From 926532daef6d8a30938eb4da6937ee7204eadf62 Mon Sep 17 00:00:00 2001
From: Pathologic <m@xim.name>
Date: Thu, 12 Oct 2023 17:39:38 +0300
Subject: [PATCH] token login

---
 src/Exceptions/TokenExpiredException.php |  5 ++
 src/Services/UserManager.php             |  7 +++
 src/Services/Users/UserEdit.php          |  5 +-
 src/Services/Users/UserHashLogin.php     |  6 +--
 src/Services/Users/UserLogin.php         |  4 +-
 src/Services/Users/UserTokenLogin.php    | 65 ++++++++++++++++++++++++
 6 files changed, 83 insertions(+), 9 deletions(-)
 create mode 100644 src/Exceptions/TokenExpiredException.php
 create mode 100644 src/Services/Users/UserTokenLogin.php

diff --git a/src/Exceptions/TokenExpiredException.php b/src/Exceptions/TokenExpiredException.php
new file mode 100644
index 0000000..52c257a
--- /dev/null
+++ b/src/Exceptions/TokenExpiredException.php
@@ -0,0 +1,5 @@
+<?php
+
+namespace EvolutionCMS\UserManager\Exceptions;
+
+class TokenExpiredException extends \Exception { }
diff --git a/src/Services/UserManager.php b/src/Services/UserManager.php
index 2daa537..22ff422 100644
--- a/src/Services/UserManager.php
+++ b/src/Services/UserManager.php
@@ -11,6 +11,7 @@
 use EvolutionCMS\UserManager\Services\Users\UserChangePassword;
 use EvolutionCMS\UserManager\Services\Users\UserDelete;
 use EvolutionCMS\UserManager\Services\Users\UserEdit;
+use EvolutionCMS\UserManager\Services\Users\UserTokenLogin;
 use EvolutionCMS\UserManager\Services\Users\UserHashLogin;
 use EvolutionCMS\UserManager\Services\Users\UserLogin;
 use EvolutionCMS\UserManager\Services\Users\UserLogout;
@@ -103,6 +104,12 @@ public function hashLogin(array $userData, bool $events = true, bool $cache = tr
         return $user->process();
     }
 
+    public function tokenLogin(array $userData, bool $events = true, bool $cache = true)
+    {
+        $user = new UserTokenLogin($userData, $events, $cache);
+        return $user->process();
+    }
+
     public function logout(array $userData = [], bool $events = true, bool $cache = true)
     {
         $user = new UserLogout($userData, $events, $cache);
diff --git a/src/Services/Users/UserEdit.php b/src/Services/Users/UserEdit.php
index feb1872..6c712a1 100644
--- a/src/Services/Users/UserEdit.php
+++ b/src/Services/Users/UserEdit.php
@@ -100,10 +100,10 @@ public function process(): \Illuminate\Database\Eloquent\Model
         if (!$this->checkRules()) {
             throw new ServiceActionException(\Lang::get('global.error_no_privileges'));
         }
-        
+
         $user = User::find($this->userData['id']);
         $this->userData = array_merge($user->toArray() + $user->attributes->toArray(), $this->userData);
-        
+
         // invoke OnBeforeUserFormSave event
         if ($this->events) {
             EvolutionCMS()->invokeEvent("OnBeforeUserSave", [
@@ -119,7 +119,6 @@ public function process(): \Illuminate\Database\Eloquent\Model
             $exception->setValidationErrors($this->validateErrors);
             throw $exception;
         }
-        
         if (isset($this->userData['username']) && $this->userData['username'] != '') {
             $user->username = $this->userData['username'];
             $user->save();
diff --git a/src/Services/Users/UserHashLogin.php b/src/Services/Users/UserHashLogin.php
index 28711ea..2ff40df 100644
--- a/src/Services/Users/UserHashLogin.php
+++ b/src/Services/Users/UserHashLogin.php
@@ -77,12 +77,10 @@ public function process(): \Illuminate\Database\Eloquent\Model
 
         if ($this->events) {
             // invoke OnManagerLogin event
-            EvolutionCMS()->invokeEvent('OnManagerLogin', array(
+            EvolutionCMS()->invokeEvent('OnUserLogin', [
                 'userid' => $this->user->getKey(),
                 'username' => $this->user->username,
-                'userpassword' => $this->userData['password'],
-                'rememberme' => $this->userData['rememberme']
-            ));
+            ]);
         }
         $this->user->cachepwd = '';
         $this->user->save();
diff --git a/src/Services/Users/UserLogin.php b/src/Services/Users/UserLogin.php
index 85ac052..e587351 100644
--- a/src/Services/Users/UserLogin.php
+++ b/src/Services/Users/UserLogin.php
@@ -400,13 +400,13 @@ public function checkPassword()
     {
         if ($this->events) {
             // invoke OnManagerAuthentication event
-            $rt = EvolutionCMS()->invokeEvent('OnUserAuthentication', array(
+            $rt = EvolutionCMS()->invokeEvent('OnUserAuthentication', [
                 'userid' => $this->user->getKey(),
                 'username' => $this->user->username,
                 'userpassword' => $this->userData['password'],
                 'savedpassword' => $this->user->password,
                 'rememberme' => $this->userData['rememberme'] ?? false
-            ));
+            ]);
         }
 
         // check if plugin authenticated the user
diff --git a/src/Services/Users/UserTokenLogin.php b/src/Services/Users/UserTokenLogin.php
new file mode 100644
index 0000000..5ec7af9
--- /dev/null
+++ b/src/Services/Users/UserTokenLogin.php
@@ -0,0 +1,65 @@
+<?php namespace EvolutionCMS\UserManager\Services\Users;
+
+use Carbon\Carbon;
+use EvolutionCMS\Exceptions\ServiceActionException;
+use EvolutionCMS\Exceptions\ServiceValidationException;
+use EvolutionCMS\UserManager\Exceptions\TokenExpiredException;
+use EvolutionCMS\UserManager\Interfaces\UserServiceInterface;
+use \EvolutionCMS\Models\User;
+use Illuminate\Support\Facades\Lang;
+
+class UserTokenLogin extends UserLogin
+{
+    public function getValidationRules(): array
+    {
+        return [
+            'token' => ['required'],
+            'context'  => ['nullable', 'in:web,mgr'],
+        ];
+    }
+
+    public function getValidationMessages(): array
+    {
+        return [
+            'token.required' => Lang::get("global.required_field", ['field' => 'token']),
+        ];
+    }
+    
+    /**
+     * @return \Illuminate\Database\Eloquent\Model
+     * @throws ServiceActionException
+     * @throws ServiceValidationException
+     */
+    public function process(): \Illuminate\Database\Eloquent\Model
+    {
+        if (!$this->checkRules()) {
+            throw new ServiceActionException(\Lang::get('global.login_processor_unknown_user'));
+        }
+
+        $this->user = \EvolutionCMS\Models\User::query()
+            ->where('access_token', $this->userData['token'])->first();
+        if (is_null($this->user)) {
+            throw new ServiceActionException(\Lang::get('global.login_processor_unknown_user'));
+        }
+
+        if(Carbon::now()->greaterThan($this->user->valid_to)) {
+            throw new TokenExpiredException(\Lang::get('global.login_token_expired'));
+        }
+
+        $this->userSettings = $this->user->settings->pluck('setting_value', 'setting_name')->toArray();
+
+        $this->validateAuth();
+        $this->authProcess();
+        $this->clearActiveUsers();
+
+        if ($this->events) {
+            // invoke OnManagerLogin event
+            EvolutionCMS()->invokeEvent('OnUserLogin', array(
+                'userid' => $this->user->getKey(),
+                'username' => $this->user->username,
+            ));
+        }
+
+        return $this->user;
+    }
+}