Merge branch 'ip-restrictions-in-sessions'

adeprimo · Mar 6, 2024 · 718ba9c · 718ba9c
2 parents 24b340a + ba8b497
commit 718ba9c
Show file tree

Hide file tree

Showing 6 changed files with 66 additions and 9 deletions.
diff --git a/includes/class-tulo-paywall.php b/includes/class-tulo-paywall.php
@@ -10,7 +10,9 @@
 class Tulo_Paywall_Common {
 
     private $session;
+    private $common;
     const PAYWALL_VERSION = "1.2";
+
 
     public function __construct() {
         $this->session = new Tulo_Payway_Session();
@@ -59,7 +61,13 @@ public function get_back_url() {
     }
 
     public function get_return_url() {
-        return $this->get_current_url();
+        $currentUrl = get_current_url();
+        if (str_contains($currentUrl, "?")) {
+            $currentUrl .= "&tpw_session_refresh=1";
+        } else {
+            $currentUrl .= "?tpw_session_refresh=1";
+        }            
+        return $currentUrl;
     }
 
     public function get_current_url() {
@@ -151,7 +159,10 @@ public function get_custom_variables() {
             if ($value != "") {
                 $custom_variables[$variable->key] = $value;
             }            
-        }   
+        }
+        if (count($custom_variables) == 0) {
+            return '{}';
+        }
         return json_encode($custom_variables);
     }
 

diff --git a/includes/class-tulo-payway-api.php b/includes/class-tulo-payway-api.php
@@ -37,6 +37,17 @@ public function get_user_and_products_by_ticket($ticket) {
         return null;
     }
 
+    /**
+     * server2server call to refresh user and products, needs a logged in user.
+     * not implemented yet
+     */
+    public function get_user_and_products() {
+        $token = $this->get_access_token_s2s("/external/account/w /external/account/r");
+        if (isset($token) && $token != "" ) {
+        }
+        return null;
+    }
+
     public function get_user_and_products_by_token($token) {
         $user = $this->get_user_details($token);
         if ($user != null) {
@@ -52,13 +63,12 @@ public function get_user_and_products_by_token($token) {
     }
 
     public function get_user_details($token) {
-
         $url = $this->get_api_url("/external/api/v1/me");
         $response = $this->common->get_json_with_bearer($url, $token);
         if ($response["status"] == 200) {
             $data = json_decode($response["data"]);
             return $data->item;
-        }        
+        }    
         return null;
     }
 

diff --git a/includes/class-tulo-payway-sso2-api.php b/includes/class-tulo-payway-sso2-api.php
@@ -401,6 +401,25 @@ private function sso_logout() {
         }
     }
 
+    /**
+     * New function for refreshing user info.
+     * Place holder code, not yet completed and usable.
+     */
+    private function refresh_user() {
+        $this->common->write_log("Refreshing user and product info");
+        $data = $this->api->get_user_and_products();
+        if ($data != null) {
+            $this->set_user_id($data["user"]->id);
+            $this->set_user_name($data["user"]->first_name." ".$data["user"]->last_name);
+            $this->set_user_email($data["user"]->email);
+            $this->set_user_customer_number($data["user"]->customer_number);
+            $this->set_user_active_products($data["active_products"]);
+            $this->set_session_loggedin();
+        } else {
+            $this->common->write_log("!! Could not get user and product info from Payway!");
+        }
+    }
+
     private function fetch_user_and_login($auth_ticket) {
         $data = $this->api->get_user_and_products_by_ticket($auth_ticket);
         if ($data != null) {

diff --git a/includes/class-tulo-payway.php b/includes/class-tulo-payway.php
@@ -241,6 +241,7 @@ private function define_public_hooks() {
           $this->loader->add_shortcode( 'tulo_user_email', $plugin_public, 'shortcode_loggedin_user_email' );
           $this->loader->add_shortcode( 'tulo_user_customer_number', $plugin_public, 'shortcode_loggedin_user_customer_number' );
           $this->loader->add_shortcode( 'tulo_authentication_url', $plugin_public, 'shortcode_authentication_url' );
+          $this->loader->add_shortcode( 'tulo_login_logout_link', $plugin_public, 'shortcode_login_logout' );
 
           $this->loader->add_action( 'wp_ajax_tulo_getproducts', $plugin_public, 'ajax_list_products', 1 );
           $this->loader->add_action( 'wp_ajax_tulo_getvariables', $plugin_public, 'ajax_list_variables', 1 );

diff --git a/public/class-tulo-payway-public.php b/public/class-tulo-payway-public.php
@@ -87,6 +87,12 @@ public function check_session($wp)
         if (get_option("tulo_plugin_active") != "on") 
             return;
 
+        $whitelisted_ips = Tulo_Payway_Server_Public::get_whitelisted_ips();
+        if(in_array($_SERVER['REMOTE_ADDR'], $whitelisted_ips, false)) {
+            $this->common->write_log("!! whitelisted IP request, skipping session establishment.");
+            return true;
+        }
+
 
         if (strpos($_SERVER["REQUEST_URI"], "favicon") === false) {
             if (get_query_var("tpw_session_refresh") == "1") {
@@ -186,7 +192,8 @@ public function has_access($post_id = null, $restrictions = null) {
         }
 
         $user_products = $this->session->get_user_active_products();
-
+        $this->common->write_log("User products: ".print_r($user_products, true));
+        $this->common->write_log("Restrictions: ".print_r($restrictions, true));
         foreach($restrictions as $restriction)
         {
             foreach($user_products as $product)
@@ -265,8 +272,10 @@ public function content_filter($content) {
             return $content;
 
         if($this->has_access()) {  
-
+            $this->common->write_log("user has access!");            
             return $content;
+        } else {
+            $this->common->write_log("user has no access!");  
         }
 
         do_action('tulo_before_permission_required');
@@ -402,6 +411,16 @@ public function shortcode_permission_required_not_loggedin() {
         return get_option('tulo_permission_required_not_loggedin');
     }
 
+    public function shortcode_login_logout() {
+        $output = "";
+        if ($this->session->is_logged_in()) {
+            $output .= "<a href=\"#\" class=\"js-tuloLogout is-hidden\">Logout</a>";
+        } else {
+            $output .= "<a href=\"".$this->common->get_authentication_url()."\">Login</a>";
+        }
+        return $output;
+    }
+
     public function shortcode_loggedin_user_id() {
         return $this->session->get_user_id();
     }

diff --git a/public/css/tulo-public.css b/public/css/tulo-public.css
@@ -1,8 +1,6 @@
 .tulo_no_access .paygate
 {
-    background-color: #c2d7e8;
     overflow:auto;
-    padding: 0 40px 40px 40px;
 }
 
 .tulo_no_access .paygate .info-box {
@@ -26,7 +24,6 @@
     min-width: 30%;
     margin: 16px auto;
     color: #FFF !important;
-    box-shadow: 0 0 12px #444;
     border:0;
 }
 .is-hidden {