2017-09-01 18:13:25 +02:00
< ? php
switch ( $resource ) {
case 'login' :
2017-09-04 11:53:30 +02:00
// Controllo sulle credenziali
2018-09-20 12:05:22 +02:00
if ( auth () -> attempt ( $request [ 'username' ], $request [ 'password' ])) {
$user = auth () -> getUser ();
$token = auth () -> getToken ();
2017-09-01 18:13:25 +02:00
2017-09-04 11:53:30 +02:00
// Informazioni da restituire tramite l'API
2018-08-31 17:33:33 +02:00
$response [ 'user' ] = $dbo -> fetchOne ( 'SELECT `ragione_sociale`, `codice`, `piva`, `codice_fiscale`, `indirizzo`, `citta`, `provincia`, (SELECT `nome` FROM `an_nazioni` WHERE `an_nazioni`.`id` = `an_anagrafiche`.`id_nazione`) AS nazione, `telefono`, `fax`, `cellulare`, `an_anagrafiche`.`email` FROM `zz_users` LEFT JOIN `an_anagrafiche` ON `an_anagrafiche`.`idanagrafica` = `zz_users`.`idanagrafica` WHERE `id` = :id' , [
':id' => $user [ 'id' ],
]);
2017-09-01 18:13:25 +02:00
2018-08-09 15:33:01 +02:00
$response [ 'token' ] = $token ;
2018-08-31 17:33:33 +02:00
$response [ 'group' ] = $user [ 'gruppo' ];
2019-03-08 15:17:04 +01:00
$response [ 'google_maps_token' ] = setting ( 'Google Maps API key' );
2018-07-28 17:57:01 +02:00
2018-08-09 15:33:01 +02:00
$response [ 'version' ] = Update :: getVersion ();
2017-09-04 10:24:44 +02:00
} else {
2018-08-09 15:33:01 +02:00
$response = [
2017-09-04 10:24:44 +02:00
'status' => API :: getStatus ()[ 'unauthorized' ][ 'code' ],
];
2017-09-04 11:53:30 +02:00
// Se è in corso un brute-force, aggiunge il timeout
2017-09-04 10:24:44 +02:00
if ( Auth :: isBrute ()) {
2018-08-09 15:33:01 +02:00
$response [ 'timeout' ] = Auth :: getBruteTimeout ();
2017-09-04 10:24:44 +02:00
}
}
break ;
2017-09-04 11:53:30 +02:00
// Operazione di logout
2017-09-04 10:24:44 +02:00
case 'logout' :
if ( ! empty ( $request [ 'token' ]) && ! empty ( $user )) {
2017-09-04 16:04:45 +02:00
// Cancellazione della chiave
2018-08-10 17:14:09 +02:00
$database -> query ( 'DELETE FROM `zz_tokens` WHERE `token` = ' . prepare ( $request [ 'token' ]) . ' AND `id_utente` = ' . prepare ( $user [ 'id' ]));
2017-09-01 18:13:25 +02:00
} else {
2018-08-09 15:33:01 +02:00
$response = [
2017-09-01 18:13:25 +02:00
'status' => API :: getStatus ()[ 'unauthorized' ][ 'code' ],
];
}
break ;
}
return [
'login' ,
2017-09-04 11:53:30 +02:00
'logout' ,
2017-09-01 18:13:25 +02:00
];