<?php
/**
* @link http://github.com/zendframework/ZendSkeletonApplication for the canonical source repository
* @copyright Copyright (c) 2005-2016 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
namespace Application\Controller;
use Application\Master;
use Zend\View\Model\ViewModel;
class UserController extends \Application\Master\GlobalActionController
{
public function __construct($headScript)
{
$this->headScript = $headScript;
}
public function indexAction() {
$result = new Result(0, 403, 'invalid_controller');
header('Content-Type: application/json');
return $this->redirect()->toRoute('login');
}
public function loginAction(){
try {
$view = new ViewModel();
$session = $this->getSession();
$token_keamanan = md5(uniqid(mt_rand(), true));
error_log('$token_keamanan: ' . $token_keamanan);
if($session) {
$session->put(null, array('token_keamanan' => $token_keamanan));
$message = $session->get('message');
} else {
$message = 'Tidak dapat mengakses database. Mohon ulangi beberapa saat lagi.';
}
$view->setVariables(array(
'message' => $message,
'token_keamanan' => $token_keamanan
));
//$view->setTerminal(true);
//$this->layout("layout/layout");
$this->layout('layout/login');
//$view->headTitle('Login')->setSeparator(' - ');
//$this->view->headTitle("login bray");
$this->headScript->appendFile('/action-js/index-js/login-user-action.js');
return $view;
} catch (Exception $ex) {
error_log($ex->getMessage());
return $this->redirect()->toRoute('login');
}
}
public function authenticateAction(){
try {
$uri = $this->getRequest()->getUri();
$baseurl = sprintf('//%s', $uri->getHost());
$post = $this->getRequest()->getPost();
$session = $this->getSession();
// if (strlen('' . $post['token_keamanan']) <= 0 || $post['token_keamanan'] <> $session->get('token_keamanan')) {
// $message = htmlspecialchars('Token login tidak sesuai. Mohon ulangi.', ENT_QUOTES, 'UTF-8');
// $session->put(null, array('message' => $message));
// return $this->redirect()->toRoute('login');
// }
$username = $post['username'];
$password = $post['passwd'];
$storage = \Khansia\Access\User\Storage::factory($this->getDb(), $this->getConfig());
$user = new \Khansia\Access\User($storage);
if($user->load($username, \Khansia\Access\User\Storage::LOADBY_CODE)){ // sukses load then
$authResult = $user->authenticate($password, null, \Khansia\Access\User::RETRIES_TRUE);
if($authResult->code == $authResult::CODE_SUCCESS) {
$session->owner($user->id);
/* get access role */
$access = $user->loadAccess($user->id);
$accessArray = array();
foreach($access->data as $data=> $val){
if($val['access_status'] == 'TRUE'){
$newStat = true;
}else{
$newStat = false;
}
$accessArray[$val['access_code']] = $newStat;
}
$session->put(null, array(
'baseurl' => $baseurl,
'user_id' => $user->id,
'usernamed' => $user->username,
'passwd' => $user->password,
'name' => $user->name,
'role' => $user->role,
'status' => $user->status,
'deviceid' => $user->deviceid,
'token' => $user->token,
'email' => $user->email,
'retries' => $user->retries,
'create_dtm' => $user->create_dtm,
'access' => $accessArray,
'role_code' => $access->data[0]['role_code'],
));
$session->flush();
/* direct data */
if($user->role == 10){
return $this->redirect()->toRoute('home');
}else {
return $this->redirect()->toRoute('admin');
}
}else{
switch($authResult->code) {
case \Khansia\Access\User::CODE_AUTH_INVALID:
$authMessage = 'User tidak valid';
break;
case \Khansia\Access\User::CODE_AUTH_SUSPEND:
$authMessage = 'User ditangguhkan';
break;
case \Khansia\Access\User::CODE_AUTH_LOCKED:
$authMessage = 'User tidak aktif';
break;
case \Khansia\Access\User::CODE_AUTH_FAILED:
$authMessage = 'Password tidak sesuai';
break;
}
$message = htmlspecialchars($authMessage, ENT_QUOTES, 'UTF-8');
$session->put(null, array('message' => $message));
return $this->redirect()->toRoute('login');
}
}else{
$session = $this->getSession();
$session->put(null, array('message' => "incorrect username or password "));
return $this->redirect()->toRoute('login');
}
} catch (\Exception $ex) {
$session = $this->getSession();
$message = htmlspecialchars($ex->getMessage(), ENT_QUOTES, 'UTF-8');
$session->put(null, array('message' => $message));
return $this->redirect()->toRoute('login');
}
}
public function logoutAction() {
try {
$session = $this->getSession();
$session->stop();
return $this->redirect()->toRoute('login');
} catch (\Exception $ex) {
return $this->redirect()->toRoute('login');
}
}
public function registrationAction(){
$view = new ViewModel();
$uri = $this->getRequest()->getUri();
$baseurl = sprintf('//%s', $uri->getHost());
$this->headScript->appendScript(' var baseURL = "' . $baseurl . '"');
$this->headScript->appendFile('/action-js/index-js/register-user-action.js');
$this->layout("layout/login");
return $view;
}
public function profileAction(){
$view = new ViewModel();
$uri = $this->getRequest()->getUri();
$baseurl = sprintf('//%s', $uri->getHost());
$session_data = $this->getSession();
// $storage = \Khansia\Access\User\Storage::factory($this->getDb(), $this->getConfig());
// $user = new \Khansia\Access\User($storage);
//$user = new \Khansia\Access\User($storage);
$view->setVariables(array(
'id_user' => $session_data->get('user_id'),
'name' => $session_data->get('name'),
'email' => $session_data->get('email'),
'username' => $session_data->get('usernamed'),
));
$this->headScript->appendScript(' var baseURL = "' . $baseurl . '"');
$this->headScript->appendScript(' var idUserProfile = "' . $session_data->get('user_id') . '"');
$this->headScript->appendFile('/action-js/index-js/user-profile-action.js');
$this->layout()->myParameter = $session_data->get('usernamed');
$this->layout("layout/menu");
return $view;
}
public function adminpageAction(){
$view = new ViewModel();
$uri = $this->getRequest()->getUri();
$baseurl = sprintf('//%s', $uri->getHost());
$session_data = $this->getSession();
// if($session_data->get('role') != 20){
// $this->redirect()->toRoute('admin');
// }
$view->setVariables(array(
'id_user' => $session_data->get('user_id'),
'name' => $session_data->get('name'),
'email' => $session_data->get('email'),
'username' => $session_data->get('usernamed'),
'role' => $session_data->get('role'),
));
$this->headScript->appendScript(' var baseURL = "' . $baseurl . '"');
$this->headScript->appendFile('/template/js/demo/user-list-action.js');
$this->layout()->myParameter = $session_data->get('usernamed');
$this->layout("layout/admin");
return $view;
}
}