<?php
/* Authors : Carlos C. Corrada-Bravo
David J. Ortiz-Rivera
Organization : Centro de Desarrollo y Consultoria Computacional
Project : OPASO Material Registry
File : session.php
Description : Handle google login for OPASO */
/* verify token */
if(isset($_GET["code"])){
/* initialize client */
require_once "vendor/autoload.php";
$config = "config/o_auth.json";
$client = new Google_Client();
$client->setAuthConfig($config);
/* fetch token */
$token = $client->fetchAccessTokenWithAuthCode($_GET["code"]);
/* handle expired token */
if(isset($token["error"])){
header("Location: /?error=token_expired");
die();
}
/* verify login */
else{
/* extract user email */
require "config/database.php";
$client->setAccessToken($token["access_token"]);
$google_oauth = new Google_Service_Oauth2($client);
$account_info = $google_oauth->userinfo->get();
$email = $account_info->email;
/* fetch user data */
$sign_in = $db->prepare("SELECT person_id,person_name FROM Person WHERE email=?");
$sign_in->bind_param("s",$email);
$sign_in->execute();
$sign_in->bind_result($person_id,$person_name);
$sign_in->store_result();
/* registered email */
if($sign_in->fetch()){
$authorized = $db->prepare("SELECT Authorized.lab_id,Laboratory.lab_room,Authorized.access_level FROM Authorized INNER JOIN Laboratory ON Laboratory.lab_id = Authorized.lab_id WHERE person_id=? AND Authorized.access_level!='none' ORDER BY Laboratory.lab_room ASC");
$authorized->bind_param("i",$person_id);
$authorized->execute();
$authorized->bind_result($lab_id,$lab_room,$access_level);
$authorized->store_result();
/* start user session */
start_session();
$_SESSION["authorized"] = array();
$access_level = "technician";
$pi_flag = false;
$admin_flag = false;
/* fetch entries */
while($authorized->fetch()){
if($access_level == "investigator"){
$pi_flag = true;
}
elseif($access_level == "admin"){
$admin_flag = true;
}
$_SESSION["authorized"][$lab_id] = array("lab_room" => $lab_room, "access_level" => $access_level);
}
/* set user data */
$_SESSION["person_id"] = $person_id;
$_SESSION["person_name"] = explode(" ",$person_name)[0];
/* set highest access level */
if($pi_flag){
$access_level = "investigator";
}
elseif($admin_flag){
$access_level = "admin";
}
$_SESSION["access_level"] = $access_level;
$_SESSION["created"] = time();
$_SESSION["last_activity"] = time();
/* save lab data */
while($authorized->fetch()){
$_SESSION["authorized"][$lab_id] = array("lab_room" => $lab_room, "access_level" => $access_level);
}
/* set user data */
$_SESSION["person_id"] = $person_id;
$_SESSION["person_name"] = explode(" ",$person_name)[0];
$_SESSION["created"] = time();
$_SESSION["last_activity"] = time();
$sign_in->close();
$authorized->close();
header("Location: menu");
exit();
}
/* unregistered email */
else{
header("Location: /?error=login_failed");
die();
}
$sign_in->close();
}
}
/* redirect to index */
else{
header("Location: /");
die();
}
/* start session */
function start_session(){
/* start user session */
if(!isset($_SESSION)){
session_start();
}
}
?>