findByLogin($login); } public function findByEMail(string $email) { return User::finder()->findByEMail($email); } public function checkForUsername(string $login) { return !User::finder()->count('login = ?', $login); } public function checkForEMail(string $email) { return !User::finder()->count('e_mail = ?', $email); } public function registerUser( string $login, string $password, string $email, bool $admin=FALSE) { $transaction = $this->beginTransaction(); try { $newUser = new User(); $newUser->Login = $login; $newUser->Password = $this->generatePassword($password); $newUser->EMail = $email; $newUser->IsAdmin = $admin; $newUser->save(); $this->raiseEvent('UserRegistered', $newUser); $transaction->commit(); return $newUser; } catch (Exception $e) { $transaction->rollback(); throw $e; } } public function changePassword(DbUser $user, string $pass) { if (!$user->IsGuest) { $user->DbRecord->Password = $this->generatePassword($pass); $user->DbRecord->save(); } } public function verifyUserPassword(string $password, DbUser $user) { $dbPassword = $user->IsGuest ? '' : $user->DbRecord->Password; return $this->verifyPassword($password, $dbPassword); } public function generatePassword(string $password) { return password_hash($password, PASSWORD_DEFAULT); } public function verifyPassword(string $password, string $dbPassword) { return password_verify($password, $dbPassword); } public function requestActivation(User $user) { $user->IsActive = FALSE; $user->ActivationHash = md5(mt_rand()); $user->save(); $this->_sendActivationMail($user); } protected function _generateActivationLink($email, $hash) { $application = Prado::getApplication(); return $application->Request->getBaseUrl() . $application->Service->constructUrl( 'Activate', ['email' => base64_encode($email), 'hash' => $hash] ); } protected function _sendActivationMail(User $user) { $mailModule = Prado::getApplication()->getModule('mail'); $mailer = $mailModule->getMailer(); $template = $mailModule->getTemplate('activation-link'); $template->link = $this->_generateActivationLink( $user->EMail, $user->ActivationHash ); $mailer->sendTemplate( $template, Prado::localize('rcal - account activation'), $user->EMail, $user->Login ); } public function activateUser(string $email, string $hash) { $user = $this->findByEMail( base64_decode($email) ); $activation = $user && !$user->IsActive && ($user->ActivationHash === $hash); if ($activation) { $user->IsActive = TRUE; $user->ActivationDate = (new DateTime('UTC'))->format('Y-m-d H:i:s'); $user->ActivationHash = NULL; $user->save(); return TRUE; } return FALSE; } public function setTimezonePreference(DbUser $user, string $timezone) { if ($user->IsGuest) { throw new TInvalidDataException( Prado::localize( 'Timezone preference change impossible for guest user' ) ); } $user->DbRecord->Timezone = $timezone; $user->DbRecord->save(); } public function getTimezonePreference(DbUser $user) { if (!$user->IsGuest && $user->DbRecord->Timezone) { try { return new TimezoneDTO($user->DbRecord->Timezone); } catch(Exception $e) {} } return new TimezoneDTO(date_default_timezone_get()); } public function setLanguagePreference(DbUser $user, string $lang) { if ($user->IsGuest) { throw new TInvlaidDataException( Prado::localize( 'Language preference change impossible for guest user' ) ); } $user->DbRecord->Language = $lang; $user->DbRecord->save(); } public function getLanguagePreference(DbUser $user) { if (!$user->IsGuest) { try { if ($user->DbRecord->Language) { return new LanguageDTO($user->DbRecord->Language); } } catch(Exception $e) {} } return NULL; } public function setGroupedViewPreference(DbUser $user, bool $value) { if ($user->IsGuest) { throw new TInvlaidDataException( Prado::localize( 'Grouped view preference change impossible for guest user' ) ); } $user->DbRecord->GroupedView = $value; $user->DbRecord->save(); } public function getGroupedViewPreference(DbUser $user) { if (!$user->IsGuest) { return TPropertyValue::ensureBoolean( $user->DbRecord->GroupedView ); } return FALSE; } public function createUserAuthKey(DbUser $user) { if ($user->IsGuest) { return NULL; } $authKey = new UserAuthKey(); $authKey->AuthKey = md5(mt_rand()); $authKey->IPAddress = Prado::getApplication()->Request->UserHostAddress; $authKey->UserID = $user->DbRecord->ID; $authKey->save(); $dto = new UserKeyDTO(); $dto->loadRecord($authKey); return $dto; } public function compileCookieData(UserKeyDTO $key) { $data = base64_encode(serialize($key)); return Prado::getApplication()->SecurityManager->hashData($data); } public function getUserFromCookieData(THttpCookie $cookie) { $application = Prado::getApplication(); try { $data = $application->SecurityManager->validateData($cookie->getValue()); if ($data) { $data = unserialize(base64_decode($data)); if ($data instanceof UserKeyDTO) { $dataRecord = UserAuthKey::finder()->findByAuthKey($data->Key); if ($dataRecord && $data->User === $dataRecord->User->Login && $data->IPAddress === $application->Request->UserHostAddress) { return $data; } } } return NULL; } catch (Exception $e) { return NULL; } } public function clearUserAuthKey(DbUser $user) { if (!$user->IsGuest && $user->DbRecord && $user->AuthKey) { $keyRecord = UserAuthKey::finder()->findByAuthKey($user->AuthKey); if ($keyRecord && $keyRecord->UserID == $user->DbRecord->ID) { $keyRecord->delete(); } } } } ?>