mirror of
https://github.com/elyby/accounts.git
synced 2025-01-27 05:52:45 +05:30
75 lines
2.8 KiB
PHP
75 lines
2.8 KiB
PHP
<?php
|
||
namespace api\modules\authserver\models;
|
||
|
||
use api\models\authentication\LoginForm;
|
||
use api\modules\authserver\exceptions\ForbiddenOperationException;
|
||
use api\modules\authserver\validators\RequiredValidator;
|
||
use common\models\MinecraftAccessKey;
|
||
use Yii;
|
||
|
||
class AuthenticationForm extends Form {
|
||
|
||
public $username;
|
||
public $password;
|
||
public $clientToken;
|
||
|
||
public function rules() {
|
||
return [
|
||
[['username', 'password', 'clientToken'], RequiredValidator::class],
|
||
];
|
||
}
|
||
|
||
/**
|
||
* @return AuthenticateData
|
||
* @throws \api\modules\authserver\exceptions\AuthserverException
|
||
*/
|
||
public function authenticate() {
|
||
$this->validate();
|
||
|
||
Yii::info("Trying to authenticate user by login = '{$this->username}'.", 'legacy-authentication');
|
||
|
||
$loginForm = new LoginForm();
|
||
$loginForm->login = $this->username;
|
||
$loginForm->password = $this->password;
|
||
if (!$loginForm->validate()) {
|
||
$errors = $loginForm->getFirstErrors();
|
||
if (isset($errors['login'])) {
|
||
Yii::error("Cannot find user by login = '{$this->username}", 'legacy-authentication');
|
||
} elseif (isset($errors['password'])) {
|
||
Yii::error("User with login = '{$this->username}' passed wrong password.", 'legacy-authentication');
|
||
}
|
||
|
||
// На старом сервере авторизации использовалось поле nickname, а не username, так что сохраняем эту логику
|
||
$attribute = $loginForm->getLoginAttribute();
|
||
if ($attribute === 'username') {
|
||
$attribute = 'nickname';
|
||
}
|
||
|
||
// TODO: если аккаунт заблокирован, то возвращалось сообщение return "This account has been suspended."
|
||
// TODO: эта логика дублируется с логикой в SignoutForm
|
||
|
||
throw new ForbiddenOperationException("Invalid credentials. Invalid {$attribute} or password.");
|
||
}
|
||
|
||
$account = $loginForm->getAccount();
|
||
|
||
/** @var MinecraftAccessKey|null $accessTokenModel */
|
||
$accessTokenModel = MinecraftAccessKey::findOne(['client_token' => $this->clientToken]);
|
||
if ($accessTokenModel === null) {
|
||
$accessTokenModel = new MinecraftAccessKey();
|
||
$accessTokenModel->client_token = $this->clientToken;
|
||
$accessTokenModel->account_id = $account->id;
|
||
$accessTokenModel->insert();
|
||
} else {
|
||
$accessTokenModel->refreshPrimaryKeyValue();
|
||
}
|
||
|
||
$dataModel = new AuthenticateData($accessTokenModel);
|
||
|
||
Yii::info("User with id = {$account->id}, username = '{$account->username}' and email = '{$account->email}' successfully logged in.", 'legacy-authentication');
|
||
|
||
return $dataModel;
|
||
}
|
||
|
||
}
|