sys_debug(); try { if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $prm = $this->sys_input; } catch(Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } */ class Auth extends MY_Controller { var $db_onedev; public function index() { echo "AUTH API"; } public function __construct() { parent::__construct(); $this->db_onedev = $this->load->database("onedev", true); } function isLogin() { if (!$this->isLogin) { $this->sys_error("Invalid Token"); } else { $prm = $this->sys_input; $data = array( "user" => $this->sys_user ); $this->sys_ok($data); } } function multi_login() { // check in m_user //$sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt); $prm = $this->sys_input; $sql = "select M_UserEmail from m_user where M_UserEmail = ? and M_UserIsActive = 'Y'"; $qry = $this->db->query($sql, [$prm["username"]]); if (!$qry) { $message = $this->db->error(); $this->sys_error($message); exit; } $rows = $qry->result_array(); if (count($rows) > 0) { $this->login(); exit; } // pic // $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt); // $query = $this->db->query("select Mgm_McuID M_UserID, // Mgm_McuPicEmail M_UserEmail, Mgm_McuPicEmail as M_UserUsername, // 'pic' M_UserGroupDashboard, 1 as M_UserDefaultT_SampleStationID, // Mgm_McuPicEmail M_StaffName, 'N' as is_courier, // IFNULL(S_SystemsAutoLogoutTime,0) as time_autologout // from mgm_mcu // JOIN conf_systems ON S_SystemsIsActive = 'Y' // and Mgm_McuPicEmail=? and Mgm_McuPicPassword=? // and Mgm_McuIsActive = 'Y' // ", array($prm["username"], $sm_password)); // if (!$query) { // $message = $this->db->error(); // $this->sys_error($message); // exit; // } // // echo $this->db->last_query(); // $rows = $query->result_array(); // if (count($rows) > 0) { // $user = $rows[0]; // $user['ip'] = $_SERVER['REMOTE_ADDR']; // $user['agent'] = $_SERVER['HTTP_USER_AGENT']; // //v2 // $user['version'] = 'v2'; // $user['last-login'] = date('Y-m-d H:i:s'); // $token = JWT::encode($user, $this->SECRET_KEY); // $data = array( // "user" => $user, // "token" => $token, // "type" => "pic" // ); // $this->sys_ok($data); // exit; // } // pic_v2 $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt); $sql_pic = " SELECT Mgm_McuUserID AS M_UserID, Mgm_McuUserEmail AS M_UserEmail, Mgm_McuUserEmail AS M_UserUsername, 'pic' AS M_UserGroupDashboard, 1 AS M_UserDefaultT_SampleStationID, Mgm_McuUserEmail AS M_StaffName, 'N' as is_courier, IFNULL(S_SystemsAutoLogoutTime,0) as time_autologout FROM mgm_mcuuser JOIN conf_systems ON S_SystemsIsActive = 'Y' AND Mgm_McuUserEmail = ? AND Mgm_McuUserPassword = ? AND Mgm_McuUserIsActive = 'Y' "; $query = $this->db->query($sql_pic, array($prm["username"], $sm_password)); if (!$query) { $message = $this->db->error(); $this->sys_error($message); exit; } $rows = $query->result_array(); if (count($rows) > 0) { $user = $rows[0]; $user['ip'] = $_SERVER['REMOTE_ADDR']; $user['agent'] = $_SERVER['HTTP_USER_AGENT']; //v2 $user['version'] = 'v2'; $user['last-login'] = date('Y-m-d H:i:s'); $token = JWT::encode($user, $this->SECRET_KEY); $data = array( "user" => $user, "token" => $token, "type" => "pic" ); $this->sys_ok($data); exit; } //patient $sql = " select authPatientID M_UserID, authPatientEmail M_UserEmail, authPatientEmail as M_UserUsername, 'patient' M_UserGroupDashboard, 1 as M_UserDefaultT_SampleStationID, M_PatientNAme M_StaffName, 'N' as is_courier, IFNULL(S_SystemsAutoLogoutTime,0) as time_autologout from auth_patient join m_patient on authPatientM_PatientID = M_PatientID and authPatientEmail=? and authPatientPassword=? JOIN conf_systems ON S_SystemsIsActive = 'Y' order by authPatientID desc limit 0,1"; $query = $this->db->query($sql, array($prm["username"], $sm_password)); if (!$query) { $message = $this->db->error(); $this->sys_error($message); exit; } $rows = $query->result_array(); if (count($rows) > 0) { $user = $rows[0]; $user['ip'] = $_SERVER['REMOTE_ADDR']; $user['agent'] = $_SERVER['HTTP_USER_AGENT']; //v2 $user['version'] = 'v2'; $user['last-login'] = date('Y-m-d H:i:s'); $token = JWT::encode($user, $this->SECRET_KEY); $data = array( "user" => $user, "token" => $token, "type" => "patient" ); $this->sys_ok($data); exit; } } function login() { $prm = $this->sys_input; try { //existing password enc $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt); $query = $this->db_onedev->query("select M_UserID,M_UserEmail,M_UserEmail as M_UserUsername, IFNULL(M_UserLastActivityUrl,M_UserGroupDashboard) as M_UserGroupDashboard, 1 as M_UserDefaultT_SampleStationID, M_StaffName, 'N' as is_courier, IFNULL(M_BranchName,'') as M_BranchName, IFNULL(S_SystemsAutoLogoutTime,0) as time_autologout from m_user join m_usergroup ON M_UserM_UserGroupID = M_UserGroupID LEFT JOIN m_userlocation ON M_UserLocationM_UserID = M_UserID LEFT JOIN m_branch ON M_UserLocationM_BranchID = M_BranchID left join m_staff on M_UserM_StaffID = M_StaffID JOIN conf_systems ON S_SystemsIsActive = 'Y' LEFT JOIN m_userlastactivity ON M_UserLastActivityM_UserID = M_UserID AND M_UserLastActivityIsActive = 'Y' where M_UserEmail=? and M_UserPassword=? and M_UserIsActive = 'Y' ", array($prm["username"], $sm_password)); //echo $query; if (!$query) { $message = $this->db_onedev->error(); $this->sys_error($message); exit; } // echo $this->db_onedev->last_query(); $rows = $query->result_array(); if (count($rows) > 0) { $user = $rows[0]; $user['ip'] = $_SERVER['REMOTE_ADDR']; $user['agent'] = $_SERVER['HTTP_USER_AGENT']; //v2 $user['version'] = 'v2'; $user['last-login'] = date('Y-m-d H:i:s'); $token = JWT::encode($user, $this->SECRET_KEY); $data = array( "user" => $user, "token" => $token, "type" => "cpone" ); $query = $this->db_onedev->query("update m_user SET M_UserIsLoggedIn = 'Y', M_UserLastAccess = now(), M_UserActiveToken = '{$token}' WHERE M_UserID = ? ", array($user['M_UserID'])); if (!$query) { $message = $this->db_onedev->error(); $this->sys_error($message); exit; } $query = $this->db_onedev->query("INSERT INTO cpone_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?) ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"])); if (!$query) { $message = $this->db_onedev->error(); $this->sys_error($message); exit; } $this->sys_ok($data); exit; } $query = $this->db_onedev->query("INSERT INTO cpone_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?) ", array(date('Y-m-d H:i:s'), $this->input->ip_address(), 'LOGIN', 'FAILED', $prm["username"])); if (!$query) { $message = $this->db_onedev->error(); $this->sys_error($message); exit; } $this->sys_error_db("Invalid UserName / Password"); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } function logout() { $prm = $this->sys_input; try { $query = $this->db_onedev->query( " UPDATE m_user SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null WHERE M_UserID = ?", array($this->sys_user['M_UserID']) ); if (!$query) { $message = $this->db_onedev->error(); $this->sys_error($message); exit; } $this->db_onedev->query("INSERT INTO cpone_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?) ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $this->sys_user['M_UserEmail'])); $this->sys_ok("OK"); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } }