WIP - validates google token and gets its data

2020-08-17 09:38:05 -03:00 · 2020-08-17 09:38:05 -03:00 · 56ca30a7c3
parent fad3dce646
commit 56ca30a7c3
2 changed files with 39 additions and 1 deletions
--- a/client/src/app/main/main-home/main-home-page-login-widget.js
+++ b/client/src/app/main/main-home/main-home-page-login-widget.js
@ -43,6 +43,17 @@ class MainHomePageLoginWidget extends React.Component {
    }

    renderLogin() {
+        const onGoogleLoginSuccess = (googleUser) => {
+            let id_token = googleUser.getAuthResponse().id_token;
+            
+            API.call({
+                path: '/user/login',
+                data: {
+                    'googleId': id_token
+                }
+            }).then(() => {}).catch(() => {});
+        }
+
        const defaultGoogleHandler = (response) => {
            console.log(response);
        }
@ -55,7 +66,7 @@ class MainHomePageLoginWidget extends React.Component {
                height: 30,
                longtitle: true,
                theme: 'dark',
-                onsuccess: defaultGoogleHandler,
+                onsuccess: onGoogleLoginSuccess,
                onfailure: defaultGoogleHandler
            })
        })
--- a/server/controllers/user/login.php
+++ b/server/controllers/user/login.php
@ -19,6 +19,7 @@ use RedBeanPHP\Facade as RedBean;
 * @apiParam {Boolean} remember Indicates if the session wants to be remembered.
 * @apiParam {Number} userId The id of the user to login.
 * @apiParam {String} rememberToken Token to login automatically. It replaces the password.
+ * @apiParam {String} googleId Token to log in with Google.
 *
 * @apiUse UNVERIFIED_USER
 * @apiUse INVALID_CREDENTIALS
@ -49,6 +50,28 @@ class LoginController extends Controller {

    public function handler() {
        $this->clearOldRememberTokens();
+
+        if ($this->checkGoogleLogin()) {
+
+            $client = new Google_Client(['client_id' => '50174278643-gtvjdpm5rmkv75lf3jsp95iv77a2usgu.apps.googleusercontent.com']);  // Specify the CLIENT_ID of the app that accesses the backend
+            $payload = $client->verifyIdToken(Controller::request('googleId'));
+            if ($payload) {
+                $userid = $payload['sub'];
+                ob_start();
+                var_dump($payload);
+                $result = ob_get_clean();
+                Response::respondSuccess(array('googleUserData' => $result));
+                return;
+            } else {
+                echo "Invalid token" . PHP_EOL;
+            }
+            
+
+            Response::respondSuccess(array(
+                'userId' => -1,
+            ));
+            return;
+        }
        
        if ($this->checkInputCredentials() || $this->checkRememberToken()) {
            if($this->userInstance->verificationToken !== null) {
@ -73,6 +96,10 @@ class LoginController extends Controller {
        }
    }

+    private function checkGoogleLogin() {
+        return !!Controller::request('googleId');
+    }
+
    private function checkInputCredentials() {
        $this->userInstance = $this->getUserByInputCredentials();