Odyssey
Login.data
1 <?php
2  header("Access-Control-Allow-Origin: *");
3  header("Content-Type: application/json; charset=UTF-8");
4  header("Access-Control-Allow-Methods: POST");
5  header("Access-Control-Allow-Headers: Content-Type,Access-Control-Allow-Headers, Authorization, X-Requested-With");
6 
7  // ** Include the Global Script for Error Handling
8  require_once(dirname(__FILE__) . '/../../shared/library/hcuLogError.i');
9  require_once(dirname(__FILE__) . '/../../shared/library/hcuCommon.i');
10  require_once(dirname(__FILE__) . '/../../shared/library/logging.i');
11  require_once(dirname(__FILE__) . '/../../shared/library/hcuEnv.i');
12  require_once(dirname(__FILE__) . '/../../shared/library/cu_flagconst.i');
13  require_once(dirname(__FILE__) . '/../../shared/library/cu_fun.i');
14  require_once(dirname(__FILE__) . '/../../shared/library/errormail.i');
15  require_once(dirname(__FILE__) . '/../../shared/library/cu_func.i');
16  require_once(dirname(__FILE__) . '/../../shared/library/commonJsFunctions.i');
17 
18  require_once(dirname(__FILE__) . '/../../shared/library/db.postgres.i');
19 
20  require_once(dirname(__FILE__) . '/../../shared/library/cu_data.i');
21  require_once(dirname(__FILE__) . '/../../banking/library/cu_credentials.i');
22  require_once(dirname(__FILE__) . "/../../shared/library/hcuTranslate.i");
23  require_once(dirname(__FILE__) . '/../../shared/library/dms_imp_val.i');
24  require_once(dirname(__FILE__) . '/../../monitor/library/monitorFunctions.i');
25  require_once(dirname(__FILE__) . '/../../shared/library/cuDataModel.i');
26 
27  // New classes for login
28  require_once(dirname(__FILE__) . '/../../banking/library/UserLogin.php');
29  require_once(dirname(__FILE__) . '/../../banking/library/UserRepo.php');
30  require_once(dirname(__FILE__) . '/../../banking/library/User.php');
31  require_once(dirname(__FILE__) . '/../../banking/library/CuAdmin.php');
32  require_once(dirname(__FILE__) . '/../../banking/library/CuAdminRepo.php');
33 
34  // ** Home Banking Desktop Functions
35  require_once(dirname(__FILE__) . '/../../banking/library/hcuDispFunctions.i');
36  require_once(dirname(__FILE__) . '/../../shared/library/hcuFunctions.i');
37 
38  global $dbh, $logger;
39 
40  try {
41 
42  $HB_ENV = array();
43  $aryReply = array();
44  $aryInfo = array();
45  $aryResult = array();
46  // set up the environment based on environment variables
47  $HB_ENV['SYSENV'] = LoadSystemEnv("banking");
48  SetEnvStatic($HB_ENV);
49  $dbh = GetDBH($HB_ENV['SYSENV']['db']);
50  $HB_ENV["dbh"] = $dbh;
51  $Cu = $_POST['cu'];
52  $HB_ENV['homebankingpath'] = $_POST['homebankingpath'];
53  $HB_ENV['Cu'] = $Cu;
54  $HB_ENV['chome'] = strtolower($Cu);
55  // TO-DO need to address multi-language
56  $HB_ENV['Flang'] = "en_US";
57  $MC = new hcu_talk_base($HB_ENV['Flang']);
58  $HB_ENV["MC"] = $MC;
59  $HB_ENV['platform'] = $_POST['platform'];
60 
61  if(isset($_POST['action']) && !empty($_POST['action'])) {
62  $action = $_POST['action'];
63  switch($action) {
64  case 'LoginNotices':
65  $loginNoticeAry = Get_NoticeInfo($dbh, $HB_ENV, $MC, "D", "loginNotice");
66  $aryResult = $loginNoticeAry;
67  break;
68  case 'LoginPromos':
69  $loginPromoAry = Get_NoticeInfo($dbh, $HB_ENV, $MC, "D", "LoginPromo");
70  $aryResult = $loginPromoAry;
71  break;
72  // case 'ChallengeQuestion':
73  // $MemberChallengeQuestions_ary = GetChallengeQuestions("CHALLENGE", $dbh, $HB_ENV, $MC, $HB_ENV['username']);
74  // $aryResult = $MemberChallengeQuestions_ary;
75 
76  // break;
77  case 'ValidateUser':
78 
79  if ($_POST['payload']) {
80  $payload = $_POST['payload'];
81  // decode payload
82  $data = HCU_PayloadDecode($Cu, $payload);
83  $username = trim(strval($data['username']));
84  $password = trim(strval($data['password']));
85  }
86 
87  $cuAdminRepo = new CuAdminRepo($dbh, $logger, $Cu);
88  $cuAdmin = new CuAdmin($Cu, $cuAdminRepo);
89  $userRepo = new UserRepo($dbh, $logger, $Cu);
90  $user = new User($username, $Cu, $userRepo);
91  $login = new UserLogin($user, $cuAdmin);
92 
93  $isValid = $login->ValidateUser($password);
94  $isLocked = $login->IsAccountLocked();
95  $isValidDevice = $login->IsValidDeviceCookie($Cu);
96  $isValidMammothDevice = $login->IsValidMammothDeviceCookie($Cu, $HB_ENV);
97  $isMfaMode = $login->IsMFAMode();
98 
99  if (!$isValid) {
100  // Not valid username/password
101  throw new Exception("Invalid Username or Password");
102  }
103 
104  if ($isLocked) {
105  if ($login->new_user) {
106  $loginAry['Step'] = 'Setup';
107  } else {
108  // Account is locked
109  // send to reset password
110  $resetlink = $HB_ENV['homebankingpath'] . "/hcuResetPwd.prg?cu={$Cu}";
111  throw new Exception($MC->combo_msg('Account is Locked Reset', 0, '#link#', "$resetlink"));
112  }
113  } else if ($isValidDevice || $isValidMammothDevice) {
114  // Has valid cookie
115  $loginAry['Step'] = 'None';
116  // Create Session ticket cookie
117  $login->CreateSessionTicket($HB_ENV, $MC, $Cu);
118  } else {
119  // needs additional authentication
120  $loginAry['Step'] = 'MFA';
121  }
122 
123  $aryInfo = 'Success';
124  $aryResult = $loginAry;
125 
126  // update member environment variables - TO-DO
127  // log user pass or failure - TO-DO
128  // create new member cookie - TO-DO
129  break;
130  default:
131 
132  break;
133 
134  }
135  }
136  } catch (Exception $err) {
137  //Return error message
138  $aryReply["errors"] = $err->getMessage();
139  // if returning error, not replying with data
140  $aryResult = array();
141  // if returning error, not returning status
142  $aryInfo = array();
143  //throw new Exception("Error Occurred: " . $err);
144  }
145 
146  if (count($aryInfo)) {
147  $aryReply["info"] = $aryInfo;
148  }
149 
150  if (count($aryResult)) {
151  $aryReply["data"] = $aryResult;
152  }
153 
154  print json_encode($aryReply);
155 
156 
hcu_talk_base
Definition: hcuTranslate.i:16
User
Definition: User.php:7
Generated by   doxygen 1.8.15