admin 1
This commit is contained in:
Hamza-Ayed
80
Admin/Staff/add.php
Normal file
80
Admin/Staff/add.php
Normal file
@@ -0,0 +1,80 @@
|
||||
<?php
|
||||
/**
|
||||
* Admin/Staff/add.php
|
||||
* إضافة موظف جديد (أدمن أو خدمة عملاء) مع تشفير البيانات وحفظ بصمة الجهاز
|
||||
*/
|
||||
require_once __DIR__ . '/../../core/bootstrap.php';
|
||||
|
||||
$con = Database::get('main');
|
||||
|
||||
// التحقق من الصلاحيات: فقط المشرفين يمكنهم الإضافة
|
||||
// إذا لم يكن هناك أي مدير في النظام، نسمح بالإضافة الأولى لإعداد النظام
|
||||
$adminCount = $con->query("SELECT COUNT(*) FROM adminUser")->fetchColumn();
|
||||
if ($adminCount > 0) {
|
||||
// تفعيل المصادقة هنا لاحقاً لضمان الأمان
|
||||
// $auth = JwtService::authenticate($redis);
|
||||
// if ($auth['role'] !== 'super_admin' && $auth['role'] !== 'admin') {
|
||||
// jsonError("Unauthorized. Only Admins can add staff.");
|
||||
// exit;
|
||||
// }
|
||||
}
|
||||
|
||||
$name = filterRequest("name");
|
||||
$phone = filterRequest("phone");
|
||||
$email = filterRequest("email");
|
||||
$password = filterRequest("password");
|
||||
$role = filterRequest("role"); // 'admin' or 'service'
|
||||
$fingerprint = filterRequest("fingerprint");
|
||||
$gender = filterRequest("gender") ?? 'Male';
|
||||
$birthdate = filterRequest("birthdate");
|
||||
|
||||
if (empty($name) || empty($password) || empty($role) || empty($fingerprint)) {
|
||||
jsonError("Missing required fields (name, password, role, fingerprint).");
|
||||
exit;
|
||||
}
|
||||
|
||||
try {
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
// تشفير البيانات الحساسة باستخدام الهيلبر العام من bootstrap
|
||||
$encName = $encryptionHelper->encryptData($name);
|
||||
$encPhone = $encryptionHelper->encryptData($phone);
|
||||
$encEmail = $encryptionHelper->encryptData($email);
|
||||
|
||||
if ($role === 'admin') {
|
||||
// الإضافة لجدول المديرين
|
||||
$sql = "INSERT INTO adminUser (id, fingerprint, name, password, role, created_at)
|
||||
VALUES (UUID(), :fp, :name, :pass, :role, NOW())";
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([
|
||||
':fp' => $fingerprint,
|
||||
':name' => $encName,
|
||||
':pass' => $hashedPassword,
|
||||
':role' => $role
|
||||
]);
|
||||
} else {
|
||||
// الإضافة لجدول المستخدمين (خدمة العملاء)
|
||||
$sql = "INSERT INTO users (id, fingerprint, phone, email, gender, password, birthdate, user_type, first_name, created_at)
|
||||
VALUES (UUID(), :fp, :phone, :email, :gender, :pass, :bdate, 'service', :fname, NOW())";
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([
|
||||
':fp' => $fingerprint,
|
||||
':phone' => $encPhone,
|
||||
':email' => $encEmail,
|
||||
':gender' => $gender,
|
||||
':pass' => $hashedPassword,
|
||||
':bdate' => $birthdate,
|
||||
':fname' => $encName
|
||||
]);
|
||||
}
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
jsonSuccess("Staff member added successfully.");
|
||||
} else {
|
||||
jsonError("Failed to add staff member.");
|
||||
}
|
||||
|
||||
} catch (Exception $e) {
|
||||
error_log("[Staff Add Error] " . $e->getMessage());
|
||||
jsonError("Server error: " . $e->getMessage());
|
||||
}
|
||||
53
Admin/Staff/setup.php
Normal file
53
Admin/Staff/setup.php
Normal file
@@ -0,0 +1,53 @@
|
||||
<?php
|
||||
/**
|
||||
* Admin/Staff/setup.php
|
||||
* سكربت إعداد المسؤول الأول (Super Admin)
|
||||
* يستخدم لمرة واحدة فقط عندما تكون الجداول فارغة
|
||||
*/
|
||||
require_once __DIR__ . '/../../core/bootstrap.php';
|
||||
$con = Database::get('main');
|
||||
|
||||
// التحقق من أن الجدول فارغ لضمان الأمان
|
||||
$count = $con->query("SELECT COUNT(*) FROM adminUser")->fetchColumn();
|
||||
if ($count > 0) {
|
||||
die("Access Denied: Admin already initialized.");
|
||||
}
|
||||
|
||||
$password = "123456"; // كلمة المرور المؤقتة
|
||||
$hashedPass = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
// قائمة بالمسؤولين الأوائل (بصمات أجهزتك)
|
||||
$admins = [
|
||||
[
|
||||
'name' => 'Hamza (iPhone)',
|
||||
'fp' => 'D386663E-51E1-4322-B1E2-F469C7E58063_iPhone', // مثال بناءً على وصفك (deviceId_model)
|
||||
'role' => 'admin'
|
||||
],
|
||||
[
|
||||
'name' => 'Hamza (MacBook)',
|
||||
'fp' => '00008030-001C1D8C3A82802E_MacBook Pro', // مثال للماك بوك
|
||||
'role' => 'admin'
|
||||
]
|
||||
];
|
||||
|
||||
try {
|
||||
foreach ($admins as $admin) {
|
||||
$encName = $encryptionHelper->encryptData($admin['name']);
|
||||
$sql = "INSERT INTO adminUser (id, fingerprint, name, password, role, created_at)
|
||||
VALUES (UUID(), :fp, :name, :pass, :role, NOW())";
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([
|
||||
':fp' => $admin['fp'],
|
||||
':name' => $encName,
|
||||
':pass' => $hashedPass,
|
||||
':role' => $admin['role']
|
||||
]);
|
||||
}
|
||||
|
||||
echo "<h1>Initialization Successful</h1>";
|
||||
echo "<p>Admins created successfully with password: <b>$password</b></p>";
|
||||
echo "<p>Please delete this file (setup.php) immediately for security.</p>";
|
||||
|
||||
} catch (Exception $e) {
|
||||
echo "Error: " . $e->getMessage();
|
||||
}
|
||||
@@ -1,25 +1,46 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../../connect.php';
|
||||
require_once __DIR__ . '/../../core/bootstrap.php';
|
||||
|
||||
$deviceNumber = filterRequest("deviceNumber"); // Assuming you'll get deviceNumber as input
|
||||
$deviceNumber = filterRequest("deviceNumber");
|
||||
$name = filterRequest("name");
|
||||
$password = filterRequest("password");
|
||||
$role = filterRequest("role") ?? 'admin';
|
||||
|
||||
$sql = "INSERT INTO `adminUser`(`id`, `device_number`, `name`) VALUES (
|
||||
UUID(),
|
||||
:deviceNumber,
|
||||
:name
|
||||
)";
|
||||
if (empty($name) || empty($password)) {
|
||||
jsonError("Name and password are required.");
|
||||
exit;
|
||||
}
|
||||
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->bindParam(':deviceNumber', $deviceNumber);
|
||||
$stmt->bindParam(':name', $name);
|
||||
$stmt->execute();
|
||||
try {
|
||||
$con = Database::get('main');
|
||||
|
||||
// Hash the password for security
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
// Print a success message
|
||||
jsonSuccess($message = "Admin user data saved successfully");
|
||||
} else {
|
||||
// Print a failure message
|
||||
jsonError($message = "Failed to save admin user data");
|
||||
$sql = "INSERT INTO `adminUser`(`id`, `device_number`, `name`, `password`, `role`) VALUES (
|
||||
UUID(),
|
||||
:deviceNumber,
|
||||
:name,
|
||||
:password,
|
||||
:role
|
||||
)";
|
||||
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([
|
||||
':deviceNumber' => $deviceNumber,
|
||||
':name' => $name,
|
||||
':password' => $hashedPassword,
|
||||
':role' => $role
|
||||
]);
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
jsonSuccess("Admin user data saved successfully");
|
||||
} else {
|
||||
jsonError("Failed to save admin user data");
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
error_log("[Admin Add Error] " . $e->getMessage());
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
@@ -1,26 +1,54 @@
|
||||
<?php
|
||||
//login.php
|
||||
require_once __DIR__ . '/../../connect.php';
|
||||
/**
|
||||
* Admin/auth/login.php
|
||||
* تسجيل دخول المشرفين باستخدام البصمة وكلمة المرور المشفرة
|
||||
*/
|
||||
require_once __DIR__ . '/../../core/bootstrap.php';
|
||||
|
||||
$device = filterRequest("device_number");
|
||||
$phone = filterRequest("phone_number");
|
||||
$fingerprint = filterRequest('fingerprint');
|
||||
$password = filterRequest('password');
|
||||
$audience = filterRequest('aud') ?? 'admin';
|
||||
|
||||
if (empty($device) || empty($phone)) {
|
||||
jsonError("device_number أو phone_number مفقود");
|
||||
if (empty($fingerprint) || empty($password)) {
|
||||
jsonError("Fingerprint and password are required.");
|
||||
exit;
|
||||
}
|
||||
|
||||
$stmt = $con->prepare("SELECT * FROM adminUser WHERE device_number = ? AND name = ?");
|
||||
$stmt->execute([$device, $phone]);
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
try {
|
||||
$con = Database::get('main');
|
||||
|
||||
// البحث عن المشرف باستخدام بصمة الجهاز (Fingerprint)
|
||||
$stmt = $con->prepare("SELECT * FROM adminUser WHERE fingerprint = :fp LIMIT 1");
|
||||
$stmt->execute([':fp' => $fingerprint]);
|
||||
$admin = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
// يمكن لاحقًا توليد توكن أو بيانات أخرى
|
||||
printSuccess([
|
||||
"message" => "تم التحقق بنجاح",
|
||||
"admin" => $admin,
|
||||
]);
|
||||
} else {
|
||||
jsonError("بيانات الدخول غير صحيحة أو غير مسجلة.");
|
||||
if ($admin) {
|
||||
// التحقق من كلمة المرور الهاش
|
||||
if (password_verify($password, $admin['password'])) {
|
||||
|
||||
// فك تشفير الاسم للعرض في التطبيق
|
||||
$admin['name'] = $encryptionHelper->decryptData($admin['name']) ?: $admin['name'];
|
||||
unset($admin['password']);
|
||||
|
||||
$jwtService = new JwtService($redis);
|
||||
$role = $admin['role'] ?? 'admin';
|
||||
|
||||
// توليد توكن الدخول
|
||||
$jwt = $jwtService->generateAccessToken($admin['id'], $role, $audience);
|
||||
|
||||
printSuccess([
|
||||
"message" => "Login successful",
|
||||
"admin" => $admin,
|
||||
"jwt" => $jwt,
|
||||
"expires_in" => 3600
|
||||
]);
|
||||
} else {
|
||||
jsonError("كلمة المرور غير صحيحة.");
|
||||
}
|
||||
} else {
|
||||
jsonError("الجهاز غير مسجل كمشرف.");
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
error_log("[Admin Login Error] " . $e->getMessage());
|
||||
jsonError("خطأ في السيرفر: " . $e->getMessage());
|
||||
}
|
||||
@@ -8,6 +8,12 @@
|
||||
},
|
||||
{
|
||||
"path": "../../../development/App/intaleq_driver"
|
||||
},
|
||||
{
|
||||
"path": "../../../development/App/intaleq_admin"
|
||||
},
|
||||
{
|
||||
"path": "../../../development/App/service_intaleq"
|
||||
}
|
||||
],
|
||||
"settings": {}
|
||||
|
||||
@@ -1,57 +1,56 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../connect.php';
|
||||
require_once __DIR__ . '/../core/bootstrap.php';
|
||||
|
||||
// Get email and password from the request
|
||||
$email = filterRequest('email');
|
||||
$fingerprint = filterRequest('fingerprint');
|
||||
$password = filterRequest('password');
|
||||
$audience = filterRequest('aud') ?? 'service';
|
||||
|
||||
// Check if email and password are provided
|
||||
if (empty($email) || empty($password)) {
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "Email and password are required."
|
||||
]);
|
||||
if (empty($fingerprint) || empty($password)) {
|
||||
jsonError("Fingerprint and password are required.");
|
||||
exit();
|
||||
}
|
||||
|
||||
// SQL to check for user with provided email
|
||||
$sql = "SELECT * FROM `users` WHERE `email` = :email";
|
||||
try {
|
||||
$con = Database::get('main');
|
||||
|
||||
// البحث بالبصمة للموظف
|
||||
$sql = "SELECT * FROM `users` WHERE `fingerprint` = :fp AND `user_type` = 'service' LIMIT 1";
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([':fp' => $fingerprint]);
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->bindParam(':email', $email);
|
||||
$stmt->execute();
|
||||
if ($user) {
|
||||
// التحقق من كلمة المرور
|
||||
if (password_verify($password, $user['password'])) {
|
||||
|
||||
// فك تشفير البيانات للعرض في التطبيق
|
||||
$user['first_name'] = $encryptionHelper->decryptData($user['first_name']) ?: $user['first_name'];
|
||||
$user['last_name'] = $encryptionHelper->decryptData($user['last_name']) ?: $user['last_name'];
|
||||
$user['email'] = $encryptionHelper->decryptData($user['email']) ?: $user['email'];
|
||||
$user['phone'] = $encryptionHelper->decryptData($user['phone']) ?: $user['phone'];
|
||||
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
unset($user['password']);
|
||||
|
||||
header('Content-Type: application/json'); // Ensure the response is JSON
|
||||
// توليد التوكن
|
||||
$jwtService = new JwtService($redis);
|
||||
$role = 'service';
|
||||
$jwt = $jwtService->generateAccessToken($user['id'], $role, $audience);
|
||||
|
||||
if ($user) {
|
||||
// Verify the password
|
||||
if ($password=== $user['password']) {
|
||||
// Password is correct
|
||||
unset($user['password']); // Remove password from the response
|
||||
echo json_encode([
|
||||
"status" => "success",
|
||||
"message" => "Login successful",
|
||||
"data" => $user
|
||||
]);
|
||||
printSuccess([
|
||||
"message" => "Login successful",
|
||||
"data" => $user,
|
||||
"jwt" => $jwt,
|
||||
"expires_in" => 3600
|
||||
]);
|
||||
} else {
|
||||
jsonError("Incorrect password");
|
||||
}
|
||||
} else {
|
||||
// Password is incorrect
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "Incorrect password",
|
||||
"password"=>$password,
|
||||
"password1"=>$user['password'],
|
||||
]);
|
||||
jsonError("الجهاز غير مسجل لموظف خدمة.");
|
||||
}
|
||||
} else {
|
||||
// User not found
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "User not found"
|
||||
]);
|
||||
} catch (Exception $e) {
|
||||
error_log("[ServiceApp Login Error] " . $e->getMessage());
|
||||
jsonError("Server error: " . $e->getMessage());
|
||||
}
|
||||
|
||||
$stmt = null; // Close the statement
|
||||
$con = null; // Close the connection
|
||||
exit(); // Ensure no further output
|
||||
exit();
|
||||
Reference in New Issue
Block a user