OTA improvements

This commit is contained in:
JonatanRek 2019-10-30 15:18:29 +01:00
parent 2200508fff
commit df71f7c780
8 changed files with 294 additions and 109 deletions

View File

@ -172,7 +172,7 @@ if ($values != null || $values != "") {
]; ];
break; break;
} }
if (DEBUGMOD) $notificationData['body'] .= ' value='.$value['value'];
if ($notificationData != []) { if ($notificationData != []) {
$subscribers = $notificationMng::getSubscription(); $subscribers = $notificationMng::getSubscription();
foreach ($subscribers as $key => $subscriber) { foreach ($subscribers as $key => $subscriber) {

View File

@ -3,8 +3,8 @@ class UserManager
{ {
public function getUsers () { public function getUsers () {
try { try {
$allRoom = Db::loadAll ("SELECT * FROM users"); $allUsers = Db::loadAll ("SELECT user_id, username, at_home, ota FROM users");
return $allRoom; return $allUsers;
} catch(PDOException $error) { } catch(PDOException $error) {
echo $error->getMessage(); echo $error->getMessage();
die(); die();
@ -26,12 +26,12 @@ class UserManager
if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($username))) { if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($username))) {
if ($user['password'] == UserManager::getHashPassword($password)) { if ($user['password'] == UserManager::getHashPassword($password)) {
if (isset($rememberMe) && $rememberMe == 'true') { if (isset($rememberMe) && $rememberMe == 'true') {
setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), str_replace("login", "", str_replace('https://' . $_SERVER['HTTP_HOST'], "", $_SERVER['REQUEST_URI'])), $_SERVER['HTTP_HOST'], 1); setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), BASEDIR, $_SERVER['HTTP_HOST'], 1);
} }
$_SESSION['user']['id'] = $user['user_id']; $_SESSION['user']['id'] = $user['user_id'];
$page = "./index.php"; $page = "";
if ($user["startPage"] == 1) { if ($user["startPage"] == 1) {
$page = "./dashboard.php"; $page = "dashboard";
} }
unset($_POST['login']); unset($_POST['login']);
return $page; return $page;
@ -62,9 +62,12 @@ class UserManager
} }
public function logout () { public function logout () {
setcookie ("rememberMe","", time() - (30 * 24 * 60 * 60 * 1000), str_replace("login", "", str_replace('https://' . $_SERVER['HTTP_HOST'], "", $_SERVER['REQUEST_URI'])), $_SERVER['HTTP_HOST'], 1);
unset($_SESSION['user']); unset($_SESSION['user']);
session_destroy(); session_destroy();
if (isset($_COOKIE['rememberMe'])){
unset($_COOKIE['rememberMe']);
setcookie("rememberMe", 'false', time(), BASEDIR, $_SERVER['HTTP_HOST']);
}
} }
public function setEncryptedCookie($value){ public function setEncryptedCookie($value){
@ -98,12 +101,14 @@ class UserManager
return false; return false;
} }
public static function getUserData ($type) { public static function getUserData ($type, $userId = '') {
if (isset($_SESSION['user']['id'])) { if (isset($_SESSION['user']['id'])) {
$user = Db::loadOne ('SELECT ' . $type . ' FROM users WHERE user_id=?', array ($_SESSION['user']['id'])); $userId = $_SESSION['user']['id'];
return $user[$type]; } else {
return "";
} }
return ""; $user = Db::loadOne ('SELECT ' . $type . ' FROM users WHERE user_id=?', array ($userId));
return $user[$type];
} }
public function setUserData ($type, $value) { public function setUserData ($type, $value) {
@ -118,63 +123,59 @@ class UserManager
return $hashPassword; return $hashPassword;
} }
public function ulozitObrazek ($file, $path = "", $name = "") { public function atHome($userId, $atHome){
if (!@is_array (getimagesize($file['tmp_name']))) { try {
throw new ChybaUzivatele("Formát obrázku ". $file['name'] ." není podporován!"); Db::edit ('users', ['at_home' => $atHome], 'WHERE user_id = ?', array($userId));
} else { } catch(PDOException $error) {
$extension = strtolower(strrchr($file['name'], '.')); echo $error->getMessage();
switch ($extension) { die();
case '.jpg':
case '.jpeg':
$img = @imagecreatefromjpeg($file['tmp_name']);
break;
case '.gif':
$img = @imagecreatefromgif($file['tmp_name']);
break;
case '.png':
$img2 = @imagecreatefrompng($file['tmp_name']);
break;
case '.ico':
$img3 = @$file['tmp_name'];
break;
default:
$img = false;
break;
}
if($name == ""){
$nazev = substr($file['name'], 0, strpos($file['name'], ".")) ."_". round(microtime(true) * 1000);
}else{
$nazev = $name;
}
if(!file_exists($path)){
mkdir($path, 0777, true);
}
if (@$img) {
if (!imagejpeg ($img, $path . $nazev .".jpg", 95)) {
throw new ChybaUzivatele ("Obrázek neuložen!");
}
imagedestroy ($img);
} else if (@$img2) {
if (!imagepng ($img2, $path . $nazev .".jpg")) {
throw new ChybaUzivatele ("Obrázek neuložen!");
}
imagedestroy ($img2);
} else if (@$img3) {
if (!copy($img3, $path . $nazev .'.ico')) {
throw new ChybaUzivatele ("Obrázek neuložen!");
}
}
return array('success' => true, 'url' => $path . $nazev .".jpg");
}
}
public function atHome($userId, $atHome){
try {
Db::edit ('users', ['at_home' => $atHome], 'WHERE user_id = ?', array($userId));
} catch(PDOException $error) {
echo $error->getMessage();
die();
}
} }
} }
?>
public function changePassword($oldPassword, $newPassword, $newPassword2){
if ($newPassword == $newPassword2) {
//Password Criteria
$oldPasswordSaved = self::getUserData('password');
if (self::getHashPassword($oldPassword) == $oldPasswordSaved) {
self::setUserData('password', self::getHashPassword($newPassword));
} else {
throw new Exception ("old password did not match");
}
} else {
throw new Exception ("new password arent same");
}
}
public function createUser($userName, $password){
$userId = Db::loadOne('SELECT * FROM users WHERE username = ?;', array($userName))['user_id'];
if ($userId != null) {
return false;
};
try {
$user = [
'username' => $userName,
'password' => self::getHashPassword($password),
];
return Db::add ('users', $user);
} catch(PDOException $error) {
echo $error->getMessage();
die();
}
}
public function haveOtaEnabled($userName){
$ota = $this->getUser($userName)['ota'];
if ($ota != ''){
return ($ota != '' ? $ota : false);
} else {
return false;
}
}
public function setOta($code, $secret){
$userId = $_SESSION['user']['id'];
Db::edit ('users', ['ota' => $secret], 'WHERE user_id = ?', array($userId));
}
}
?>

51
app/controls/login.php Normal file
View File

@ -0,0 +1,51 @@
<?php
global $userManager;
if (
isset($_POST['username']) &&
$_POST['username'] != '' &&
isset($_POST['password']) &&
$_POST['password'] != ''
){
$ota = false;
$userName = $_POST['username'];
$userPassword = $_POST['password'];
$rememberMe = (isset ($_POST['remember']) ? $_POST['remember'] : "");
$ota = $userManager->haveOtaEnabled($userName);
if ($ota == "") {
$landingPage = $userManager->login($userName, $userPassword, $rememberMe);
header('Location: ' . BASEDIR . $landingPage);
die();
}
$_SESSION['USERNAME'] = $userName;
$_SESSION['PASSWORD'] = $userPassword;
$_SESSION['REMEMBER'] = $rememberMe;
$_SESSION['OTA'] = $ota;
} else if (
isset($_POST['otaCode']) &&
$_POST['otaCode'] != ''
) {
$otaCode = $_POST['otaCode'];
$otaSecret = $_POST['otaSecret'];
$ga = new PHPGangsta_GoogleAuthenticator();
$ota = $_SESSION['OTA'];
$userName = $_SESSION['USERNAME'];
$userPassword = $_SESSION['PASSWORD'];
$rememberMe = $_SESSION['REMEMBER'];
unset($_SESSION['OTA']);
$checkResult = $ga->verifyCode($otaSecret, $otaCode, 2); // 2 = 2*30sec clock tolerance
if ($checkResult) {
$landingPage = $userManager->login($userName, $userPassword, $rememberMe);
header('Location: ' . BASEDIR . $landingPage);
echo 'OK';
} else {
echo 'FAILED';
}
//TODO: upravi a ověřit jeslti ja zabezpečené
//TODO:
die();
}

29
app/controls/setting.php Normal file
View File

@ -0,0 +1,29 @@
<?php
if (isset($_POST) && !empty($_POST)){
if (isset($_POST['submitPasswordChange']) && $_POST['submitPasswordChange'] != "") {
$oldPassword = $_POST['oldPassword'];
$newPassword = $_POST['newPassword1'];
$newPassword2 = $_POST['newPassword2'];
UserManager::changePassword($oldPassword, $newPassword, $newPassword2);
header('Location: ' . BASEDIR . 'logout');
die();
} else if (isset($_POST['submitCreateUser']) && $_POST['submitCreateUser'] != "") {
$userName = $_POST['userName'];
$password = $_POST['userPassword'];
UserManager::createUser($userName, $password);
header('Location: ' . BASEDIR . 'setting');
die();
} else if (isset($_POST['submitEnableOta']) && $_POST['submitEnableOta'] != "") {
echo $otaCode = $_POST['otaCode'];
echo $otaSecret = $_POST['otaSecret'];
$ga = new PHPGangsta_GoogleAuthenticator();
$checkResult = $ga->verifyCode($otaSecret, $otaCode, 2); // 2 = 2*30sec clock tolerance
if ($checkResult) {
UserManager::setOta($otaCode, $otaSecret);
}
header('Location: ' . BASEDIR . 'setting');
die();
}
}

View File

@ -10,66 +10,72 @@
<div class=""> <div class="">
<canvas id="canvas-<?php echo $SUBDEVICEID;?>"></canvas> <canvas id="canvas-<?php echo $SUBDEVICEID;?>"></canvas>
</div> </div>
<input <input
type="submit" type="submit"
class="button col-2 graph-period" class="button col-2 graph-period"
data-period="year" data-period="year"
data-group="month" data-group="month"
data-sub-device-id="<?php echo $SUBDEVICEID;?>" data-sub-device-id="<?php echo $SUBDEVICEID;?>"
value="<?php $LANGMNG->echo('b_year');?>" value="<?php $LANGMNG->echo('b_year');?>"
/> />
<input <input
type="submit" type="submit"
class="button col-2 graph-period" class="button col-2 graph-period"
data-period="month" data-period="month"
data-group="day" data-group="day"
data-sub-device-id="<?php echo $SUBDEVICEID;?>" data-sub-device-id="<?php echo $SUBDEVICEID;?>"
value="<?php $LANGMNG->echo('b_month');?>" value="<?php $LANGMNG->echo('b_month');?>"
/> />
<input <input
type="submit" type="submit"
class="button col-2 graph-period" class="button col-2 graph-period"
data-period="week" data-period="week"
data-group="day" data-group="day"
data-sub-device-id="<?php echo $SUBDEVICEID;?>" data-sub-device-id="<?php echo $SUBDEVICEID;?>"
value="<?php $LANGMNG->echo('b_week');?>" value="<?php $LANGMNG->echo('b_week');?>"
/> />
<input <input
type="submit" type="submit"
class="button col-2 graph-period" class="button col-2 graph-period"
data-period="day" data-period="day"
data-group="hour" data-group="hour"
data-sub-device-id="<?php echo $SUBDEVICEID;?>" data-sub-device-id="<?php echo $SUBDEVICEID;?>"
value="<?php $LANGMNG->echo('b_day');?>" value="<?php $LANGMNG->echo('b_day');?>"
/> />
<input <input
type="submit" type="submit"
class="button col-2 graph-period" class="button col-2 graph-period"
data-period="hour" data-period="hour"
data-group="minute" data-group="minute"
data-sub-device-id="<?php echo $SUBDEVICEID;?>" data-sub-device-id="<?php echo $SUBDEVICEID;?>"
value="<?php $LANGMNG->echo('b_hour');?>" value="<?php $LANGMNG->echo('b_hour');?>"
/> />
<div> <div>
<table class="table is-fluid"> <table class="table is-fluid">
<thead> <thead>
<tr> <tr>
<th><?php $LANGMNG->echo('t_time');?></th> <th><?php $LANGMNG->echo('t_time');?></th>
<?php if (DEBUGMOD) { ?>
<th><?php $LANGMNG->echo('t_raw');?></th>
<?php } ?>
<th><?php $LANGMNG->echo('t_state');?></th> <th><?php $LANGMNG->echo('t_state');?></th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($SUBDEVICE['events'] as $key => $value) { ?> <?php foreach ($SUBDEVICE['events'] as $key => $value) { ?>
<tr> <tr>
<th><?php echo (new DateTime($value['time']))->format(DATEFORMAT); ?></th> <td><?php echo (new DateTime($value['time']))->format(DATEFORMAT); ?></td>
<th title="test"><?php echo $value['value'] . $SUBDEVICE['unit'];?></th> <?php if (DEBUGMOD) { ?>
<td><?php echo $SUBDEVICE['eventsRaw'][$key]['value']; ?></td>
<?php } ?>
<td title="test"><?php echo $value['value'] . $SUBDEVICE['unit'];?></td>
<?php //TODO: P5IDAT TOOLTIP PRO RAW VALUE?> <?php //TODO: P5IDAT TOOLTIP PRO RAW VALUE?>
</tr> </tr>
<?php } ?> <?php } ?>
@ -77,4 +83,4 @@
</table> </table>
</div> </div>
</div> </div>
</div> </div>

View File

@ -21,7 +21,7 @@
</div> </div>
<div class="col-md-9 main-body"> <div class="col-md-9 main-body">
<div class="col-12 col-sm-9 mx-auto mt-4"> <div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"> <h4 class="mb-4">
<?php $LANGMNG->echo('t_pageAfterLogIn') ?> <?php $LANGMNG->echo('t_pageAfterLogIn') ?>
</h4> </h4>
<form method="post" enctype="multipart/form-data"> <form method="post" enctype="multipart/form-data">
@ -56,15 +56,91 @@
<a href="rooms" class="button"><?php $LANGMNG->echo('b_rooms') ?></a> <a href="rooms" class="button"><?php $LANGMNG->echo('b_rooms') ?></a>
</div> </div>
</div> </div>
<div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php $LANGMNG->echo('t_changePassword') ?></h4>
<form method="post">
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_oldPassword') ?>:</div>
<input type="password" class="input" name="oldPassword" value="" data-cip-id="cIPJQ342845639">
</div>
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div>
<input type="password" class="input" name="newPassword1" value="">
</div>
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div>
<input type="password" class="input" name="newPassword2" value="">
</div>
<div class="field">
<input type="submit" name="submitPasswordChange" class="button" value="Uložit">
</div>
</form>
</div>
<div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php $LANGMNG->echo('t_ota') ?></h4>
<?php if (!empty($QRURL)) {?>
<img src="<?php echo $QRURL;?>" />
<?php echo $OTACODE; ?>
<form method="post" action="setting">
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_gooleAutenticatorOtaCode') ?>:</div>
<input type="text" class="input" name="otaCode" value="" required>
<input type="hidden" class="input" name="otaSecret" value="<?php echo $OTASECRET;?>" required>
</div>
<div class="field">
<input type="submit" name="submitEnableOta" class="button" value="Uložit">
</div>
</form>
<?php } else {?>
<button name="deactivateOta" type="button" class="button is-danger fa"><?php $LANGMNG->echo('b_disable');?> <?php $LANGMNG->echo('b_ota'); ?></button>
<?php }?>
</div>
<div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php $LANGMNG->echo('t_listUsers') ?></h4>
<table class="table is-fluid">
<thead>
<tr>
<th><?php $LANGMNG->echo('t_userName');?></th>
<th><?php $LANGMNG->echo('t_ota');?></th>
<th><?php $LANGMNG->echo('t_action');?></th>
</tr>
</thead>
<tbody>
<?php foreach ($USERS as $key => $user) { ?>
<tr>
<td><?php echo $user['username']; ?></td>
<td><?php echo ($user['ota'] ? '<span class="fa">&#xf00c;</span>' : ''); ?></td>
<td><button name="deleteUser" type="button" class="button is-danger fa">&#xf1f8;</button></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php $LANGMNG->echo('t_createuser') ?></h4>
<form method="post">
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_userName') ?>:</div>
<input type="text" class="input" name="userName" value="" data-cip-id="cIPJQ342845639">
</div>
<div class="field">
<div class="label"><?php $LANGMNG->echo('l_password') ?>:</div>
<input type="password" class="input" name="userPassword" value="" data-cip-id="cIPJQ342845639">
</div>
<div class="field">
<input type="submit" name="submitCreateUser" class="button" value="Uložit">
</div>
</form>
</div>
</div> </div>
</div> </div>
<script src="./app/templates/js/setting.js"></script>
<?php <?php
$partial = new Partial('footer'); $partial = new Partial('footer');
$partial->render(); $partial->render();
?> ?>
</script> <script src="./app/templates/js/setting.js"></script>
</script>
</body> </body>
</html> </html>

View File

@ -22,10 +22,10 @@ class Home extends Template
$usersAtHome = ''; $usersAtHome = '';
$i = 0; $i = 0;
foreach ($users as $user) { foreach ($users as $user) {
$i++;
if ($user['at_home'] == 'true') { if ($user['at_home'] == 'true') {
$i++;
$usersAtHome .= $user['username']; $usersAtHome .= $user['username'];
if ($usersAtHome != "" && isset($users[$i + 1])){ if ($usersAtHome != "" && isset($users[$i + 1]) && $users[$i + 1]['at_home'] == 'true'){
$usersAtHome .= ', '; $usersAtHome .= ', ';
} }
} }
@ -44,6 +44,7 @@ class Home extends Template
foreach ($subDevicesData as $subDeviceKey => $subDeviceData) { foreach ($subDevicesData as $subDeviceKey => $subDeviceData) {
$events = RecordManager::getLastRecord($subDeviceData['subdevice_id'], 5); $events = RecordManager::getLastRecord($subDeviceData['subdevice_id'], 5);
$eventsRaw = $events;
$connectionError = true; $connectionError = true;
$parsedValue = ""; $parsedValue = "";
@ -103,6 +104,7 @@ class Home extends Template
$parsedValue = $replacementTrue; $parsedValue = $replacementTrue;
} }
//parsing last events values //parsing last events values
foreach ($events as $key => $value) { foreach ($events as $key => $value) {
$events[$key]['value'] = $replacementFalse; $events[$key]['value'] = $replacementFalse;
@ -127,6 +129,7 @@ class Home extends Template
$subDevices[$subDeviceData['subdevice_id']] = [ $subDevices[$subDeviceData['subdevice_id']] = [
'events'=> $events, 'events'=> $events,
'eventsRaw'=> $eventsRaw,
'type' => $subDeviceData['type'], 'type' => $subDeviceData['type'],
'unit' => $subDeviceData['unit'], 'unit' => $subDeviceData['unit'],
'comError' => $connectionError, 'comError' => $connectionError,

View File

@ -3,6 +3,7 @@ class Setting extends Template
{ {
function __construct() function __construct()
{ {
global $userManager; global $userManager;
global $langMng; global $langMng;
@ -27,6 +28,24 @@ class Setting extends Template
$template->prepare('langMng', $langMng); $template->prepare('langMng', $langMng);
$template->prepare('automations', $automations); $template->prepare('automations', $automations);
$users = $userManager->getUsers();
$template->prepare('users', $users);
if ($userManager->getUserData('ota') == ''){
$ga = new PHPGangsta_GoogleAuthenticator();
$otaSecret = $ga->createSecret();
$qrCodeUrl = $ga->getQRCodeGoogleUrl('Smart Home', $otaSecret);
$oneCode = $ga->getCode($otaSecret);
$template->prepare('qrUrl', $qrCodeUrl);
$template->prepare('otaSecret', $otaSecret);
$template->prepare('otaCode', $oneCode);
// echo "Secret is: ".$secret."\n\n";
// echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."\n\n";
// echo "Checking Code '$oneCode' and Secret '$otaSecret':\n";
}
$template->render(); $template->render();
} }
} }