212 lines
6.9 KiB
PHP
212 lines
6.9 KiB
PHP
<?php
|
|
class Authchange extends MY_Controller
|
|
{
|
|
var $db_regional;
|
|
var $db_log;
|
|
var $db;
|
|
var $load;
|
|
public function index() {
|
|
echo "AUTH CHANGE";
|
|
}
|
|
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->db_regional = $this->load->database("regional", true);
|
|
// if (!$this->isLogin) {
|
|
// $this->sys_error("Invalid Token");
|
|
// exit;
|
|
// }
|
|
|
|
// $userID = $this->sys_user['M_UserID'];
|
|
|
|
// $sql_cek_token = "SELECT M_UserActiveToken
|
|
// from one_mitra.m_user
|
|
// WHERE M_UserID = ?
|
|
// AND M_UserActiveToken IS NOT NULL";
|
|
|
|
// $qry_token = $this->db->query($sql_cek_token, [$userID]);
|
|
// if (!$qry_token) {
|
|
// $this->sys_error('Invalid token');
|
|
// exit;
|
|
// }
|
|
|
|
// $rows_token = $qry_token->result_array();
|
|
// if (count($rows_token) == 0) {
|
|
// $this->sys_error('Invalid token');
|
|
// exit;
|
|
// }
|
|
}
|
|
|
|
public function getUserAliases()
|
|
{
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
$this->sys_error("Invalid Token");
|
|
exit;
|
|
}
|
|
$sql = "SELECT
|
|
M_UserAliasesID AS userAliasesID,
|
|
M_UserAliasesM_UsersID AS userAliasesUserID,
|
|
M_UserAliasesTargetIP AS userAliasesTargetIP,
|
|
M_UserAliasesTargetM_UserID AS userAliasesTargetUserID,
|
|
M_UserAliasesTargetM_Username AS userAliasesTargetUsername,
|
|
M_UserAliasesTargetURL AS userAliasesTargetUrl,
|
|
S_RegionalID AS userAliasesTargetRegionalID,
|
|
S_RegionalName AS userAliasesTargetRegionalName
|
|
FROM one_mitra.m_user_aliases
|
|
JOIN s_regional
|
|
ON M_UserAliasesTargetRegionalID = S_RegionalID
|
|
WHERE M_UserAliasesM_UsersID = ?
|
|
AND M_UserAliasesIsActive = 'Y';";
|
|
$query = $this->db->query($sql, array($this->sys_user['M_UserID']));
|
|
if (!$query) {
|
|
$this->sys_error_db("Error get user aliases");
|
|
exit;
|
|
}
|
|
$data = $query->result_array();
|
|
$this->sys_ok($data);
|
|
}
|
|
|
|
public function encrypt($targetUrl, $username)
|
|
{
|
|
$str = $targetUrl . '.' . $username;
|
|
return md5($str);
|
|
}
|
|
|
|
public function autologin()
|
|
{
|
|
$prm = $this->sys_input;
|
|
// if (!$this->isLogin) {
|
|
// $this->sys_error("Invalid Token");
|
|
// exit;
|
|
// }
|
|
$userID = $prm['userID'];
|
|
$username = $prm['username'];
|
|
$targetUrl = $prm['targetUrl'];
|
|
$xcode = $prm['xcode'];
|
|
$xcode_encrypt = $this->encrypt($targetUrl, $username);
|
|
if ($xcode_encrypt != $xcode) {
|
|
$this->sys_error("Invalid xcode");
|
|
exit;
|
|
}
|
|
$sql = "SELECT * FROM one_mitra.m_user WHERE M_UserUsername = ? AND M_UserID = ? AND M_UserIsActive = 'Y'";
|
|
$query = $this->db->query($sql, [$username, $userID]);
|
|
if (!$query) {
|
|
$this->sys_error_db("Error update user");
|
|
exit;
|
|
}
|
|
$data = $query->result_array();
|
|
if (count($data) == 0) {
|
|
$this->sys_error("User not found");
|
|
exit;
|
|
}
|
|
$query = $this->db->query(
|
|
"SELECT M_UserID,
|
|
M_UserUsername,
|
|
M_UserM_CompanyID,
|
|
M_UserM_MouID,
|
|
M_CompanyName as company_name,
|
|
M_UserS_RegionalID
|
|
from one_mitra.m_user
|
|
JOIN m_company ON M_UserM_CompanyID = M_CompanyID
|
|
AND M_CompanyIsActive = 'Y'
|
|
where M_UserUsername= ? and M_UserID= ?
|
|
and M_UserIsActive = 'Y'
|
|
",
|
|
array($prm["username"], $userID)
|
|
);
|
|
// print_r($this->db_regional->last_query());
|
|
if (!$query) {
|
|
$message = $this->db->error();
|
|
$this->sys_error($message, $this->db);
|
|
exit;
|
|
}
|
|
$rows = $query->result_array();
|
|
if (count($rows) > 0) {
|
|
$user = $rows[0];
|
|
$user['ip'] = $_SERVER['REMOTE_ADDR'];
|
|
$user['agent'] = $_SERVER['HTTP_USER_AGENT'];
|
|
$token = JWT::encode($user, $this->SECRET_KEY);
|
|
$data = array(
|
|
"user" => $user,
|
|
"token" => $token
|
|
);
|
|
|
|
$query = $this->db->query("UPDATE one_mitra.m_user
|
|
SET M_UserIsLoggedIn = 'Y',
|
|
M_UserLastAccess = now(),
|
|
M_UserActiveToken = '{$token}'
|
|
WHERE M_UserID = ?
|
|
", array($user['M_UserID']));
|
|
if (!$query) {
|
|
$message = $this->db_regional->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$query = $this->db->query("INSERT INTO mitra_log.log_login
|
|
(Log_LoginDateTime,
|
|
Log_LoginIP,
|
|
Log_LoginType,
|
|
Log_LoginStatus,
|
|
Log_LoginLogin) VALUES (?,?,?,?,?)
|
|
", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"]));
|
|
if (!$query) {
|
|
$message = $this->db->error();
|
|
$this->sys_error($message);
|
|
exit;
|
|
}
|
|
|
|
$this->sys_ok($data);
|
|
exit;
|
|
}
|
|
$this->sys_ok($data);
|
|
}
|
|
|
|
public function request_mitra_token() {
|
|
// userID , userName, targetUrl
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
$this->sys_error("Invalid Token");
|
|
exit;
|
|
}
|
|
|
|
$username = $prm['username'];
|
|
$targetUrl = $prm['targetUrl'];
|
|
$xcode = $this->encrypt($targetUrl, $username);
|
|
$fields = [
|
|
'token' => $prm['token'],
|
|
'userID' => $prm['userID'],
|
|
'username' => $username,
|
|
'targetUrl' => $targetUrl,
|
|
'xcode' => $xcode
|
|
];
|
|
|
|
$dest_url = $targetUrl . "/one-api/one_mitra/authchange/autologin";
|
|
|
|
$ch = curl_init();
|
|
|
|
curl_setopt($ch, CURLOPT_URL, $dest_url);
|
|
curl_setopt($ch, CURLOPT_POST, 1);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
$response = curl_exec($ch);
|
|
|
|
if ($response === false) {
|
|
$this->sys_error("error get token from destination server");
|
|
exit;
|
|
}
|
|
|
|
curl_close($ch);
|
|
|
|
$json_data = json_decode($response, true);
|
|
$token = $json_data['data']['token'];
|
|
$return = $targetUrl . "/" . "mitra-cb" ."/" . "?token=" . $token;
|
|
|
|
$this->sys_ok($return);
|
|
}
|
|
|
|
}
|