Proyecto en colaboración con OPASO

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
  1. <?php
  2. /* Authors : Carlos C. Corrada-Bravo
  3. David J. Ortiz-Rivera
  4. Organization : Centro de Desarrollo y Consultoria Computacional
  5. Project : OPASO Material Registry
  6. File : session.php
  7. Description : Handle google login for OPASO */
  8. /* verify token */
  9. if(isset($_GET["code"])){
  10. /* initialize client */
  11. require_once "vendor/autoload.php";
  12. $config = "config/o_auth.json";
  13. $client = new Google_Client();
  14. $client->setAuthConfig($config);
  15. /* fetch token */
  16. $token = $client->fetchAccessTokenWithAuthCode($_GET["code"]);
  17. /* handle expired token */
  18. if(isset($token["error"])){
  19. header("Location: /?error=token_expired");
  20. die();
  21. }
  22. /* verify login */
  23. else{
  24. /* extract user email */
  25. require "config/database.php";
  26. $client->setAccessToken($token["access_token"]);
  27. $google_oauth = new Google_Service_Oauth2($client);
  28. $account_info = $google_oauth->userinfo->get();
  29. $email = $account_info->email;
  30. /* fetch user data */
  31. $sign_in = $db->prepare("SELECT person_id,person_name FROM Person WHERE email=?");
  32. $sign_in->bind_param("s",$email);
  33. $sign_in->execute();
  34. $sign_in->bind_result($person_id,$person_name);
  35. $sign_in->store_result();
  36. /* registered email */
  37. if($sign_in->fetch()){
  38. $authorized = $db->prepare("SELECT Authorized.lab_id,Laboratory.lab_room,Authorized.access_level FROM Authorized INNER JOIN Laboratory ON Laboratory.lab_id = Authorized.lab_id WHERE person_id=? AND Authorized.access_level!='none' ORDER BY Laboratory.lab_room ASC");
  39. $authorized->bind_param("i",$person_id);
  40. $authorized->execute();
  41. $authorized->bind_result($lab_id,$lab_room,$access_level);
  42. $authorized->store_result();
  43. /* start user session */
  44. start_session();
  45. $_SESSION["authorized"] = array();
  46. $access_level = "technician";
  47. $pi_flag = false;
  48. $admin_flag = false;
  49. /* fetch entries */
  50. while($authorized->fetch()){
  51. if($access_level == "investigator"){
  52. $pi_flag = true;
  53. }
  54. elseif($access_level == "admin"){
  55. $admin_flag = true;
  56. }
  57. $_SESSION["authorized"][$lab_id] = array("lab_room" => $lab_room, "access_level" => $access_level);
  58. }
  59. /* set user data */
  60. $_SESSION["person_id"] = $person_id;
  61. $_SESSION["person_name"] = explode(" ",$person_name)[0];
  62. /* set highest access level */
  63. if($pi_flag){
  64. $access_level = "investigator";
  65. }
  66. elseif($admin_flag){
  67. $access_level = "admin";
  68. }
  69. $_SESSION["access_level"] = $access_level;
  70. $_SESSION["created"] = time();
  71. $_SESSION["last_activity"] = time();
  72. /* save lab data */
  73. while($authorized->fetch()){
  74. $_SESSION["authorized"][$lab_id] = array("lab_room" => $lab_room, "access_level" => $access_level);
  75. }
  76. /* set user data */
  77. $_SESSION["person_id"] = $person_id;
  78. $_SESSION["person_name"] = explode(" ",$person_name)[0];
  79. $_SESSION["created"] = time();
  80. $_SESSION["last_activity"] = time();
  81. $sign_in->close();
  82. $authorized->close();
  83. header("Location: menu");
  84. exit();
  85. }
  86. /* unregistered email */
  87. else{
  88. header("Location: /?error=login_failed");
  89. die();
  90. }
  91. $sign_in->close();
  92. }
  93. }
  94. /* redirect to index */
  95. else{
  96. header("Location: /");
  97. die();
  98. }
  99. /* start session */
  100. function start_session(){
  101. /* start user session */
  102. if(!isset($_SESSION)){
  103. session_start();
  104. }
  105. }
  106. ?>