recreate project
This commit is contained in:
@@ -0,0 +1,245 @@
|
||||
<?php
|
||||
|
||||
namespace App\Controllers\View;
|
||||
|
||||
use CodeIgniter\HTTP\ResponseInterface;
|
||||
use CodeIgniter\RESTful\ResourceController;
|
||||
use App\Models\UserModel;
|
||||
use App\Models\AuthorizedUserModel;
|
||||
use CodeIgniter\I18n\Time;
|
||||
|
||||
class AuthorizedUsersController extends ResourceController
|
||||
{
|
||||
protected $userModel;
|
||||
protected $authorizedUserModel;
|
||||
|
||||
public function __construct(private \CodeIgniter\HTTP\IncomingRequest $request)
|
||||
{
|
||||
$this->userModel = new UserModel();
|
||||
$this->authorizedUserModel = new AuthorizedUserModel();
|
||||
}
|
||||
/**
|
||||
* Return a list of authorized users for the logged-in main user.
|
||||
*
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function index()
|
||||
{
|
||||
|
||||
$userId = session()->get('user_id');
|
||||
$authorizedUsers = $this->authorizedUserModel->where('user_id', $userId)->findAll();
|
||||
|
||||
return $this->respond($authorizedUsers);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show a specific authorized user by ID.
|
||||
*
|
||||
* @param int|string|null $id
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function show($id = null)
|
||||
{
|
||||
$authorizedUser = $this->authorizedUserModel->find($id);
|
||||
|
||||
if (!$authorizedUser) {
|
||||
return $this->failNotFound('Authorized user not found.');
|
||||
}
|
||||
|
||||
return $this->respond($authorizedUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new authorized user (add by email).
|
||||
*
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
$email = strtolower($this->request->getPost('email'));
|
||||
|
||||
// Validate email
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
return $this->failValidationErrors('Invalid email address.');
|
||||
}
|
||||
|
||||
$user = $this->userModel->where('email', $email)->first();
|
||||
|
||||
if (!$user) {
|
||||
return $this->failNotFound('No user found with this email.');
|
||||
}
|
||||
|
||||
// Generate a token for confirmation
|
||||
helper('text');
|
||||
$token = bin2hex(random_bytes(48));
|
||||
|
||||
// Add entry to the authorized_users table
|
||||
$this->authorizedUserModel->insert([
|
||||
'user_id' => session()->get('user_id'), // Main user ID
|
||||
'authorized_user_id' => $user['id'],
|
||||
'email' => $email,
|
||||
'token' => $token,
|
||||
'status' => 'Pending'
|
||||
]);
|
||||
|
||||
// Send confirmation email to the authorized user
|
||||
$this->sendAuthorizedUserConfirmationEmail($email, $token);
|
||||
|
||||
return $this->respondCreated(['message' => 'Authorized user added. A confirmation email has been sent.']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update an existing authorized user.
|
||||
*
|
||||
* @param int|string|null $id
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function update($id = null)
|
||||
{
|
||||
// Fetch the authorized user
|
||||
$authorizedUser = $this->authorizedUserModel->find($id);
|
||||
|
||||
if (!$authorizedUser) {
|
||||
return $this->failNotFound('Authorized user not found.');
|
||||
}
|
||||
|
||||
// Update the authorized user’s information (e.g., email)
|
||||
$email = strtolower($this->request->getPost('email'));
|
||||
if ($email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$authorizedUser['email'] = $email;
|
||||
}
|
||||
|
||||
$this->authorizedUserModel->save($authorizedUser);
|
||||
|
||||
return $this->respondUpdated(['message' => 'Authorized user information updated.']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete an authorized user.
|
||||
*
|
||||
* @param int|string|null $id
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function delete($id = null)
|
||||
{
|
||||
$authorizedUser = $this->authorizedUserModel->find($id);
|
||||
|
||||
if (!$authorizedUser) {
|
||||
return $this->failNotFound('Authorized user not found.');
|
||||
}
|
||||
|
||||
// Delete the authorized user record
|
||||
$this->authorizedUserModel->delete($id);
|
||||
|
||||
return $this->respondDeleted(['message' => 'Authorized user deleted successfully.']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Confirms the authorized user's token and allows them to set a password.
|
||||
*
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function confirm()
|
||||
{
|
||||
$token = $this->request->getGet('token');
|
||||
|
||||
if (!$token) {
|
||||
return $this->fail('Invalid confirmation link.');
|
||||
}
|
||||
|
||||
$authorizedUser = $this->authorizedUserModel->where('token', $token)->first();
|
||||
|
||||
if (!$authorizedUser) {
|
||||
return $this->fail('Invalid or expired confirmation link.');
|
||||
}
|
||||
|
||||
// Mark the authorized user as active
|
||||
$this->authorizedUserModel->update($authorizedUser['id'], ['status' => 'Active', 'token' => null]);
|
||||
|
||||
return redirect()->to('/set_authorized_user_password/' . $authorizedUser['authorized_user_id']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Displays the form for the authorized user to set their password.
|
||||
*
|
||||
* @param int $authorizedUserId
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
public function setPassword($authorizedUserId)
|
||||
{
|
||||
$user = $this->userModel->find($authorizedUserId);
|
||||
|
||||
if (!$user) {
|
||||
return $this->failNotFound('User not found.');
|
||||
}
|
||||
|
||||
return view('user/set_authorized_user_password', ['userId' => $authorizedUserId]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Processes the password for the authorized user.
|
||||
*
|
||||
* @return ResponseInterface
|
||||
*/
|
||||
/*
|
||||
public function savePassword()
|
||||
{
|
||||
// Validate the request
|
||||
$validation = \Config\Services::validation();
|
||||
$validation->setRules([
|
||||
'password' => 'required|min_length[6]',
|
||||
'password_confirm' => 'required|matches[password]',
|
||||
'user_id' => 'required|integer'
|
||||
]);
|
||||
|
||||
if (!$this->validate($validation->getRules())) {
|
||||
return $this->failValidationErrors($validation->getErrors());
|
||||
}
|
||||
|
||||
// Get the validated input
|
||||
$userId = $this->request->getPost('user_id');
|
||||
$password = $this->request->getPost('password');
|
||||
|
||||
$model = new UserModel();
|
||||
$user = $model->find($userId);
|
||||
|
||||
if (!$user) {
|
||||
return $this->failNotFound('User not found.');
|
||||
}
|
||||
|
||||
// Save the password
|
||||
$model->update($userId, ['password' => password_hash($password, PASSWORD_DEFAULT)]);
|
||||
|
||||
return $this->respond(['message' => 'Password has been successfully set.']);
|
||||
}
|
||||
*/
|
||||
/**
|
||||
* Sends a confirmation email to the authorized user.
|
||||
*
|
||||
* @param string $email
|
||||
* @param string $token
|
||||
*/
|
||||
private function sendAuthorizedUserConfirmationEmail($email, $token)
|
||||
{
|
||||
// Generate the confirmation link
|
||||
$confirmLink = site_url('/confirm_authorized_user?token=' . $token);
|
||||
|
||||
// Compose the email message
|
||||
$message = "
|
||||
<p>You have been added as an authorized user for another account. Click the link below to confirm your access:</p>
|
||||
<p><a href='{$confirmLink}'>Confirm Access</a></p>
|
||||
<p>If you did not request this, please ignore this email.</p>
|
||||
";
|
||||
|
||||
// Create an instance of the EmailController
|
||||
$emailController = new \App\Controllers\View\EmailController();
|
||||
$subject = 'Authorized User Confirmation';
|
||||
|
||||
// Send email
|
||||
if ($emailController->sendEmail($email, $subject, $message)) {
|
||||
log_message('info', 'Authorized user confirmation email sent to ' . $email);
|
||||
} else {
|
||||
log_message('error', 'Failed to send authorized user confirmation email to ' . $email);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user