added sql migrations

merlosy · Sep 15, 2014 · 2bb9efa · 2bb9efa
1 parent e4613e9
commit 2bb9efa
Show file tree

Hide file tree

Showing 7 changed files with 121 additions and 11 deletions.
diff --git a/app/config/database.php b/app/config/database.php
@@ -26,7 +26,8 @@
 	|
 	*/
 
-	'default' => 'mongodb',
+	'default' => 'mysql',
+	// 'default' => 'mongodb',
 
 	/*
 	|--------------------------------------------------------------------------
@@ -64,9 +65,9 @@
 		'mysql' => array(
 			'driver'    => 'mysql',
 			'host'      => 'localhost',
-			'database'  => 'database',
-			'username'  => 'root',
-			'password'  => '',
+			'database'  => 'test_api',
+			'username'  => 'test_user',
+			'password'  => 'test_password',
 			'charset'   => 'utf8',
 			'collation' => 'utf8_unicode_ci',
 			'prefix'    => '',

diff --git a/app/controllers/UserController.php b/app/controllers/UserController.php
@@ -8,6 +8,9 @@ public function index() {
 		return User::all();
 	}
 
+	/**
+	 *	Create a new user account
+	 */
 	public function store() {
 
 		$input = Input::all();
@@ -35,6 +38,9 @@ public function store() {
 		return ApiResponse::json($user);
 	}
 
+	/**
+	 *	Authenticate a registered user, with its email and password
+	 */
 	public function authenticate() {
 
 		$input = Input::all();
@@ -70,6 +76,11 @@ public function authenticate() {
 		}
 	}
 
+	/**
+	 *	Authenticate a user based on Facebook access token. If the email address from facebook is already in the database, 
+	 *	the facebook user id will be added. 
+	 *	If not, a new user will be created with a random password and user info from facebook.
+	 */
 	public function authenticateFacebook() {
 
 		$input = Input::all();
@@ -87,7 +98,7 @@ public function authenticateFacebook() {
 
 			Log::info( json_encode( $profile->asArray() ) );
 
-			$user = User::where('facebook.id', '=', $profile->getId() )->first();
+			$user = User::where('facebook_id', '=', $profile->getId() )->first();
 
 			if ( !($user instanceof User) )
 				$user = User::where('email', '=', $profile->getProperty('email') )->first();
@@ -101,7 +112,7 @@ public function authenticateFacebook() {
 				$user->password = Hash::make( uniqid() );
 			}
 
-			$user->facebook = array('id'	=>	$profile->getId() );
+			$user->facebook_id = $profile->getId();
 			$user->save();
 
 			$device_id = Input::has('device_id')? $input['device_id'] : '';
@@ -125,6 +136,10 @@ public function authenticateFacebook() {
 		}
 	}
 
+	/**
+	 *	Logout a user: remove the specified active token from the database
+	 *	@param user User
+	 */
 	public function logout( $user ) {
 
 		if ( !Input::has('token') ) return ApiResponse::json('No token given.');
@@ -134,7 +149,7 @@ public function logout( $user ) {
 
 		if ( empty($token) ) return ApiResponse::json('No active session found.');
 
-		if ( $token->user_id !== $user->id ) return ApiResponse::errorForbidden('You do not own this token.');
+		if ( $token->user_id !== $user->_id ) return ApiResponse::errorForbidden('You do not own this token.');
 
 		if ( $token->delete() ){
 			Log::info('<!> Logged out from : '.$input_token );
@@ -145,6 +160,9 @@ public function logout( $user ) {
 
 	}
 
+	/**
+	 *	Show all active sessions for the specified user, check access rights
+	 */
 	public function sessions() {
 
 		if ( !Input::has('token') ) return ApiResponse::json('No token given.');
@@ -158,6 +176,10 @@ public function sessions() {
 		return ApiResponse::json( $user );
 	}
 
+	/**
+	 *	Not functional
+	 *	@deprecated
+	 */
 	public function forgot() {
 		$input = Input::all();
 		$validator = Validator::make( $input, User::getForgotRules() );
@@ -180,6 +202,10 @@ public function forgot() {
 		}
 	}
 
+	/**
+	 *	Not functional
+	 *	@deprecated
+	 */
 	public function resetPassword() {
 		$input = Input::all();
 		$validator = Validator::make( $input, User::getResetPassRules() );
@@ -203,6 +229,10 @@ public function resetPassword() {
 		}
 	}
 
+	/**
+	 *	Show all active sessions for the specified user, no access right check
+	 *	@param user User
+	 */
 	public function show($user) {
 		$user->sessions;
 		// Log::info('<!> Showing : '.$user );

diff --git a/app/database/migrations/2014_09_15_163208_create_users_table.php b/app/database/migrations/2014_09_15_163208_create_users_table.php
@@ -0,0 +1,38 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateUsersTable extends Migration {
+
+	/**
+	 * Run the migrations.
+	 *
+	 * @return void
+	 */
+	public function up()
+	{
+		Schema::create('users', function(Blueprint $table)
+        {
+            $table->increments('_id');
+            $table->string('email');
+            $table->string('firstname');
+            $table->string('lastname');
+            $table->string('password');
+            $table->string('facebook_id')->nullable();
+            $table->softDeletes();
+            $table->timestamps();
+        });
+	}
+
+	/**
+	 * Reverse the migrations.
+	 *
+	 * @return void
+	 */
+	public function down()
+	{
+		Schema::drop('users');
+	}
+
+}
diff --git a/app/database/migrations/2014_09_15_164006_create_tokens_table.php b/app/database/migrations/2014_09_15_164006_create_tokens_table.php
@@ -0,0 +1,38 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateTokensTable extends Migration {
+
+	/**
+	 * Run the migrations.
+	 *
+	 * @return void
+	 */
+	public function up()
+	{
+		Schema::create('tokens', function(Blueprint $table)
+        {
+            $table->increments('_id');
+            $table->integer('user_id')->unsigned()->index();
+            $table->string('key');
+            $table->string('device_id');
+            $table->string('device_os');
+            $table->string('device_token')->nullable();
+            $table->timestamps();
+        });
+	}
+
+	/**
+	 * Reverse the migrations.
+	 *
+	 * @return void
+	 */
+	public function down()
+	{
+		Schema::drop('tokens');
+
+	}
+
+}
diff --git a/app/filters.php b/app/filters.php
@@ -35,11 +35,11 @@
 
 Route::filter('logged_in', function()
 {
-	if ( !Input::has('token') ) return ApiResponse::error("No token found.");
+	if ( !Input::has('token') ) return ApiResponse::errorUnauthorized("No token found.");
 
 	$token = Input::get('token');
 	if ( !Token::where('key', '=', $token )->exists() )
-		return ApiResponse::error("Token mismatched.");
+		return ApiResponse::errorUnauthorized("Token mismatched.");
 });
 
 Route::filter('auth', function()

diff --git a/app/models/Token.php b/app/models/Token.php
@@ -13,6 +13,9 @@ public static function getInstance() {
 		do {
 			 $key = openssl_random_pseudo_bytes ( 30 , $strongEnough );
 		} while( !$strongEnough );
+        $key = str_replace( '+', '', base64_encode($key) );
+        $key = str_replace( '/', '', $key );
+
         $token->key = base64_encode($key);
 
         return $token;

diff --git a/app/models/User.php b/app/models/User.php
@@ -52,7 +52,7 @@ public static function getAuthRules() {			return self::$authRules; }
 
 	public function isOwnerOf($token) {
         $owner = Token::userFor( $token );
-        if ( empty($owner) || $owner->user_id!=$this->id )
+        if ( empty($owner) || $owner->user_id!=$this->_id )
             return false;
         else
             return true;
@@ -75,7 +75,7 @@ public function login( $device_id=null, $device_type=null, $device_token=null )
 					->delete();
 
 		$token = Token::getInstance();
-		$token->user_id	= $this->id;
+		$token->user_id	= $this->_id;
 		$token->device_id = $device_id;
 		$token->device_os =	$device_type;
 		$token->device_token = $device_token;