unplugged_web Posted August 11, 2014 Share Posted August 11, 2014 (edited) I've been asked to add extra security to our site. We're using Google to login people in and currently this is the security we have: $googleService = $serviceFactory->createService('google', $credentials, $storage, array('userinfo_email', 'userinfo_profile'));$app->get('/login', function () use ($app, $googleService) {if($app['session']->get('userinfo')) {return new RedirectResponse('/');}return $app['twig']->render('login.twig', array('login_url' => $googleService->getAuthorizationUri()->__toString(),'user' => $app['session']->get('userinfo'),));}); and $app->match('/auth/callback', function (Request $request) use ($app, $googleService) {// This was a callback request from google, get the token$googleService->requestAccessToken($request->get('code'));// Send a request with it$user = json_decode($googleService->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);if (substr($user['email'],-11)==='@domain.com' || $user['email']==='web@anotherdomain.com') {$user['logged_in_date'] = date('Y-m-d');$app['session']->set('userinfo', $user);$log = new UserLoggedinLog();$log->setEmail($user['email']);$log->setDate(time());$log->save();} else {$message = Swift_Message::newInstance()->setSubject('Site :: unauthorized login')->setFrom(array('server@domain.com' => 'robot'))->setTo(array('admin@domain.com','web@domain.com'))->setBody(sprintf("The following email [%s] tried to login from IP [%s]", $user['email'], $request->getClientIp()));$app['mailer']->send($message);}return $app->redirect('/');}); Is there a way to set the email addresses/users that can log in? So if a member of staff leaves they can be prevent from logging in immediately? I've built a database table with all of the 'allowed' users in it but I didn't know if there was a way of getting Google login to check that and then only allow somebody if they're in the database? Edited August 11, 2014 by thehappyappy Link to comment Share on other sites More sharing options...
niche Posted August 11, 2014 Share Posted August 11, 2014 If that google allows that else you'll need to code it . My guess is that you'll need to code it. Link to comment Share on other sites More sharing options...
unplugged_web Posted August 11, 2014 Author Share Posted August 11, 2014 Thanks, I'm pretty new to all of this so am not sure how to do it, do you know of any examples that might help Link to comment Share on other sites More sharing options...
niche Posted August 11, 2014 Share Posted August 11, 2014 At a minimum you'd have to add a value to whatever you're using to regulate a user's session. Link to comment Share on other sites More sharing options...
unplugged_web Posted August 13, 2014 Author Share Posted August 13, 2014 At a minimum you'd have to add a value to whatever you're using to regulate a user's session. Sorry to be so dumb but how would I do that? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now