172 lines
5.0 KiB
PHP
172 lines
5.0 KiB
PHP
<?php
|
|
/*
|
|
### Auth API
|
|
- Functions
|
|
- login x
|
|
- logout
|
|
template function {
|
|
$this->sys_debug();
|
|
try {
|
|
if (! $this->isLogin) {
|
|
$this->sys_error("Invalid Token");
|
|
exit;
|
|
}
|
|
$prm = $this->sys_input;
|
|
|
|
} catch(Exception $exc) {
|
|
$message = $exc->getMessage();
|
|
$this->sys_error($message);
|
|
}
|
|
|
|
}
|
|
*/
|
|
|
|
class Authv2 extends MY_Controller {
|
|
var $db_onedev;
|
|
public function index()
|
|
{
|
|
echo "AUTH API";
|
|
}
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->db_onedev = $this->load->database("onedev", true);
|
|
}
|
|
function isLogin() {
|
|
if (! $this->isLogin) {
|
|
$this->sys_error("Invalid Token");
|
|
} else {
|
|
$prm = $this->sys_input;
|
|
$data = array(
|
|
"user" => $this->sys_user
|
|
);
|
|
$this->sys_ok($data);
|
|
}
|
|
}
|
|
function getsatellite(){
|
|
$sql = $this->db_onedev->query("SELECT M_BranchHaveSatellite FROM m_branch
|
|
WHERE M_BranchIsDefault = 'Y' AND M_BranchIsActive = 'Y'")->row();
|
|
$hassatellite = $sql->M_BranchHaveSatellite;
|
|
$rows = [];
|
|
$query =" SELECT 0 as M_SatelliteID, M_BranchName as M_SatelliteName
|
|
FROM m_branch
|
|
WHERE M_BranchIsActive = 'Y' AND M_BranchIsDefault = 'Y'
|
|
|
|
UNION SELECT M_SatelliteID, M_SatelliteName
|
|
FROM m_satellite
|
|
WHERE
|
|
M_SatelliteIsActive = 'Y'";
|
|
//echo $query;
|
|
$rows['satellites'] = $this->db_onedev->query($query)->result_array();
|
|
|
|
$result = array(
|
|
"total" => count($rows) ,
|
|
"records" => $rows,
|
|
"hassatellite" => $hassatellite
|
|
);
|
|
$this->sys_ok($result);
|
|
exit;
|
|
}
|
|
function login() {
|
|
$prm = $this->sys_input;
|
|
try {
|
|
//existing password enc
|
|
$sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
|
|
$query = $this->db_onedev->query("select M_UserID,M_UserUsername, M_UserGroupDashboard, M_UserDefaultT_SampleStationID,
|
|
M_StaffName, IF(M_CourierID = NULL, 'N','Y') as is_courier
|
|
from m_user
|
|
join m_usergroup ON M_UserM_UserGroupID = M_UserGroupID
|
|
left join m_staff on M_UserM_StaffID = M_StaffID
|
|
left join m_courier ON M_CourierM_StaffID = M_StaffID AND M_CourierIsActive = 'Y'
|
|
where M_UserUsername=? and M_UserPassword=?
|
|
and M_UserIsActive = 'Y'
|
|
",array($prm["username"], $sm_password));
|
|
//echo $query;
|
|
if (!$query) {
|
|
$message = $this->db_onedev->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
$rows = $query->result_array();
|
|
if (count($rows) > 0 ) {
|
|
$user = $rows[0];
|
|
$user['ip'] = $_SERVER['REMOTE_ADDR'];
|
|
$user['agent'] = $_SERVER['HTTP_USER_AGENT'];
|
|
if (isset($prm['M_SatelliteID'])) {
|
|
$user['M_SatelliteID'] = $prm['M_SatelliteID'];
|
|
} else {
|
|
$user['M_SatelliteID'] = 0;
|
|
}
|
|
$token = JWT::encode($user,$this->SECRET_KEY);
|
|
$data = array(
|
|
"user" => $user,
|
|
"token" => $token
|
|
);
|
|
|
|
$query = $this->db_onedev->query("update m_user SET M_UserIsLoggedIn = 'Y', M_UserLastAccess = now(), M_UserActiveToken = '{$token}' WHERE M_UserID = ?
|
|
",array($user['M_UserID']));
|
|
if (!$query) {
|
|
$message = $this->db_onedev->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$query = $this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
|
|
",array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'],'LOGIN','SUCCESS',$prm["username"]));
|
|
if (!$query) {
|
|
$message = $this->db_onedev->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$this->sys_ok($data);
|
|
exit;
|
|
}
|
|
$query = $this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
|
|
",array(date('Y-m-d H:i:s'),$this->input->ip_address(),'LOGIN','FAILED',$prm["username"]));
|
|
if (!$query) {
|
|
$message = $this->db_onedev->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$this->sys_error_db("Invalid UserName / Password");
|
|
} catch(Exception $exc) {
|
|
$message = $exc->getMessage();
|
|
$this->sys_error($message);
|
|
}
|
|
}
|
|
|
|
function logout()
|
|
{
|
|
$prm = $this->sys_input;
|
|
try
|
|
{
|
|
|
|
$query = $this->db_onedev->query("
|
|
UPDATE m_user
|
|
SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
|
|
WHERE M_UserID = ?",
|
|
array($this->sys_user['M_UserID']));
|
|
|
|
if (!$query)
|
|
{
|
|
$message = $this->db_onedev->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
|
|
",array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $this->sys_user['M_UserUsername']));
|
|
$this->sys_ok("OK");
|
|
|
|
}
|
|
catch(Exception $exc)
|
|
{
|
|
$message = $exc->getMessage();
|
|
$this->sys_error($message);
|
|
}
|
|
}
|
|
}
|
|
?>
|