- Модуль: imopenlines
- Путь к файлу: ~/bitrix/modules/imopenlines/lib/widget/auth.php
- Класс: BitrixImopenlinesWidgetAuth
- Вызов: Auth::onRestCheckAuth
static function onRestCheckAuth(array $query, $scope, &$res)
{
$authCode = null;
foreach(static::$authQueryParams as $key)
{
if(array_key_exists($key, $query))
{
$authCode = $query[$key];
break;
}
}
if($authCode === null)
{
return null;
}
define('BX24_REST_SKIP_SEND_HEADERS', true);
$origin = BitrixMainContext::getCurrent()->getServer()->get('HTTP_ORIGIN');
if ($origin)
{
header('Access-Control-Allow-Origin: ' . $origin);
header('Access-Control-Allow-Credentials: true');
}
global $USER;
if (!$USER->IsAuthorized())
{
$USER->LoginByCookies();
}
if ($authCode == self::AUTH_CODE_GUEST)
{
if (self::checkQueryMethod(self::METHODS_WITHOUT_AUTH))
{
if ($USER->IsAuthorized())
{
if ($USER->GetParam('EXTERNAL_AUTH_ID') == User::EXTERNAL_AUTH_ID && mb_substr($USER->GetParam('XML_ID'), 0, mb_strlen(self::AUTH_TYPE)) == self::AUTH_TYPE)
{
$customAuthCode = BitrixMainApplication::getInstance()->getContext()->getRequest()->get(self::AUTH_CUSTOM_ID_PARAM);
if ($customAuthCode && preg_match("/^[a-fA-F0-9]{32}$/i", $customAuthCode))
{
$res = self::getSuccessfulResult();
return true;
}
else
{
$res = array(
'error' => 'LIVECHAT_AUTH_WIDGET_USER',
'error_description' => 'Livechat: you are authorized with a different user [1]',
'additional' => array('hash' => mb_substr($USER->GetParam('XML_ID'), mb_strlen(self::AUTH_TYPE) + 1))
);
return false;
}
}
else
{
$res = array(
'error' => 'LIVECHAT_AUTH_PORTAL_USER',
'error_description' => 'Livechat: you are authorized with a portal user [1]',
'additional' => array()
);
return false;
}
}
else
{
$res = self::getSuccessfulResult();
return true;
}
}
else
{
$res = array(
'error' => 'LIVECHAT_AUTH_METHOD_ERROR',
'error_description' => 'Livechat: you don't have access to use this method [1]',
'additional' => array()
);
return false;
}
}
else if (!preg_match("/^[a-fA-F0-9]{32}$/i", $authCode))
{
$res = array(
'error' => 'LIVECHAT_AUTH_FAILED',
'error_description' => 'LiveChat: user auth failed [code is not correct]',
'additional' => array()
);
}
else if ($_SESSION['LIVECHAT']['AUTH_ERROR_COUNTER'] > 3)
{
$res = array(
'error' => 'LIVECHAT_AUTH_BLOCKED',
'error_description' => 'LiveChat: user auth blocked',
'additional' => array()
);
return false;
}
if (!self::checkQueryMethod(array_merge(self::METHODS_WITH_AUTH, self::METHODS_WITHOUT_AUTH)))
{
$res = array(
'error' => 'LIVECHAT_AUTH_METHOD_ERROR',
'error_description' => 'Livechat: you don't have access to use this method [2]',
'additional' => array()
);
return false;
}
$xmlId = self::AUTH_TYPE."|".$authCode;
if ($USER->IsAuthorized())
{
if ($USER->GetParam('EXTERNAL_AUTH_ID') == User::EXTERNAL_AUTH_ID)
{
if ($USER->GetParam('XML_ID') == $xmlId)
{
$res = self::getSuccessfulResult();
CUser::SetLastActivityDate($USER->GetID(), true);
return true;
}
else
{
$res = array(
'error' => 'LIVECHAT_AUTH_WIDGET_USER',
'error_description' => 'Livechat: you are authorized with a different user [2]',
'additional' => array('hash' => mb_substr($USER->GetParam('XML_ID'), mb_strlen(self::AUTH_TYPE) + 1))
);
return false;
}
}
else
{
$res = array(
'error' => 'LIVECHAT_AUTH_PORTAL_USER',
'error_description' => 'Livechat: you are authorized with a portal user [2]',
'additional' => array()
);
return false;
}
}
$userData = BitrixMainUserTable::getList([
'select' => ['ID', 'EXTERNAL_AUTH_ID'],
'filter' => ['=XML_ID' => $xmlId]
])->fetch();
if($userData && $userData['EXTERNAL_AUTH_ID'] == User::EXTERNAL_AUTH_ID)
{
self::authorizeById($userData['ID']);
$res = self::getSuccessfulResult();
CUser::SetLastActivityDate($USER->GetID(), true);
return true;
}
$res = array(
'error' => 'LIVECHAT_AUTH_FAILED',
'error_description' => 'LiveChat: user auth failed [user not found]',
'additional' => array()
);
if (
$_SESSION['LIVECHAT']['AUTH_CODE']
&& $_SESSION['LIVECHAT']['AUTH_CODE'] != $xmlId
)
{
$_SESSION['LIVECHAT']['AUTH_ERROR_COUNTER'] += 1;
}
$_SESSION['LIVECHAT']['AUTH_CODE'] = $xmlId;
return false;
}