rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Add validation to login. #617

Browse source
This commit is contained in:
Korina Cordero 2021-08-21 09:17:14 +00:00
parent fc513a973b
commit d863158dd6
1 changed files with 16 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
src/Controller/CAPI/RiderAppController.php
View file

@ -125,10 +125,16 @@ class RiderAppController extends APIController
RedisClientProvider $redis) RedisClientProvider $redis)
{ {
$required_params = [ $required_params = [
'user',
'pass',
]; ];
// TODO: right now, no validation at all. Accept anything. $missing = $this->checkMissingParameters($req, $required_params);
if (count($missing) > 0)
{
$params = implode(', ', $missing);
return new APIResponse(false, 'Missing parameter(s): ' . $params);
}
// NOTE: we retain the username and password in rider for backward compatibility // NOTE: we retain the username and password in rider for backward compatibility
// look for rider with username // look for rider with username
@ -148,37 +154,6 @@ class RiderAppController extends APIController
if ($user == null) if ($user == null)
return new APIResponse(false, 'Rider cannot login, no associated user.'); return new APIResponse(false, 'Rider cannot login, no associated user.');
/*
$missing = $this->checkMissingParameters($req, $required_params);
if (count($missing) > 0)
{
$params = implode(', ', $missing);
return new APIResponse(false, 'Missing parameter(s): ' . $params);
}
// get capi user to link to rider api user
$capi_user_id = $this->getUser()->getID();
// check if capi user already has a rider api user
$rapi_session = $em->getRepository(RiderAPISession::class)->findOneBy(['capi_user_id' => $capi_user_id]);
if ($rapi_session->hasRider())
return new APIResponse(false, 'Another rider is already logged in. Please logout first.');
// look for rider with username
$rider = $em->getRepository(Rider::class)->findOneBy(['username' => $req->request->get('user')]);
if ($rider == null)
return new APIResponse(false, 'Invalid username or password.');
// check if rider password is correct
$encoder = $ef->getEncoder(new User());
if (!$encoder->isPasswordValid($rider->getPassword(), $req->request->get('pass'), ''))
return new APIResponse(false, 'Invalid username or password.');
// assign rider to api session
$rapi_session->setRider($rider);
// set rider to available // set rider to available
$rider->setAvailable(true); $rider->setAvailable(true);
@ -205,13 +180,14 @@ class RiderAppController extends APIController
$em->flush(); $em->flush();
// NOTE; commenting this out since this doesn't seem to be needed.
// this is being set in utils/mqtt_rider_convert/mqtt_rider_convert.py
// update redis rider.id.<session id> with the rider id // update redis rider.id.<session id> with the rider id
$redis_client = $redis->getRedisClient(); //$redis_client = $redis->getRedisClient();
$redis_key = 'rider.id.' . $rapi_session->getID(); //$redis_key = 'rider.id.' . $rapi_session->getID();
$rider_id = $rider->getID(); //$rider_id = $rider->getID();
$redis_client->set($redis_key, $rider_id); //$redis_client->set($redis_key, $rider_id);
*/
$rider_id = $rider->getID(); $rider_id = $rider->getID();