Skip to content

3. Backend Development

Jump to bottom Edit New page
Liwei edited this page Jun 15, 2017 · 9 revisions

Page Outline

Backend Package: https://github.com/OpenISDM/platform
All these features below could be demonstrated by choosing frontend branch "ushahidi_plus" and backend branch "ushahidi_plus".

Login with Volunteer Management System (VMS) Account

  • New Files
    ./platform/src/Core/Usecase/User/VMSLoginUser.php
  • Revised Files
    ./platform/application/classes/Ushahidi/Authenticator/Password.php
    ./platform/src/Init.php
  • Explanation
    First, we create a new file "VMSLoginUser.php" to handle login events. Following shows the function to verify users.
public function interact()
{
	// Verify the account and password
	if(strcmp($this->getRequiredIdentifier('email'), "admin") == 0) {
		// admin login authentication (local database)
		// Fetch the entity, using provided identifiers...
		$entity = $this->getEntity();

		// Rate limit login attempts
		$this->rateLimiter->limit($entity);

		// ... verify that the password matches
		$this->authenticator->checkPassword($this->getRequiredIdentifier('password'), $entity->password);
                
                // ... and return the formatted result.
		return $this->formatter->__invoke($entity);
	} else {
		$authenticatePass = $this->authenticator->checkPassword($this->getRequiredIdentifier('email'), $this->getRequiredIdentifier('password'));
	        if($authenticatePass) {
			// Fetch the entity, using provided identifiers... if there is no that entity, create it
			$entity = $this->getEntity();

			// Rate limit login attempts
			// $this->rateLimiter->limit($entity);

			// ... and return the formatted result.
			return $this->formatter->__invoke($entity);
		}
		echo 'passwordcheck() no pass'.PHP_EOL;
	}
}

After passing the verification, following shows the function to build new entities for new users.

protected function getEntity()
{
	// Make sure the repository has then methods necessary.
	$this->verifyUserRepository($this->repo);

	// Entity will be loaded using the provided email
	$email = $this->getRequiredIdentifier('email');

	// ... attempt to load the entity
	$entity = $this->repo->getByEmail($email);
	// +account
	if(is_null($entity->getId())) {
		// echo 'entity->getId() is null. Regist user.'.PHP_EOL;
		$data = array(
			//'realname' => $email, // get the real name
			'email'    => $email,
			'password' => 'crosscross',  // fake password, authenticate from VMS
			);
		// new a user entity
		$entityRegist = new User($data);
		// persist the new entity
		$id = $this->repo->register($entityRegist);
		// get the newly created entity
		$entity = $this->getCreatedEntity($id);
	}
	// var_dump($entity);

	// ... and verify that the entity was actually loaded
	$this->verifyEntityLoaded($entity, compact('email'));

	// ... then return it
	return $entity;
}

In the program above, the function "checkPassword()" is from the file "Password.php". Second, we revised "checkPassword()" in "Password.php".

public function checkPassword($email, $password)
{
	// authentication from VMS

	if(strcmp($email, "admin") == 0) {
		// admin login authentication (local database)
		if (!password_verify($email, $password)) {
			throw new AuthenticatorException("Password does not match this account");
		}
		return true;
	} else {
		$url = "http://vms-dev.herokuapp.com/api/auth";
		$header = array(
			"Content-Type: application/json",
			"X-VMS-API-Key: 581dba93a4dbafa42a682d36b015d8484622f8e3543623bec5a291f67f5ddff1"
		);
		$data = array(
			"email" => $email,
			"password" => $password,
		);
		$json_data = json_encode($data);
		$curl = curl_init();
		curl_setopt($curl, CURLOPT_POST, 1);
		curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
		curl_setopt($curl, CURLOPT_POSTFIELDS, $json_data);
		curl_setopt($curl, CURLOPT_URL, $url);
		curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
		// send request to vms api
		$result = curl_exec($curl);
		curl_close($curl);
		if (isset(json_decode($result) -> errors[0])) {
			throw new AuthenticatorException("Third party authentication failed.");
		} 
		return true;
	}
}

Finally, in the file "init.php", we replaced the file "LoginUser.php" to our new file "VMSLoginUser.php".

...
// User login is a custom read the uses authentication.
$di->params['Ushahidi\Factory\UsecaseFactory']['map']['users'] = [
	'login'    => $di->lazyNew('Ushahidi\Core\Usecase\User\VMSLoginUser'),
	'register' => $di->lazyNew('Ushahidi\Core\Usecase\User\RegisterUser'),
	'getresettoken' => $di->lazyNew('Ushahidi\Core\Usecase\User\GetResetToken'),
	'passwordreset' => $di->lazyNew('Ushahidi\Core\Usecase\User\ResetUserPassword'),
];
$di->setter['Ushahidi\Core\Usecase\User\VMSLoginUser']['setAuthenticator'] = $di->lazyGet('tool.authenticator.password');
$di->setter['Ushahidi\Core\Usecase\User\VMSLoginUser']['setRateLimiter'] = $di->lazyGet('ratelimiter.login');
$di->setter['Ushahidi\Core\Usecase\User\GetResetToken']['setMailer'] = $di->lazyGet('tool.mailer');
...

Change Maximum Upload Photo Size

  • Revised Files:
    ./platform/application/config/media.php
    ./platform/httpdocs/.htaccess
  • Explanation:
    First, set the maximum upload bytes for a photo in "media.php".
'max_upload_bytes' => '10485760',

Second, the maximum upload file size of PHP should also be even equal to or larger than "max_upload_bytes" above. We could add the following line in file ".htaccess" to set the maximum value.

php_value upload_max_filesize 10M
Add a custom footer
Add a custom sidebar

Clone this wiki locally