121 行
3.8 KiB
PHP
121 行
3.8 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\ForUser;
|
|
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\Response;
|
|
use Illuminate\Support\Facades\Log;
|
|
|
|
class UserController extends Controller {
|
|
public function getUsers() { // /api/rpc/user/user/getusers
|
|
return DB::table('for_users')
|
|
->select('*')
|
|
->get();
|
|
}
|
|
|
|
public function getUser($id) { // /api/rpc/user/user/getuser/id
|
|
return DB::table('for_users')
|
|
->select(
|
|
'id',
|
|
'username',
|
|
'perm_id',
|
|
'member_title',
|
|
'reg_date',
|
|
'website_address',
|
|
'website_name',
|
|
'gender',
|
|
'location',
|
|
'birthday',
|
|
'bio',
|
|
'avatar',
|
|
'timezone',
|
|
'strikes',
|
|
'name_colour',
|
|
'display_name',
|
|
'yt_channel',
|
|
'country',
|
|
'curTZ', 'curDF', 'curTF', // Time and date stuff
|
|
'usr_per_id', 'str_per_id', // Permission stuff.
|
|
// TODO: hide the following stuff away from unprivileaged users.
|
|
'email',
|
|
'ip_address',
|
|
'strikes'
|
|
)
|
|
->where('id', $id)
|
|
->get();
|
|
}
|
|
|
|
public function getGroupColours() { // /api/rpc/user/user/getgroupcolours
|
|
return DB::table('usr_perm_module')
|
|
->select(
|
|
'id',
|
|
'name',
|
|
'colour_m',
|
|
'colour_f',
|
|
'colour_u'
|
|
// 'badge' (this is a pipeline feature, please don't uncomment for now!)
|
|
)
|
|
->get();
|
|
}
|
|
|
|
public function isAuth(Request $request) { // /apt/rpc/user/auth/isauth
|
|
return $request->cookie('username');
|
|
}
|
|
|
|
public function login(Request $request) { // /api/rpc/user/auth/login
|
|
$getUser = DB::table('for_users')
|
|
->select('id', 'username', 'password', 'salt')
|
|
->where('username', $request->username)
|
|
->get();
|
|
|
|
$login_ok = false;
|
|
|
|
try {
|
|
$check_password = hash('sha256', $request->password . $getUser[0]->salt);
|
|
|
|
for ($round = 0; $round < 65536; $round++) {
|
|
$check_password = hash('sha256', $check_password . $getUser[0]->salt);
|
|
}
|
|
|
|
if ($check_password === $getUser[0]->password) {
|
|
$login_ok = true;
|
|
|
|
if (session_start()) {
|
|
//return $_SERVER['HTTP_HOST'];
|
|
// setcookie("username", $_POST['username'], time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true);
|
|
// setcookie("password", $check_password, time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true);
|
|
$cookieU = $request->cookie('username', $request->username, time()+3600*24*30*72);
|
|
$cookieP = $request->cookie('password', $check_password, time()+3600*24*30*72);
|
|
|
|
//dd($cookieP);
|
|
//dd($request);
|
|
//dd($cookie->name));
|
|
return response('')
|
|
->cookie('username', $cookieU)
|
|
->cookie('password', $cookieP);
|
|
}
|
|
|
|
}
|
|
|
|
return "bad";
|
|
}
|
|
catch (Exception $e) {
|
|
return $e->getMessage();
|
|
}
|
|
}
|
|
|
|
public function register(Request $request) { // /api/rpc/user/auth/register
|
|
return;
|
|
}
|
|
|
|
public function logout(Request $request) { // /api/rpc/user/auth/logout
|
|
return;
|
|
}
|
|
|
|
// public function passwordReset() {}
|
|
// public function confirmReset() {}
|
|
}
|