/
login.php
97 lines (74 loc) · 2.55 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
/**
* This is a proxy file to allow an existing Mydex member to login to the Mydex platform
* and authorise the Z9 mobile connection to connect with their PDS.
*/
include 'config.php';
session_start();
header('Content-type: application/json');
//Read raw POST data and decode JSON
$postdata_raw = file_get_contents("php://input");
$postdata = json_decode($postdata_raw);
$mydexid = $postdata->mydexid;
$password = $postdata->password;
$api_key = API_KEY;
$connection_nid = CONNECTION_NID;
$connection_token = CONNECTION_TOKEN;
// Check for valid member credentials.
$auth_data = array(
'mydexid' => $mydexid,
'password' => $password
);
$api_idp_auth_url = MYDEX_IDP_PATH . '/' . APP_PATH . '/login?mydexid=' . $mydexid . '&password=' . $password;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_idp_auth_url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authentication: ' . MEMBER_CONNECTION_KEY
));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode((object)$auth_data));
$authRequest = curl_exec($ch);
$authResult = json_decode($authRequest);
$curl_error = curl_error($ch);
curl_close($ch);
if (isset($authResult->error)) {
$return_data = array(
'error' => $authResult->error
);
print json_encode($return_data);
}else{
// Check if the member is already connected.
$api_idp_conn_url = MYDEX_IDP_PATH . '/' . APP_PATH . '/' . $mydexid . '/' . $connection_nid;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_idp_conn_url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authentication: ' . MEMBER_CONNECTION_KEY
));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
$authRequest = curl_exec($ch);
$authResult = json_decode($authRequest);
$curl_error = curl_error($ch);
curl_close($ch);
// if there is error coming from getting member connection details
// then it means member is not connection and details are not in the DB.
if (isset($authResult->error)) {
// Put the mydexid in the session for after page navigation.
$_SESSION['mydexid'] = $auth_data['mydexid'];
$_SESSION['ftc'] = 'true';
$return_data = array(
'mydexid' => $auth_data['mydexid']
);
print json_encode($return_data);
}
else {
// Connection already exists, so return 'connected'.
$return_data = array(
'connected' => 'Already connected!'
);
print json_encode($return_data);
}
}