Нема описа

callback.php 2.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122
  1. <?php
  2. require_once 'config.php';
  3. // IF A SESSION ALREADY EXISTS, USE EXISTING TOKEN
  4. // ELSE IF THERE'S NO SESSION BUT $_GET HAS USER AUTHCODE, OBTAIN NEW TOKEN
  5. // ELSE REDIRECT TO ERROR PAGE
  6. if(isset($_SESSION['token'])) {
  7. $client->setAccessToken($_SESSION['token']);
  8. }
  9. else if(isset($_GET['code'])) {
  10. $token = $client->fetchAccessTokenWithAuthCode($_GET['code']);
  11. // IF 'code' IS NOT AUTHENTIC, TOKEN IS AN ARRAY WITH 'error' SET TO SOMETHING (i.e. 'invalid_grant')
  12. if(isset($token['error'])) {
  13. header('Location: ./logout.php');
  14. die();
  15. }
  16. $_SESSION['token'] = $token;
  17. }
  18. else {
  19. header('Location: ../home.php');
  20. exit();
  21. }
  22. // var_dump($_GET);
  23. // var_dump($_SESSION);
  24. $oAuth = new Google_Service_Oauth2($client);
  25. $userData = $oAuth->userinfo_v2_me->get();
  26. /*
  27. Algunos keys de los datos que se pueden extraer:
  28. (USADOS)
  29. -SCOPE 'profile': name, picture
  30. -SCOPE 'email': email
  31. (NO USADOS)
  32. *-SCOPE 'profile': gender, familyName, givenName, hd, id, link*, locale, verifiedEmail
  33. *-SCOPE 'profile': internal_gapi_mappings, modelData, processed
  34. Lista completa de scopes: https://developers.google.com/identity/protocols/googlescopes
  35. */
  36. require_once 'dbh.inc.php';
  37. $query = 'SELECT * FROM `researcher` WHERE `email` = "'.$userData['email'].'";';
  38. $result = mysqli_query($connection, $query);
  39. $dbUserData = mysqli_fetch_assoc($result);
  40. $_SESSION['result'] = $result;
  41. // IF DB CAN'T FETCH USER DATA, IT MUST BE BECAUSE USER IS UNAUTHORIZED
  42. // ELSE KEEP RETRIEVING USER DATA FROM DB
  43. if($dbUserData == NULL) {
  44. $_SESSION['error'] = 'unauthorized';
  45. }
  46. else {
  47. // NECESSARY FOR RETRIEVING DATA FROM DB ON LATER PAGES
  48. $_SESSION['email'] = $userData['email'];
  49. //### OPTIONAL ###
  50. $_SESSION['newUser'] = false;
  51. // IF USER IS NEW, UPDATE DB WITH USER INFO FROM GOOGLE
  52. if($dbUserData['name'] == NULL && $dbUserData['picture'] == NULL) {
  53. $query = 'UPDATE `researcher` SET `name`="'.$userData['name'].'", `picture`="'.$userData['picture'].'" WHERE `email`="'.$userData['email'].'";';
  54. mysqli_query($connection, $query);
  55. //### OPTIONAL ###
  56. $_SESSION['newUser'] = true;
  57. }
  58. }
  59. //### FOR DEBUGGING ###
  60. $_SESSION['dbUserData'] = $dbUserData;
  61. $_SESSION['error_set'] = isset($_SESSION['error']);
  62. //### FOR DEBUGGING ###
  63. header('Location: ../home.php');
  64. exit();
  65. /*
  66. Additional links that helped:
  67. Google Developers Tutorial (Javascript): https://developers.google.com/identity/sign-in/web/sign-in
  68. Sample Code: https://github.com/GoogleChromeLabs/google-sign-in
  69. Branding Guidelines: https://developers.google.com/identity/branding-guidelines
  70. Developer's Console: https://console.developers.google.com
  71. Tutorials:
  72. -Login With Google Account Using PHP & Client API: https://www.youtube.com/watch?v=hazMyK_cnzk
  73. -Login with Google Account using PHP: https://www.codexworld.com/login-with-google-api-using-php/
  74. */