[Back] <?php
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly.
}
if ( ! class_exists( 'OsAuthController' ) ) :
class OsAuthController extends OsController {
function __construct() {
parent::__construct();
$this->action_access['public'] = array_merge( $this->action_access['public'], [
'logout_customer',
'login_customer',
'login_customer_using_social_data',
'login_customer_using_google_token',
'login_customer_using_facebook_token',
'request_otp',
'verify_otp'
] );
$this->views_folder = LATEPOINT_VIEWS_ABSPATH . 'auth/';
}
public function verify_otp(){
$this->check_nonce( 'otp_verify_otp_nonce', $this->params['otp']['verify_nonce'] );
$otp_verification_params = $this->params_for_otp_verification();
$otp_code = $otp_verification_params['otp_code'];
$contact_type = $otp_verification_params['contact_type'];
$contact_value = $otp_verification_params['contact_value'];
$result = OsOTPHelper::verifyOTP($otp_code, $contact_value, $contact_type, 'email');
$message = __('Invalid Code', 'latepoint');
$status = LATEPOINT_STATUS_ERROR;
if ( is_wp_error($result) ) {
$message = $result->get_error_message();
}elseif($result['status'] == LATEPOINT_STATUS_ERROR){
$message = $result['message'];
}elseif($result['status'] == LATEPOINT_STATUS_SUCCESS) {
// Success
$status = LATEPOINT_STATUS_SUCCESS;
$message = OsOTPHelper::create_verification_token($contact_value, $contact_type);
// if auth is enabled - make sure customer is logged in
if(OsAuthHelper::is_customer_auth_enabled() && !OsAuthHelper::is_customer_logged_in()){
$customer = OsCustomerHelper::get_by_contact($contact_value, $contact_type);
if($customer && !$customer->is_new_record()){
OsAuthHelper::authorize_customer($customer->id);
}
}
}
$this->send_json( array( 'status' => $status, 'message' => $message ) );
}
public function request_otp(){
$this->check_nonce( 'auth_nonce', $this->params['auth']['nonce'] );
$auth_params = $this->params_for_otp_request();
$contact_type = $auth_params['contact_type'];
$contact_value = $auth_params[$contact_type];
$delivery_method = $auth_params['delivery_method'];
if(OsAuthHelper::is_classic_auth_flow()){
// in classic flow - you can't send a OTP request to a non existent account
$customer = new OsCustomerModel();
if($contact_type == 'email'){
$existing_customer = $customer->where(['email' => $contact_value])->set_limit(1)->get_results_as_models();
if(!$existing_customer){
$this->send_json( array( 'status' => LATEPOINT_STATUS_ERROR, 'message' => __('We don\'t recognize this email. Double-check it or create an account.', 'latepoint') ) );
}
}elseif($contact_type == 'phone'){
$existing_customer = $customer->where(['phone' => $contact_value])->set_limit(1)->get_results_as_models();
if(!$existing_customer){
$this->send_json( array( 'status' => LATEPOINT_STATUS_ERROR, 'message' => __('We don\'t recognize this phone number. Double-check it or create an account.', 'latepoint') ) );
}
}
}
$result = OsOTPHelper::generateAndSendOTP($contact_value, $contact_type, $delivery_method);
$message = __('Error sending OTP', 'latepoint');
$status = LATEPOINT_STATUS_ERROR;
if ( is_wp_error($result) ) {
$message = $result->get_error_message();
}elseif($result['status'] == LATEPOINT_STATUS_ERROR){
$message = $result['message'];
}elseif($result['status'] == LATEPOINT_STATUS_SUCCESS){
// Success
$status = LATEPOINT_STATUS_SUCCESS;
$message = OsOTPHelper::otp_input_box_html($contact_type, $contact_value, $delivery_method);
}
$this->send_json( array( 'status' => $status, 'message' => $message ) );
}
private function params_for_otp_verification(): array {
$params = OsParamsHelper::get_param( 'otp' );
if ( empty( $params ) ) {
return [];
}
$otp_params = OsParamsHelper::permit_params( $params, [
'contact_value',
'contact_type',
'delivery_method',
'otp_code'
] );
$otp_params['otp_code'] = sanitize_text_field( $otp_params['otp_code'] );
$otp_params['delivery_method'] = sanitize_text_field( $otp_params['delivery_method'] );
if($otp_params['contact_type'] == 'phone'){
$otp_params['contact_value'] = sanitize_text_field( $otp_params['contact_value'] );
}
if($otp_params['contact_type'] == 'email'){
$otp_params['contact_value'] = sanitize_email( $otp_params['contact_value'] );
}
/**
* Filtered auth params for steps
*
* @param {array} $otp_params a filtered array of auth params
* @param {array} $params unfiltered 'auth' params
* @returns {array} $otp_params a filtered array of auth params
*
* @since 5.2.0
* @hook latepoint_auth_params_for_otp_verification
*
*/
return apply_filters( 'latepoint_auth_params_for_otp_verification', $otp_params, $params );
}
private function params_for_otp_request(): array {
$params = OsParamsHelper::get_param( 'auth' );
if ( empty( $params ) ) {
return [];
}
$auth_params = OsParamsHelper::permit_params( $params, [
'email',
'phone',
'contact_type',
'delivery_method',
'otp_code'
] );
if ( ! empty( $auth_params['email'] ) ) {
$auth_params['email'] = sanitize_email( $auth_params['email'] );
}
if ( ! empty( $auth_params['phone'] ) ) {
$auth_params['phone'] = sanitize_text_field( $auth_params['phone'] );
}
if ( ! empty( $auth_params['otp_code'] ) ) {
$auth_params['otp_code'] = sanitize_text_field( $auth_params['otp_code'] );
}
/**
* Filtered auth params for steps
*
* @param {array} $auth_params a filtered array of auth params
* @param {array} $params unfiltered 'auth' params
* @returns {array} $auth_params a filtered array of auth params
*
* @since 5.2.0
* @hook latepoint_params_for_otp_request
*
*/
return apply_filters( 'latepoint_params_for_otp_request', $auth_params, $params );
}
// Logs out customer and shows blank contact step
public function logout_customer() {
OsAuthHelper::logout_customer();
if ( $this->get_return_format() == 'json' ) {
$this->send_json( array( 'status' => LATEPOINT_STATUS_SUCCESS, 'message' => __( 'You have been logged out of your account.', 'latepoint' ) ) );
}
}
// Login customer and show contact step with prefilled info
public function login_customer() {
$contact_type = $this->params['auth']['contact_type'];
$contact_value = ($contact_type == 'email') ? $this->params['auth']['email'] : $this->params['auth']['phone'];
$customer = OsAuthHelper::login_customer( $contact_value, $this->params['auth']['password'], $this->params['auth']['contact_type'] );
if ( $customer ) {
$status = LATEPOINT_STATUS_SUCCESS;
$customer_id = $customer->id;
$response_html = __( 'Welcome back', 'latepoint' );
} else {
$status = LATEPOINT_STATUS_ERROR;
if($contact_type == 'email'){
$response_html = __( 'Sorry, that email or password didn\'t work.', 'latepoint' );
}elseif($contact_type == 'phone'){
$response_html = __( 'Sorry, that phone number or password didn\'t work.', 'latepoint' );
}else{
$response_html = __( 'Sorry, that didn\'t work.', 'latepoint' );
}
$customer_id = '';
}
if ( $this->get_return_format() == 'json' ) {
$this->send_json( array( 'status' => $status, 'message' => $response_html, 'customer_id' => $customer_id ) );
}
}
public function login_customer_using_social_data( $network, $social_user ) {
$customer_id = '';
if ( isset( $social_user['social_id'] ) ) {
$customer_was_updated = false;
$old_customer_data = [];
$social_id_field_name = $network . '_user_id';
$status = LATEPOINT_STATUS_SUCCESS;
$response_html = $social_user['social_id'];
// Search for existing customer with email that google provided
$customer = new OsCustomerModel();
$customer = $customer->where( array( 'email' => $social_user['email'] ) )->set_limit( 1 )->get_results_as_models();
if ( OsAuthHelper::can_wp_users_login_as_customers() ) {
if ( $customer->wordpress_user_id != email_exists( $social_user['email'] ) ) {
$old_customer_data = $customer->get_data_vars();
$customer->update_attributes( [ 'wordpress_user_id' => null ] );
$wp_user_id = OsCustomerHelper::create_wp_user_for_customer( $customer );
$customer_was_updated = true;
if ( ! $wp_user_id ) {
$status = LATEPOINT_STATUS_ERROR;
$response_html = __( 'Error creating wp user', 'latepoint' );
}
}
}
// Create customer if its not found
if ( ! $customer ) {
$customer = new OsCustomerModel();
$customer->first_name = $social_user['first_name'];
$customer->last_name = $social_user['last_name'];
$customer->email = $social_user['email'];
$customer->$social_id_field_name = $social_user['social_id'];
if ( ! $customer->save( true ) ) {
$response_html = $customer->get_error_messages();
$status = LATEPOINT_STATUS_ERROR;
} else {
do_action( 'latepoint_customer_created', $customer );
}
}
if ( ( $status == LATEPOINT_STATUS_SUCCESS ) && $customer->id ) {
$customer_id = $customer->id;
// Update customer google user id if its not set yet
if ( $customer->$social_id_field_name != $social_user['social_id'] ) {
$old_customer_data = $customer->get_data_vars();
$customer->$social_id_field_name = $social_user['social_id'];
$customer->save();
$customer_was_updated = true;
}
OsAuthHelper::authorize_customer( $customer->id );
$response_html = __( 'Welcome back', 'latepoint' );
}
if ( $customer_was_updated && $old_customer_data ) {
do_action( 'latepoint_customer_updated', $customer, $old_customer_data );
}
} else {
// ERROR WITH GOOGLE LOGIN
$status = LATEPOINT_STATUS_ERROR;
$response_html = $social_user['error'];
}
if ( $this->get_return_format() == 'json' ) {
$this->send_json( array( 'status' => $status, 'message' => $response_html, 'customer_id' => $customer_id ) );
}
}
public function login_customer_using_google_token() {
$social_user = [];
$token = sanitize_text_field( $this->params['token'] );
$social_user = apply_filters( 'latepoint_get_social_user_by_token', $social_user, 'google', $token );
if ( !empty($social_user) ) {
$this->login_customer_using_social_data( 'google', $social_user );
}
}
public function login_customer_using_facebook_token() {
$social_user = [];
$token = sanitize_text_field( $this->params['token'] );
$social_user = apply_filters( 'latepoint_get_social_user_by_token', $social_user, 'facebook', $token );
if ( !empty($social_user) ) {
$this->login_customer_using_social_data( 'facebook', $social_user );
}
}
}
endif;