cls-pnb/google_callback.php at Singh · imanpr33trai/cls-pnb · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php


require_once __DIR__ . '/vendor/autoload.php';


use Google\Client;
use Google\Service\Oauth2;

if (session_status() === PHP_SESSION_NONE) {
}


try {
    require_once __DIR__ . '/config/config.php';


    $google_client = new Client();
    $google_client->setClientId(GOOGLE_CLIENT_ID);
    $google_client->setClientSecret(GOOGLE_CLIENT_SECRET);
    $google_client->setRedirectUri(GOOGLE_REDIRECT_URL);
    $google_client->addScope('email');
    $google_client->addScope('profile');

    if (!isset($_GET['code'])) {
        throw new Exception("Authorization 'code' not found.");
    }

    $token = $google_client->fetchAccessTokenWithAuthCode($_GET['code']);
    if (isset($token['error'])) {
        throw new Exception("Token Error: " . ($token['error_description'] ?? 'Unknown'));
    }

    $google_client->setAccessToken($token['access_token']);


    $google_service = new Oauth2($google_client);
    $data = $google_service->userinfo->get();


    $google_id = $data->getId();
    $user_email = $data->getEmail();
    $user_first_name = $data->getGivenName();
    $user_last_name = $data->getFamilyName();

    $google_id = $data->getId();
    $user_email = $data->getEmail();
    $user_first_name = $data->getGivenName() ?? 'User';
    $user_last_name = $data->getFamilyName() ?? '';

    $user = null;


    $stmt = $conn->prepare("SELECT * FROM users WHERE google_id = ?");
    $stmt->bind_param("s", $google_id);
    $stmt->execute();
    $result = $stmt->get_result();

    if ($result->num_rows > 0) {

        $user = $result->fetch_assoc();
    } else {

        $stmt_email = $conn->prepare("SELECT * FROM users WHERE email = ?");
        $stmt_email->bind_param("s", $user_email);
        $stmt_email->execute();
        $result_email = $stmt_email->get_result();

        if ($result_email->num_rows > 0) {

            $user = $result_email->fetch_assoc();
            $update_stmt = $conn->prepare("UPDATE users SET google_id = ?, auth_provider = 'google' WHERE email = ?");
            $update_stmt->bind_param("ss", $google_id, $user_email);
            $update_stmt->execute();
        } else {

            $insert_stmt = $conn->prepare(
                "INSERT INTO users (first_name, last_name, email, auth_provider, google_id)
                 VALUES (?, ?, ?, 'google', ?)"
            );
            $insert_stmt->bind_param("ssss", $user_first_name, $user_last_name, $user_email, $google_id);
            $insert_stmt->execute();


            $new_user_id = $conn->insert_id;
            $user_stmt = $conn->prepare("SELECT * FROM users WHERE id = ?");
            $user_stmt->bind_param("i", $new_user_id);
            $user_stmt->execute();
            $user = $user_stmt->get_result()->fetch_assoc();
        }
    }


    $stmt = $conn->prepare("SELECT * FROM users WHERE google_id = ? OR email = ?");
    $stmt->bind_param("ss", $google_id, $user_email);
    $stmt->execute();
    $user = $stmt->get_result()->fetch_assoc();


    session_regenerate_id(true);
    $_SESSION['user_id'] = $user['id'];
    $_SESSION['user_name'] = $user['first_name'] . ' ' . $user['last_name'];
    $_SESSION['user_email'] = $user['email'];

    session_write_close();
    header('Location: ' . $base_url);
    exit();
} catch (Exception $e) {
    session_write_close();
    header('Location: login.php?error=google_auth_failed');
    exit();
}