ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Перенесены тесты со старого authserver, исправлены ошибки в коде

Browse Source
This commit is contained in:
ErickSkrauch
2016-09-01 10:31:43 +03:00
parent 147c84f487
commit 9371fc32ca
15 changed files with 481 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/modules/authserver/models/Form.php
View File

@ -6,6 +6,10 @@ use yii\base\Model;
abstract class Form extends Model {
public function formName() {
return '';
}
public function loadByGet() {
return $this->load(Yii::$app->request->get());
}

9
api/modules/authserver/models/RefreshTokenForm.php
View File

@ -3,18 +3,17 @@ namespace api\modules\authserver\models;
use api\modules\authserver\exceptions\ForbiddenOperationException;
use api\modules\authserver\validators\RequiredValidator;
use common\models\Account;
use common\models\MinecraftAccessKey;
class RefreshTokenForm extends Form {
public $accessToken;
public $clientToken;
public $selectedProfile;
public $requestUser;
public function rules() {
return [
[['accessToken', 'clientToken', 'selectedProfile', 'requestUser'], RequiredValidator::class],
[['accessToken', 'clientToken'], RequiredValidator::class],
];
}
@ -34,6 +33,10 @@ class RefreshTokenForm extends Form {
throw new ForbiddenOperationException('Invalid token.');
}
if ($accessToken->account->status === Account::STATUS_BANNED) {
throw new ForbiddenOperationException('This account has been suspended.');
}
$accessToken->refreshPrimaryKeyValue();
$accessToken->update();

7
api/modules/authserver/models/SignoutForm.php
View File

@ -4,6 +4,7 @@ namespace api\modules\authserver\models;
use api\models\authentication\LoginForm;
use api\modules\authserver\exceptions\ForbiddenOperationException;
use api\modules\authserver\validators\RequiredValidator;
use common\helpers\Error as E;
use common\models\MinecraftAccessKey;
use Yii;
@ -25,6 +26,12 @@ class SignoutForm extends Form {
$loginForm->login = $this->username;
$loginForm->password = $this->password;
if (!$loginForm->validate()) {
$errors = $loginForm->getFirstErrors();
if (isset($errors['login']) && $errors['login'] === E::ACCOUNT_BANNED) {
// Считаем, что заблокированный может безболезненно выйти
return true;
}
// На старом сервере авторизации использовалось поле nickname, а не username, так что сохраняем эту логику
$attribute = $loginForm->getLoginAttribute();
if ($attribute === 'username') {