<?
class MD_AUTH_HANDLER
{
var $error=null;
var $arData=array();
var $arFiles=array();
var $auth=false;
var $authHash=null;
var $APP;
var $DB;
var $USER;
var $action;
var $employee;
var $admin=false;
//construct
function __construct()
{
$this->APP=$GLOBALS["APPLICATION"];
$this->DB=$GLOBALS["DB"];
$this->USER=$GLOBALS["USER"];
$this->error=null;
Header('Content-Type: application/json; charset=utf-8');
$this->arData = $_SERVER['REQUEST_METHOD'] == 'POST' ? $_POST : $_GET;
$this->arFiles=$_FILES["files"];
$this->arData = $this->APP->ConvertCharsetArray($this->arData, 'UTF-8', LANG_CHARSET);
$this->productKey=$this->arData["access_key"];
$this->action=$this->arData["action"];
$this->AuthHttp();
$this->CheckAuth(false);
}
//auth http
function AuthHttp()
{
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER["PHP_AUTH_PW"]))
{
$rUser = new CUser();
if (($success = $rUser->Login($_SERVER['PHP_AUTH_USER'], $_SERVER["PHP_AUTH_PW"], 'N', 'Y')))
{
if($success==1){
$this->auth=true;
$this->CreateHash();
}
}
}
}
//check
function CheckAuth($show_success=false)
{
if($this->arData["login"] && $this->arData["password"])
{
$this->Authorize();
}elseif($this->arData["access_token"])
{
$this->LoginByHash();
}elseif(!$this->auth)
{
$this->ShowError(" LOGIN OR PASSWORD IS INCORRECT", 103);
}
if($this->auth && $show_success)
{
$this->ShowSuccess("AUTH IS SUCCESS", array());
}
}
//authorize
function Authorize()
{
$rUser = new CUser();
if (($error = $rUser->Login($this->arData['login'], $this->arData['password'], 'N', 'Y')) !== true)
{
$this->ShowError("LOGIN OR PASSWORD IS INCORRECT", 103);
}else{
$this->auth=true;
$this->CreateHash();
}
}
//Login by HASH
function LoginByHash(){
if (strlen($this->arData['access_token']) > 0)
{
$_REQUEST['bx_hit_hash'] = $this->arData['access_token'];
if($this->USER->LoginHitByHash()){
$this->auth=true;
}else
{
$this->auth=false;
$this->ShowError("INCORRECT HASH", 104);
}
}else{
$this->auth=false;
$this->ShowError("INCORRECT HASH", 104);
}
}
//Create auth hash
function CreateHash()
{
if(!$this->authHash)
$this->authHash=$this->USER->AddHitAuthHash($this->APP->GetCurPage());
}
//error send
function ShowError($str, $code)
{
$response=array(
"status"=>"error",
"statusCode"=>$code,
"message"=>$GLOBALS["APPLICATION"]->ConvertCharset($str, LANG_CHARSET, "UTF-8"),
"result"=>""
);
$GLOBALS["APPLICATION"]->RestartBuffer();
echo CUtil::PhpToJSObject($response);
exit();
}
//send success
function ShowSuccess($str, $result=array())
{
$response=array(
"status"=>"success",
"statusCode"=>"200",
"message"=>$GLOBALS["APPLICATION"]->ConvertCharset($str, LANG_CHARSET, "UTF-8"),
"result"=>$GLOBALS["APPLICATION"]->ConvertCharsetArray($result, LANG_CHARSET, "UTF-8"),
);
if($this->authHash)
{
$response["access_token"]=$this->authHash;
}
$GLOBALS["APPLICATION"]->RestartBuffer();
echo json_encode($response);
exit();
}
}
//use
$rest=new MD_AUTH_HANDLER();
?>