<?php
class Controller_Api_V0_Auth extends Controller_Handler_Api
{
/**
* @api {get} api/v0/auth/userinfo?token=:token&login=:login&password=:password Check authorisation and get user info
* @apiName Get user info
* @apiGroup Auth
* @apiVersion 0.1.1
* @apiParam {String} token Api key
* @apiParam {String} login User's login
* @apiParam {String} password User's password
*
* @apiSuccess (200) {String} LastName
* @apiSuccess (200) {String} FirstName
* @apiSuccess (200) {String} SecondName
* @apiSuccess (200) {Boolean} IsEnabled
* @apiSuccess (200) {String="teacher", "student"} Type
* @apiSuccess (200) {String} TeacherID If user is a teacher
* @apiSuccess (200) {String} StudentID If user is a student
* @apiSuccess (200) {String} Grade If user is a student
* @apiSuccess (200) {String} GradeID If user is a student
* @apiSuccess (200) {String} Group If user is a student
* @apiSuccess (200) {String} GroupID If user is a student
*/
public function action_get_userinfo() {
if ( !$this->user->isAdmin() ) // ToDo: we should use apikey mask for checking rights
$this->fail();
$login = $this->request->query('login');
$password = $this->request->query('password');
$id = (int) Model_Account::checkAuth($login, $password);
if ($id < 0)
$this->notFoundError('Login or password are incorrect.');
$info = (object)Model_Account::with($id);
$res = (object)['LastName' => $info->LastName,
'FirstName' => $info->FirstName,
'SecondName' => $info->SecondName,
'IsEnabled' => $info->IsEnabled,
'Type' => $info->Type];
switch($info->Type )
{
case 'teacher':
$res->TeacherID = $info->TeacherID;
break;
case 'student':
$res->StudentID = $info->StudentID;
$student = Model_Student::load($info->StudentID);
$res->Grade = $student->GradeNum;
$res->GradeID = $student->GradeID;
$res->Group = $student->GroupNum;
$res->GroupID = $student->GroupID;
break;
}
return $res;
}
}