/**
* Log out a user by removing the related session variables.
*
* @param boolean $destroy completely destroy the session
* @return boolean
*/
public function logout($destroy = false)
{
// Delete the autologin cookie to prevent re-login
if (cookie::get($this->config['cookie_name'])) {
cookie::delete($this->config['cookie_name']);
}
// Logout 3rd party?
if (FB::enabled() && Visitor::instance()->get_provider()) {
$this->session->delete($this->config['session_key'] . '_provider');
try {
FB::instance()->expire_session();
} catch (Exception $e) {
}
}
// Destroy the session completely?
if ($destroy === true) {
$this->session->destroy();
} else {
// Remove the user from the session
$this->session->delete($this->config['session_key']);
// Regenerate session_id
$this->session->regenerate();
}
// Double check
return !$this->logged_in();
}
public function index()
{
if (Auth::check()) {
Session::regenerate();
$notesTable = Notes::select('notes')->where('email', Auth::user()->email)->first()->toArray();
$notes = $notesTable["notes"];
$tbdTable = TBD::select('tbd')->where('email', Auth::user()->email)->first()->toArray();
$tbd = $tbdTable["tbd"];
$linksTable = Links::select('links')->where('email', Auth::user()->email)->get()->toArray();
$linksArray = array();
foreach ($linksTable as $link) {
array_push($linksArray, $link["links"]);
}
$imagesTable = Image::select('image')->where('email', Auth::user()->email)->get()->toArray();
$imageArray = array();
foreach ($imagesTable as $image) {
array_push($imageArray, $image["image"]);
}
$profile = array("notes" => $notes, "tbd" => $tbd, "links" => $linksArray, "image" => $imageArray, "email" => Auth::user()->email);
return View::make('profile')->with('profile', $profile);
} else {
echo "NOT LOGGED IN!<br />";
return Redirect::to('/');
}
}
public function get()
{
$user_id = false;
if (Auth::check()) {
// Authenticating A User And "Remembering" Them
Session::regenerate();
$user_id = Auth::user()->id;
if (Auth::user()->accountType == 1) {
if (Session::has('admin_session')) {
Log::info("admin_session already created before - " . Session::get('admin_session'));
} else {
Session::put('admin_session', $user_id);
Log::info("admin_session created");
}
}
// Log::info("Session cre8 - " . Session::get('admin_session'));
}
// else if (Auth::viaRemember()) {
// // Determining If User Authed Via Remember
// $user_id = Auth::user()->id;
// }
if (!$user_id) {
$error_response = array('error' => array('message' => 'User not logged in.', 'type' => 'OAuthException', 'code' => 400));
Log::info("User not logged in");
return Response::json($error_response, 400)->setCallback(Input::get('callback'));
}
$user = User::find(Auth::user()->id);
return Response::json($user)->setCallback(Input::get('callback'));
}
/**
* POST /logout
*
* @return \RedirectResponse
*/
public function logout()
{
Auth::logout();
Session::regenerate();
Session::flash('message', 'logout-success');
return Redirect::route('login');
}
/**
* Exchange code received after requesting GitHub access for an access token
*
* Use the access token to access the API
*/
public function getAccessToken()
{
$code = Input::get('code');
$clientId = $this->config['client_id'];
$clientSecret = $this->config['client_secret'];
$response = $this->client->post('https://github.com/login/oauth/access_token', ['headers' => ['Accept' => 'application/json'], 'body' => ['client_id' => $clientId, 'client_secret' => $clientSecret, 'code' => $code]])->json();
Session::put('accessToken', $response['access_token']);
Session::regenerate();
}
public function getLogout()
{
$user = \Auth::user();
$this->siftScienceService->sendLogoutEvent($user);
Auth::logout();
Session::flush();
Session::regenerate();
$this->facebookService->logout();
return Redirect::route('home');
}
/**
* ログイン処理
*/
protected function loginProcess($user, $blog = null)
{
Session::regenerate();
Session::set('user_id', $user['id']);
Session::set('login_id', $user['login_id']);
Session::set('user_type', $user['type']);
if (!empty($blog)) {
Session::set('blog_id', $blog['id']);
Session::set('nickname', $blog['nickname']);
}
}
/**
* Complete the
* @param $user Model_User
*/
protected function _complete_login($user)
{
// Update login
$user->logins = new Database_Expression('logins + 1');
$user->last_login = time();
$user->update();
// Session
$this->_session->regenerate();
// Store
$this->_session->set($this->_config['session_key'], $user);
}
public function setUser($user)
{
// Userのセッションを削除
\Session::forget("User");
// ログインに成功したのでセッションIDを再生成
\Session::regenerate();
$object = app('stdClass');
$object->id = $user->id;
$object->username = $user->username;
$object->email = $user->email;
// ログインユーザーの情報を保存
\Session::push('User', $object);
\Session::save();
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index()
{
if (Auth::check()) {
//regenerate sessions after coming back so old session from before are replaced
Session::regenerate();
$note = Note::whereUser(Auth::user()->email)->first();
$images = Image::where('user', Auth::user()->email)->get();
$count = Image::where('user', Auth::user()->email)->get()->count();
$data = array('notes' => $note, 'user' => Auth::user()->email, 'images' => $images, 'count' => $count);
return View::make('sessions.home')->with($data);
} else {
return Redirect::route('sessions.create');
//form
}
}
public function action_post_reset_password()
{
$user = Config::get('user');
if (!$user->banned_at && $user->reset_password_to(Input::get('password'))) {
Session::regenerate();
Auth::login($user->id);
$user->track_signin();
// redirect to account page if this user is an officer who was invited
// to the site and needs to finish their officer profile.
if ($user->officer && !$user->officer->name) {
return Redirect::to('account');
}
return Redirect::to('/');
} else {
Session::flash('errors', array(__("r.flashes.reset_password_invalid")));
return Redirect::to_route('reset_password', array($user->reset_password_token));
}
}
public function action_create()
{
Session::regenerate();
$credentials = array('username' => Input::get('email'), 'password' => Input::get('password'), 'remember' => Input::has('remember') ? true : false);
if (Auth::attempt($credentials)) {
Auth::user()->track_signin();
if (Auth::user()->banned_at) {
Auth::logout();
return Redirect::to('/')->with('errors', array(__("r.flashes.account_banned")));
}
if (Input::has('modal') && Request::referrer() != route('signout')) {
return Redirect::back();
}
if (($url = Input::get('redirect_to')) && Input::get('redirect_to') != route('signout')) {
return Redirect::to($url);
}
return Redirect::to('/');
} else {
return Redirect::to_route('signin')->with('errors', array(__("r.flashes.login_fail")))->with('redirect_to', Request::referrer())->with_input();
}
}
function setApiUrl($doUrl, $params = null)
{
$apiUrl = Config('api.apiUrl');
$url = Config("api." . $doUrl);
if ($url) {
if (is_string($params)) {
$url .= $params;
} elseif (is_array($params)) {
foreach ($params as $k => $v) {
$find = "{" . $k . "}";
$url = str_replace($find, $v, $url);
}
}
return $apiUrl . $url;
}
//clear session
Session::flush();
//regenerate new session
Session::regenerate();
return redirect("/login")->with('error', "the url is forbidden");
}
public static function login()
{
// verify Csrf token
if (Csrf::verify(Input::post('token')) === false) {
Notifications::set('error', 'Invalid token');
return false;
}
// get posted data
$post = Input::post(array('user', 'pass', 'remember'));
$errors = array();
// remove white space
$post = array_map('trim', $post);
if (empty($post['user'])) {
$errors[] = Lang::line('users.missing_login_username', 'Please enter your username');
}
if (empty($post['pass'])) {
$errors[] = Lang::line('users.missing_login_password', 'Please enter your password');
}
if (empty($errors)) {
// find user
if ($user = Users::find(array('username' => $post['user']))) {
// check password
if (Hash::check($post['pass'], $user->password) === false) {
$errors[] = 'Incorrect details';
}
} else {
$errors[] = 'Incorrect details';
}
}
if (count($errors)) {
Notifications::set('error', $errors);
return false;
}
// if we made it this far that means we have a winner
Session::set('user', $user);
// avoid session fixation vulnerability
// https://www.owasp.org/index.php/Session_fixation
Session::regenerate();
return true;
}
public function action_create()
{
$user_input = Input::get('user');
$user = new User();
$user->email = $user_input["email"];
$user->password = $user_input["password"];
$user->how_hear = $user_input["how_hear"];
$user->send_emails = isset($user_input["send_emails"]) ? true : false;
$vendor = new Vendor(Input::get('vendor'));
if ($user->validator()->passes() && $vendor->validator()->passes()) {
$user->save();
$vendor->user_id = $user->id;
$vendor->save();
$services = Input::get('services') ? array_keys(Input::get('services')) : array();
$user->vendor->services()->sync($services);
Session::regenerate();
Auth::login($user->id);
Mailer::send("NewVendorRegistered", array("user" => $user));
return Redirect::to('/');
} else {
Session::flash('errors', array_merge($user->validator()->errors->all(), $vendor->validator()->errors->all()));
return Redirect::to_route('new_vendors')->with_input();
}
}
/**
* Completely wipe all authentication mechanisms (Session, Cookie)
*
* @return bool
*/
public function completeLogOut() : bool
{
if (!$this->airship_auth instanceof Authentication) {
$this->tightenSecurityBolt();
}
$_SESSION = [];
Cookie::setcookie('airship_token', null);
Session::regenerate(true);
return true;
}
if (isset($state->universal['session_config'])) {
$session_config = $state->universal['session_config'] + $session_config;
if (isset($session_config['cookie_domain'])) {
if ($session_config['cookie_domain'] === '*' || \trim($session_config['cookie_domain']) === '') {
unset($session_config['cookie_domain']);
}
}
}
if (\PHP_VERSION_ID >= 70100) {
// Forward compatibility.
unset($session_config['entropy_length']);
}
Session::start(Cookie::SAME_SITE_RESTRICTION_STRICT, $session_config);
}
if (empty($_SESSION['created_canary'])) {
// We haven't seen this session ID before
$_SESSION = [];
Session::regenerate(true);
// Create the canary
$_SESSION['created_canary'] = (new \DateTime())->format(\AIRSHIP_DATE_FORMAT);
} else {
$dt = (new \DateTime($_SESSION['created_canary']))->add(new \DateInterval('PT01H'));
$now = new \DateTime();
// Has an hour passed?
if ($dt < $now) {
// An hour has passed:
Session::regenerate(true);
// Recreate the canary
$_SESSION['created_canary'] = $now->format(\AIRSHIP_DATE_FORMAT);
}
}
public function session_end()
{
\Session::flush();
\Session::regenerate();
}
/**
* End the session for the current user.
*/
public static function logout()
{
Session::regenerate(true);
}
/**
* Handle user authentication
*
* @param array $post
*/
protected function processLogin(array $post = [])
{
$state = State::instance();
if (empty($post['username']) || empty($post['passphrase'])) {
$this->lens('login', ['post_response' => ['message' => \__('Please fill out the form entirely'), 'status' => 'error']]);
}
$airBrake = Gears::get('AirBrake');
if (IDE_HACKS) {
$airBrake = new AirBrake();
}
if ($airBrake->failFast($post['username'], $_SERVER['REMOTE_ADDR'])) {
$this->lens('login', ['post_response' => ['message' => \__('You are doing that too fast. Please wait a few seconds and try again.'), 'status' => 'error']]);
} elseif (!$airBrake->getFastExit()) {
$delay = $airBrake->getDelay($post['username'], $_SERVER['REMOTE_ADDR']);
if ($delay > 0) {
\usleep($delay * 1000);
}
}
try {
$userID = $this->airship_auth->login($post['username'], new HiddenString($post['passphrase']));
} catch (InvalidMessage $e) {
$this->log('InvalidMessage Exception on Login; probable cause: password column was corrupted', LogLevel::CRITICAL, ['exception' => \Airship\throwableToArray($e)]);
$this->lens('login', ['post_response' => ['message' => \__('Incorrect username or passphrase. Please try again.'), 'status' => 'error']]);
}
if (!empty($userID)) {
$userID = (int) $userID;
$user = $this->acct->getUserAccount($userID);
if ($user['enable_2factor']) {
if (empty($post['two_factor'])) {
$post['two_factor'] = '';
}
$gauth = $this->twoFactorPreamble($userID);
$checked = $gauth->validateCode($post['two_factor'], \time());
if (!$checked) {
$fails = $airBrake->getFailedLoginAttempts($post['username'], $_SERVER['REMOTE_ADDR']) + 1;
// Instead of the password, seal a timestamped and
// signed message saying the password was correct.
// We use a signature with a key local to this Airship
// so attackers can't just spam a string constant to
// make the person decrypting these strings freak out
// and assume the password was compromised.
//
// False positives are bad. This gives the sysadmin a
// surefire way to reliably verify that a log entry is
// due to two-factor authentication failing.
$message = '**Note: The password was correct; ' . ' invalid 2FA token was provided.** ' . (new \DateTime('now'))->format(\AIRSHIP_DATE_FORMAT);
$signed = Base64UrlSafe::encode(Asymmetric::sign($message, $state->keyring['notary.online_signing_key'], true));
$airBrake->registerLoginFailure($post['username'], $_SERVER['REMOTE_ADDR'], $fails, new HiddenString($signed . $message));
$this->lens('login', ['post_response' => ['message' => \__('Incorrect username or passphrase. Please try again.'), 'status' => 'error']]);
}
}
if ($user['session_canary']) {
$_SESSION['session_canary'] = $user['session_canary'];
} elseif ($this->config('password-reset.logout')) {
$_SESSION['session_canary'] = $this->acct->createSessionCanary($userID);
}
// Regenerate session ID:
Session::regenerate(true);
$_SESSION['userid'] = (int) $userID;
if (!empty($post['remember'])) {
$autoPilot = Gears::getName('AutoPilot');
if (IDE_HACKS) {
$autoPilot = new AutoPilot();
}
$httpsOnly = (bool) $autoPilot::isHTTPSConnection();
Cookie::setcookie('airship_token', Symmetric::encrypt($this->airship_auth->createAuthToken($userID), $state->keyring['cookie.encrypt_key']), \time() + ($state->universal['long-term-auth-expire'] ?? self::DEFAULT_LONGTERMAUTH_EXPIRE), '/', $state->universal['session_config']['cookie_domain'] ?? '', $httpsOnly ?? false, true);
}
\Airship\redirect($this->airship_cabin_prefix);
} else {
$fails = $airBrake->getFailedLoginAttempts($post['username'], $_SERVER['REMOTE_ADDR']) + 1;
// If the server is setup (with an EncryptionPublicKey) and the
// number of failures is above the log threshold, this will
// encrypt the password guess with the public key so that only
// the person in possession of the secret key can decrypt it.
$airBrake->registerLoginFailure($post['username'], $_SERVER['REMOTE_ADDR'], $fails, new HiddenString($post['passphrase']));
$this->lens('login', ['post_response' => ['message' => \__('Incorrect username or passphrase. Please try again.'), 'status' => 'error']]);
}
}
/**
* Generate a new session identifier.
*
* @param bool $destroy
* @return bool
*/
function zbase_sessions_regenerate()
{
\Session::regenerate();
}
/**
* @param $brand_id
* @return bool
*/
public function brandSwitch($brand_id)
{
$check = true;
//Groups::inGroup(); there is a bug with Groups so skip for now and reimplement!
if (!$check) {
return false;
}
$metadata = $this->metas;
$metadata->active_brand = $brand_id;
$metadata->save();
Session::put('active_brand', $brand_id);
Session::regenerate();
return $brand_id;
}
public function logout()
{
Auth::guard()->logout();
\Session::flush();
\Session::regenerate(true);
return Redirect::route(CmfConfig::getInstance()->login_route());
}
<li class="dropdown messages-menu">
<!-- Menu toggle button -->
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<i class="fa fa-list"></i>
<?php
$taskcountkey = Session::get('taskcountkey');
$tasklisttkey = Session::get('tasklisttkey');
?>
<span class="label label-success">{{ isset($taskcountkey) ? $taskcountkey : 'taskcountkey Fehler!' }}</span>
</a>
<ul class="dropdown-menu">
<li class="header">{{ isset($taskcountkey) ? $taskcountkey : 'taskcountkey Fehler!' }} {{ trans('back/tasklist.tasklist-comments') }}
<?php
Session::regenerate();
?>
</li>
<li>
<!-- inner menu: contains the messages -->
<ul class="menu">
<li><!-- start message -->
<!-- Message title and timestamp -->
/**
* Check if the given token is correct. If not generate a new session id and return false.
*
* @param string $token A token generated by Session::token()
* @return boolean
*/
public static function checkToken($token)
{
if (Session::get('csrf_token') !== $token) {
Session::regenerate();
return false;
}
return true;
}
function LogOutActions()
{
$auth_office_use = Session::get('auth_office_use');
$Office_Session_pw = Session::get('auth_office_password');
$Office_Session_Auth2 = Session::get('Office_Session_Auth') ? Session::get('Office_Session_Auth') : false;
Session::flush();
Session::regenerate();
if (isset($Office_Session_Auth2) && $Office_Session_Auth2) {
Session::put('Office_Session_Auth', $Office_Session_Auth2);
}
if (isset($auth_office_use) && $auth_office_use) {
Session::put('auth_office_use', $auth_office_use);
}
if (isset($Office_Session_pw) && $Office_Session_pw) {
Session::put('auth_office_password', $Office_Session_pw);
}
}
