クラス
LoginWithAmazon
ソース ソース
ファイル: src/API/LoginWithAmazon.php
class LoginWithAmazon
{
/**
* AmazonPay module instance
*
* @var AmazonPay
*/
public $module;
/**
* Consume injected AmazonPay module instance
*
* @author Evan D Shaw <evandanielshaw@gmail.com>
* @param AmazonPay $module
*/
public function __construct(AmazonPay $module) {
$this->module = $module;
}
/**
* Refresh login page on error. Redirect to member page on success
*
* @author Evan D Shaw <evandanielshaw@gmail.com>
* @global \usc_e_shop $usces
* @return void
*/
public function memberPageLogin() {
global $usces;
$usces->error_message = $this->loginWithAmazonSignIn();
if (empty($usces->error_message)) {
$usces->page = 'member';
/**
* Mirrored Welcart action hook
*
* @ignore
*/
do_action('usces_action_member_logined');
add_filter('yoast-ga-push-after-pageview', 'usces_trackPageview_member');
} else {
$usces->page = 'login';
add_filter('yoast-ga-push-after-pageview', 'usces_trackPageview_login');
}
add_action('the_post', [$usces, 'action_memberFilter']);
add_action('template_redirect', [$usces, 'template_redirect']);
}
/**
* Attempts to execute a login to Welcart by obtaining the users email address
* after a successful login to their Amazon account.
*
* This method will return an error if the user has the Amazon login feature turned off on マイページ
*
* @author Evan D Shaw <evandanielshaw@gmail.com>
* @return string|void
* @throws InvalidArgumentException Thrown by `GetBuyer` API.
*/
public function loginWithAmazonSignIn() {
global $wpdb;
$token = isset($_GET['buyerToken']) ? $_GET['buyerToken'] : '';
if (empty($token)) {
return __('Oops! An unknown error occured.', 'wcexaap');
}
$result = (new GetBuyer($this->module))->get($token);
if ($result instanceof GenericError) {
return $result->message;
}
if (empty($result)) {
return __('Oops! An unknown error occured.', 'wcexaap');
}
$buyerInfo = json_decode($result['response'], true);
$email = $buyerInfo['email'];
$member_table = $wpdb->prefix . 'usces_member';
$query = $wpdb->prepare("SELECT ID FROM $member_table WHERE mem_email = %s", $email);
$id = $wpdb->get_var($query);
if (!$id) {
return __('<b>Error:</b> E-mail address is not correct.', 'usces');
}
$mmeta = new MemberMeta((int)$id);
if ($mmeta->getAllowAmazonToWelcartLogin() === false) {
return __('Cannot login to this account with Amazon.', 'wcexaap');
}
$this->executeLogin($email);
/**
* Mirrored Welcart action hook
*
* @ignore
*/
do_action('usces_action_after_login');
}
/**
* Login to Welcart with Amazon account email.
*
* This is only possible if the user has previously registered with their Amazon account.
* Forcing a login without first checking whether the account was registered via an Amazon
* account is a security risk. Forcing a login with only an email match could allow someone
* to create an Amazon account with the email of the person whose Welcart account they
* want to highjack and then login with Amazon on a Welcart site to gain access to said
* persons info.
*
* @author Evan D Shaw <evandanielshaw@gmail.com>
* @global \wpdb $wpdb
* @return string|array
*/
public function loginWithAmazonCheckoutSession() {
return function () {
global $wpdb;
if (usces_is_login()) {
return;
}
if (empty($_REQUEST['amazonCheckoutSessionId'])) {
return;
}
$sessionId = $_REQUEST['amazonCheckoutSessionId'];
$result = (new CheckoutSession\Get($this->module))->get($sessionId);
if ($result instanceof GenericError) {
return;
}
$response = json_decode($result['response'], true);
$email = $response['buyer']['email'];
$member_table = $wpdb->prefix . 'usces_member';
$query = $wpdb->prepare("SELECT ID FROM $member_table WHERE mem_email = %s", $email);
$id = $wpdb->get_var($query);
if (empty($id)) {
return;
}
$amzmeta = new MemberMeta($id);
if (!$amzmeta->getAllowAmazonToWelcartLogin()) {
return;
}
$this->executeLogin($email);
/**
* Mirrored Welcart action hook
*
* @ignore
*/
do_action('usces_action_after_login');
};
}
/**
* Populates `$_SESSION['usces_member']` with login data
*
* @author Evan D Shaw <evandanielshaw@gmail.com>
* @global \usc_e_shop $usces
* @global \wpdb $wpdb
* @param string $email
* @return void
*/
public function executeLogin($email) {
global $usces, $wpdb;
$member_table = $wpdb->prefix . 'usces_member';
$query = $wpdb->prepare("SELECT * FROM $member_table WHERE mem_email = %s", $email);
$member = $wpdb->get_row($query, ARRAY_A);
$_SESSION['usces_member']['ID'] = $member['ID'];
$_SESSION['usces_member']['mailaddress1'] = $member['mem_email'];
$_SESSION['usces_member']['mailaddress2'] = $member['mem_email'];
$_SESSION['usces_member']['point'] = $member['mem_point'];
$_SESSION['usces_member']['name1'] = $member['mem_name1'];
$_SESSION['usces_member']['name2'] = $member['mem_name2'];
$_SESSION['usces_member']['name3'] = $member['mem_name3'];
$_SESSION['usces_member']['name4'] = $member['mem_name4'];
$_SESSION['usces_member']['zipcode'] = $member['mem_zip'];
$_SESSION['usces_member']['pref'] = $member['mem_pref'];
$_SESSION['usces_member']['address1'] = $member['mem_address1'];
$_SESSION['usces_member']['address2'] = $member['mem_address2'];
$_SESSION['usces_member']['address3'] = $member['mem_address3'];
$_SESSION['usces_member']['tel'] = $member['mem_tel'];
$_SESSION['usces_member']['fax'] = $member['mem_fax'];
$_SESSION['usces_member']['delivery_flag'] = $member['mem_delivery_flag'];
$_SESSION['usces_member']['delivery'] = !empty($member['mem_delivery']) ? unserialize($member['mem_delivery']) : '';
$_SESSION['usces_member']['registered'] = $member['mem_registered'];
$_SESSION['usces_member']['nicename'] = $member['mem_nicename'];
$_SESSION['usces_member']['country'] = $usces->get_member_meta_value('customer_country', $member['ID']);
$_SESSION['usces_member']['status'] = $member['mem_status'];
$usces->set_session_custom_member($member['ID']);
$usces->get_current_member();
}
}
- __construct — Consume injected AmazonPay module instance
- executeLogin — Populates `$_SESSION['usces_member']` with login data
- loginWithAmazonCheckoutSession — Login to Welcart with Amazon account email.
- loginWithAmazonSignIn — Attempts to execute a login to Welcart by obtaining the users email address after a successful login to their Amazon account.
- memberPageLogin — Refresh login page on error. Redirect to member page on success