/**
* Logs the user out
*
* @param \thebuggenie\core\framework\Request $request
*
* @return bool
*/
public function runLogout(framework\Request $request)
{
if ($this->getUser() instanceof entities\User) {
framework\Logging::log('Setting user logout state');
$this->getUser()->setOffline();
}
framework\Context::logout();
if ($request->isAjaxCall()) {
return $this->renderJSON(array('status' => 'logout ok', 'url' => framework\Context::getRouting()->generate(framework\Settings::getLogoutReturnRoute())));
}
$this->forward(framework\Context::getRouting()->generate(framework\Settings::getLogoutReturnRoute()));
}
/**
* Returns the logged in user, or default user if not logged in
*
* @param \thebuggenie\core\framework\Request $request
* @param \thebuggenie\core\framework\Action $action
*
* @return \thebuggenie\core\entities\User
*/
public static function loginCheck(framework\Request $request, framework\Action $action)
{
try {
$authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction());
$user = null;
$external = false;
switch ($authentication_method) {
case framework\Action::AUTHENTICATION_METHOD_ELEVATED:
case framework\Action::AUTHENTICATION_METHOD_CORE:
$username = $request['tbg3_username'];
$password = $request['tbg3_password'];
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = $request['tbg3_elevated_password'];
}
$raw = true;
// If no username and password specified, check if we have a session that exists already
if ($username === null && $password === null) {
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$username = framework\Context::getRequest()->getCookie('tbg3_username');
$password = framework\Context::getRequest()->getCookie('tbg3_password');
$user = self::getB2DBTable()->getByUsername($username);
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password');
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
} else {
if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) {
framework\Context::setUser($user);
framework\Context::getRouting()->setCurrentRouteName('elevated_login_page');
throw new framework\exceptions\ElevatedLoginException('reenter');
}
}
} else {
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
}
}
if (!$user instanceof User) {
framework\Context::logout();
throw new \Exception('No such login');
}
}
}
// If we have authentication details, validate them
if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
$external = true;
framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$user = $mod->verifyLogin($username, $password);
} else {
$user = $mod->doLogin($username, $password);
}
if (!$user instanceof User) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
}
} catch (\Exception $e) {
throw $e;
}
} elseif (framework\Settings::isUsingExternalAuthenticationBackend()) {
$external = true;
framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
$user = $mod->doAutoLogin();
if ($user == false) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
} else {
if ($user == true) {
$user = null;
}
}
} catch (\Exception $e) {
throw $e;
}
} elseif ($username !== null && $password !== null && !$user instanceof User) {
$external = false;
framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO);
$user = self::getB2DBTable()->getByUsername($username);
if ($user instanceof User && !$user->hasPassword($password)) {
$user = null;
}
if (!$user instanceof User) {
framework\Context::logout();
}
}
break;
case framework\Action::AUTHENTICATION_METHOD_DUMMY:
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
break;
case framework\Action::AUTHENTICATION_METHOD_CLI:
$user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername());
break;
case framework\Action::AUTHENTICATION_METHOD_RSS_KEY:
$user = self::getB2DBTable()->getByRssKey($request['rsskey']);
break;
case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
$user = self::getB2DBTable()->getByUsername($request['api_username']);
if (!$user->authenticateApplicationPassword($request['api_token'])) {
$user = null;
}
break;
}
if ($user === null && !framework\Settings::isLoginRequired()) {
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
}
if ($user instanceof User) {
if (!$user->isActivated()) {
throw new \Exception('This account has not been activated yet');
} elseif (!$user->isEnabled()) {
throw new \Exception('This account has been suspended');
} elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) {
if (!framework\Settings::isRegistrationAllowed()) {
throw new \Exception('This account does not have access to this scope');
}
}
if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) {
$password = $user->getHashPassword();
if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) {
if ($request->getParameter('tbg3_rememberme')) {
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
} else {
framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
}
}
}
} elseif (framework\Settings::isLoginRequired()) {
throw new \Exception('Login required');
} else {
throw new \Exception('No such login');
}
} catch (\Exception $e) {
throw $e;
}
return $user;
}
<?php
$tbg_response->setTitle(__('Configure authentication'));
?>
<center>
<h1><?php
echo __('Settings saved');
?>
</h1>
<?php
echo __('To apply changes to the authentication system, you have been automatically logged out. The new authentication system is now in use.');
?>
<p><?php
echo link_tag(make_url('home'), __('Continue'));
?>
</p>
</center>
<?php
\thebuggenie\core\framework\Context::logout();
