \Yii::$app->user->setIdentity($mobileDevice); + return $mobileDevice; } } catch (Exception $e) { - Yii::error('Failed to load customer: ' . $e->getMessage()); + Yii::error('Failed to load mobile device: ' . $e->getMessage()); } return null; } diff --git a/mobileapi/manager/ApiManager.php b/mobileapi/manager/ApiManager.php index 7ac42aa..e58b2dc 100644 --- a/mobileapi/manager/ApiManager.php +++ b/mobileapi/manager/ApiManager.php @@ -2,8 +2,11 @@ namespace mobileapi\manager; +use Exception; +use Yii; use common\models\Card; use common\models\CardKeyAssignment; +use common\models\Customer; use common\models\Key; use common\models\Ticket; use Endroid\QrCode\QrCode; @@ -11,17 +14,27 @@ use yii\web\NotFoundHttpException; class ApiManager { + /** + * @throws Exception + * @throws NotFoundHttpException + */ public function getCardPage() { - $customer = \Yii::$app->user->getIdentity(); + $device = Yii::$app->user->getIdentity(); - if (!isset($customer)) { - throw new \yii\web\NotFoundHttpException(); + if (!isset($device)) { + throw new NotFoundHttpException(); } - $card = Card::findOne($customer->id_customer_card); + $card = Card::findOne($device->id_card); if (!isset($card)) { - throw new \yii\web\NotFoundHttpException(); + throw new NotFoundHttpException(); + } + + $customer = Customer::findOne(['id_customer_card' => $device->id_card]); + + if (!isset($customer)) { + throw new NotFoundHttpException(); } $qrCode = new QrCode($card->number); @@ -34,17 +47,17 @@ class ApiManager } - function getTicketPage() + public function getTicketPage() { - $customer = \Yii::$app->user->getIdentity(); + $device = Yii::$app->user->getIdentity(); - if (!isset($customer)) { - throw new \yii\web\NotFoundHttpException(); + if (!isset($device)) { + throw new NotFoundHttpException(); } - $card = Card::findOne($customer->id_customer_card); + $card = Card::findOne($device->id_card); if (!isset($card)) { - throw new \yii\web\NotFoundHttpException(); + throw new NotFoundHttpException(); } $tickets = Ticket::readActive($card); @@ -68,15 +81,15 @@ class ApiManager public function getVirtualKeyPage() { - $customer = \Yii::$app->user->getIdentity(); + $device = Yii::$app->user->getIdentity(); - if (!isset($customer)) { - throw new \yii\web\NotFoundHttpException(); + if (!isset($device)) { + throw new NotFoundHttpException(); } - $card = Card::findOne($customer->id_customer_card); + $card = Card::findOne($device->id_card); if (!isset($card)) { - throw new \yii\web\NotFoundHttpException(); + throw new NotFoundHttpException(); } $keyObject = null; @@ -101,9 +114,9 @@ class ApiManager 'key' => $key->number, 'idKey' => $key->id_key ]; - } catch (\Exception $e) { + } catch (Exception $e) { // failed to get key - \Yii::error('Failed to get virtual key: ' . $e->getMessage()); + Yii::error('Failed to get virtual key: ' . $e->getMessage()); } return [ diff --git a/mobileapi/models/LoginForm.php b/mobileapi/models/LoginForm.php index 4ca9ed4..fc173f9 100644 --- a/mobileapi/models/LoginForm.php +++ b/mobileapi/models/LoginForm.php @@ -7,7 +7,6 @@ use common\models\Customer; use Yii; use yii\base\Model; use yii\db\ActiveRecord; -use yii\web\BadRequestHttpException; use yii\web\NotFoundHttpException; /** @@ -19,10 +18,10 @@ class LoginForm extends Model { // cardnumber public $cardNumber; - public $deviceId; + public $deviceIdentifier; public $deviceName; - public $customer; + public $mobileDevice; /** * @inheritdoc @@ -31,20 +30,12 @@ class LoginForm extends Model { return [ // username and password are both required - [['cardNumber', 'deviceId','deviceName'], 'required'], + [['cardNumber', 'deviceIdentifier', 'deviceName'], 'required'], // cardNumber is validated by validatePassword() ['cardNumber', 'validateCardNumber'], ]; } - public function attributeLabels() - { - return [ - 'username' => Yii::t('common/site', 'Username'), - 'password' => Yii::t('common/site', 'Password'), - ]; - } - /** * Validates the password. * This method serves as the inline validation for password. @@ -55,11 +46,11 @@ class LoginForm extends Model */ public function validateCardNumber($attribute, $params) { - if ($this->hasErrors()) { + if (!$this->hasErrors()) { /** @var \common\models\Customer $user */ - throw new BadRequestHttpException(); + $this->getMobileDevice(); + } - $customer = $this->getCustomer(); } @@ -68,21 +59,17 @@ class LoginForm extends Model * * @return Customer|null|ActiveRecord */ - public function getCustomer() + public function getMobileDevice() { - if ($this->customer === null) { + if ($this->mobileDevice === null) { $mobileDeviceManager = new MobileDeviceManager(); - $mobileDevice = $mobileDeviceManager->loginOrCreate($this->cardNumber, $this->deviceId, $this->deviceName); - /** @var Customer */ - $this->customer = Customer::find()->andWhere([ - 'id_customer_card' => $mobileDevice->id_card - ])->one(); - if ($this->customer == null) { + $this->mobileDevice = $mobileDeviceManager->loginOrCreate($this->cardNumber, $this->deviceIdentifier, $this->deviceName); + if ($this->mobileDevice === null) { throw new NotFoundHttpException(); } } - return $this->customer; + return $this->mobileDevice; } }