-
Notifications
You must be signed in to change notification settings - Fork 0
/
sign_in_api.php
91 lines (78 loc) · 2.92 KB
/
sign_in_api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
session_start();
// include database file
include_once 'mongodb_config.php';
class SignIn{
private $email;
private $inputPassword;
public $dbname = 'tender';
public $collection = 'user';
public $db;
public $conn;
public function __construct( $dbname, $collection, $email, $inputPassword){
$this->dbname = $dbname;
$this->collection = $collection;
$this->email = $email;
$this->db = new DbManager();
$this->conn = ( $this->db)->getConnection();
$this->inputPassword = $inputPassword;
}
public function getInfoArray(){
$filter = ['email' => $this->email, 'password'=> $this->inputPassword];
$option = [ 'projection' => ['name'=> 1, 'password'=> 1, 'mgr_id'=> 1, 'company_id'=> 1, 'active'=> 1]];
$read = new MongoDB\Driver\Query($filter, $option);
//fetch records
$records = $this->conn->executeQuery("$this->dbname.$this->collection", $read);
$array = iterator_to_array($records);
return $array[0];
}
public function getPswdFromArray(){
$infoArray = $this->getInfoArray();
return $infoArray->password;
}
public function matchPassword(){
$passwordFromDB = $this->getPswdFromArray();
if( strcmp( $passwordFromDB, $this->inputPassword) == 0){
return true;
}
else{
return false;
}
}
public function getDisplayInfo(){
$signInData = $this->getInfoArray();
// $response = json_decode($signInData);
// echo json_encode( $signInData);
return $signInData;
}
public function wihtoutSensitiveFields() {
$signInData = $this->getDisplayInfo();
unset($signInData->password);
return $signInData;
}
}
$email = $_POST["email"];
$inputPassword = $_POST["password"];
$signInObject = new SignIn("tender", "user", $email, $inputPassword);
$passwordFromDB = $signInObject->getPswdFromArray();
$signInData = $signInObject->wihtoutSensitiveFields();
$response->success = $signInObject->matchPassword();
if ($response->success) {
$response->body = $signInData;
}
$_SESSION["oid"] = $response->body->oid;
$_SESSION["email"] = $email;
$_SESSION["mgr_id"] = $response->body->mgr_id;
$_SESSION["name"] = $response->body->name;
$_SESSION["password"] = $passwordFromDB;
$_SESSION["company_id"] = $response->body->company_id;
if(strcmp($response->body->active,'1') != 0){
echo "{\"success\":false}";
}
else{
echo json_encode($response);
}
?>