adding functionalitiy to send login messages via telegram and password reset links via telegram/email

2024-12-27 20:36:44 +01:00
parent 9e16e6b29a
commit 8be17ce8df
12 changed files with 616 additions and 18 deletions
--- a/app-code/api/account/get_user_data.php
+++ b/app-code/api/account/get_user_data.php
@@ -15,16 +15,18 @@ include "../../config/config.php";
 $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);

 $username=$_SESSION["username"];
-$sql="SELECT id, email, telegram_id, auth_method_enabled_2fa FROM users WHERE username = ?";
+$sql="SELECT id, email, telegram_id, auth_method_enabled_2fa, user_token, login_message FROM users WHERE username = ?";
 $id=0;
 $email="";
 $telegram_id="";
 $twofa_enabled="";
+$user_token="";
+$login_message=0;
 $stmt = mysqli_prepare($conn, $sql);
 mysqli_stmt_bind_param($stmt, 's', $username);
 mysqli_stmt_execute($stmt);
 mysqli_stmt_store_result($stmt);
-mysqli_stmt_bind_result($stmt, $id,$email,$telegram_id,$twofa_enabled);
+mysqli_stmt_bind_result($stmt, $id,$email,$telegram_id,$twofa_enabled,$user_token,$login_message);
 mysqli_stmt_fetch($stmt);

 $_SESSION["id"]=$id;
@@ -33,7 +35,10 @@ $user_data = [
    "name" => $username,
    "email" => $email,
    "telegram_id" => $telegram_id,
-    "twofa_enabled" => $twofa_enabled
+    "twofa_enabled" => $twofa_enabled,
+    "user_token"=>$user_token,
+    "last_login"=>$_SESSION["last_login"],
+    "login_message"=>$login_message
 ];

 // Send JSON response
--- a/app-code/api/account/update_message.php
+++ b/app-code/api/account/update_message.php
@@ -0,0 +1,67 @@
+<?php
+session_start();
+header('Content-Type: application/json');
+
+// Check if the user is logged in
+if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true) {
+    echo json_encode([
+        'success' => false,
+        'message' => 'Not logged in'
+    ]);
+    exit();
+}
+
+// Include database configuration
+include "../../config/config.php";
+
+// Create a new database connection
+$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
+
+// Check for database connection errors
+if ($conn->connect_error) {
+    echo json_encode([
+        'success' => false,
+        'message' => 'Database connection failed: ' . $conn->connect_error
+    ]);
+    exit();
+}
+
+// Get the logged-in user's ID and username from the session
+$id = $_SESSION["id"];
+$username = $_SESSION["username"];
+
+// Get the raw POST data (JSON)
+$data = json_decode(file_get_contents("php://input"));
+if($data->enable_message==true){
+	$sql="UPDATE users SET login_message=1 WHERE id = ?";
+	if ($update_stmt = $conn->prepare($sql)) {
+            $update_stmt->bind_param("i", $id);
+            if ($update_stmt->execute()) {
+                echo json_encode(['success' => true, 'message' => 'Login messages enabled.']);
+            } else {
+                echo json_encode(['success' => false, 'message' => 'Failed to enable login messages.']);
+            }
+            $update_stmt->close();
+        } else {
+            echo json_encode(['success' => false, 'message' => 'Database error.']);
+        }
+}
+
+if($data->enable_message==false){
+	//create 2fa secret key
+	$sql="UPDATE users SET login_message=0 WHERE id = ?";
+	if ($update_stmt = $conn->prepare($sql)) {
+            $update_stmt->bind_param("i",$id);
+            if ($update_stmt->execute()) {
+                echo json_encode(['success' => true, 'message' => 'Login messages disabled.']);
+            } else {
+                echo json_encode(['success' => false, 'message' => 'Failed to disable login messages.']);
+            }
+            $update_stmt->close();
+        } else {
+            echo json_encode(['success' => false, 'message' => 'Database error.']);
+        }
+}
+
+?>
+