From 5c2f482c10f56da12cc0a3f49e859d001dd5bbab Mon Sep 17 00:00:00 2001 From: AntonyAntonio Date: Thu, 22 Dec 2016 03:07:06 -0300 Subject: [PATCH] Guillermo - add path /user/verify [skip ci] --- server/controllers/user.php | 2 ++ server/controllers/user/login.php | 2 +- server/controllers/user/signup.php | 7 ++++-- server/controllers/user/verify.php | 38 ++++++++++++++++++++++++++++++ server/data/ERRORS.php | 1 + server/models/User.php | 3 ++- 6 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 server/controllers/user/verify.php diff --git a/server/controllers/user.php b/server/controllers/user.php index c7a27ef6..40af4c14 100644 --- a/server/controllers/user.php +++ b/server/controllers/user.php @@ -14,6 +14,7 @@ include 'user/delete.php'; include 'user/ban.php'; include 'user/un-ban.php'; include 'user/list-ban.php'; +include 'user/verify.php'; $userControllers = new ControllerGroup(); $userControllers->setGroupPath('/user'); @@ -33,4 +34,5 @@ $userControllers->addController(new DeleteUserController); $userControllers->addController(new BanUserController); $userControllers->addController(new UnBanUserController); $userControllers->addController(new ListBanUserController); +$userControllers->addController(new VerifyController); $userControllers->finalize(); diff --git a/server/controllers/user/login.php b/server/controllers/user/login.php index 020eae13..6a693558 100644 --- a/server/controllers/user/login.php +++ b/server/controllers/user/login.php @@ -26,7 +26,7 @@ class LoginController extends Controller { $this->userInstance->lastLogin = Date::getCurrentDate(); $this->userInstance->store(); } - + Response::respondSuccess($this->getUserData()); } else { Response::respondError(ERRORS::INVALID_CREDENTIALS); diff --git a/server/controllers/user/signup.php b/server/controllers/user/signup.php index b073fab1..9c642d11 100644 --- a/server/controllers/user/signup.php +++ b/server/controllers/user/signup.php @@ -68,13 +68,16 @@ class SignUpController extends Controller { public function createNewUserAndRetrieveId() { $userInstance = new User(); - + + $token = Hashing::generateRandomToken(); + $userInstance->setProperties([ 'name' => $this->userName, 'signupDate' => Date::getCurrentDate(), 'tickets' => 0, 'email' => $this->userEmail, - 'password' => Hashing::hashPassword($this->userPassword) + 'password' => Hashing::hashPassword($this->userPassword), + 'verificationToken' => $token ]); return $userInstance->store(); diff --git a/server/controllers/user/verify.php b/server/controllers/user/verify.php new file mode 100644 index 00000000..616d3b92 --- /dev/null +++ b/server/controllers/user/verify.php @@ -0,0 +1,38 @@ + 'any', + 'requestData' => [ + 'email' => [ + 'validation' => DataValidator::email(), + 'error' => ERRORS::INVALID_EMAIL + ] + ] + ]; + } + + public function handler() { + $email = Controller::request('email'); + $token = Controller::request('token'); + + $userRow = User::getDataStore($email, 'email'); + + if(!$userRow) { + Response::respondError(ERRORS::INVALID_EMAIL); + return; + } + if($userRow->verificationToken !== $token) { + Response::respondError(ERRORS::INVALID_TOKEN); + return; + } + $userRow->verificationToken = null; + $userRow->store(); + + Response::respondSuccess(); + } +} \ No newline at end of file diff --git a/server/data/ERRORS.php b/server/data/ERRORS.php index d28286d5..b353240b 100644 --- a/server/data/ERRORS.php +++ b/server/data/ERRORS.php @@ -30,4 +30,5 @@ class ERRORS { const ALREADY_A_STAFF = 'ALREADY_A_STAFF'; const INVALID_STAFF = 'INVALID_STAFF'; const SAME_DEPARTMENT = 'SAME_DEPARTMENT'; + const INVALID_TOKEN = 'INVALID_TOKEN'; } diff --git a/server/models/User.php b/server/models/User.php index beee0708..eb6d7b21 100644 --- a/server/models/User.php +++ b/server/models/User.php @@ -17,7 +17,8 @@ class User extends DataStore { 'name', 'signupDate', 'tickets', - 'sharedTicketList' + 'sharedTicketList', + 'verificationToken' ]; }