public static function authentication($username_or_email, $password, $by = 'username') { import('system/share/network/session'); Session::start(); if (self::is_authenticated() && self::$info && $_SESSION[self::SESSION_NAME]) { return self::$info; } if (!in_array($by, array('username', 'email'))) { return false; } try { DatabaseBackend::load_model('system/contrib/auth'); $user = Doctrine_Query::create()->select('*')->from('User u')->leftJoin('u.Group g')->where(sprintf('u.%s="%s"', $by, $username_or_email))->fetchOne(); if (!$user) { return _('Username or email does not exits'); } list($func, $random, $encryped) = explode('$', $user->password); if ($user->password && $user->password === self::generate_password($password, $random, $func)) { self::$is_authenticated = true; self::$info = $_SESSION[self::SESSION_NAME] = array('id' => $user->id, 'username' => $user->username, 'group' => array('id' => $user->Group->id, 'name' => $user->Group->name)); if ($user->Role) { foreach ($user->Role as $role) { self::$info['role'][] = $_SESSION[self::SESSION_NAME]['role'][] = array('id' => $role->id, 'name' => $role->name, 'alias' => $role->alias); } } } else { return _("Password doesn't match"); } } catch (Doctrine_Query_Exception $e) { return _('System error'); } return $user ? $user : _('Username or email does not exits'); }
public function __construct() { parent::__construct(); parent::load('model', 'system/contrib/auth'); import('system/share/network/redirect'); $userinfo = User::info(); /*当前客户登陆的话*/ if ($userinfo['role'][0]['alias'] == '客户' || !$userinfo['role'] && User::is_authenticated()) { HTTPRedirect::to('customer'); } }
/** * Adds a special user prefixed with uploader that will remain a reader in * this group for uploading purposes of mobile Tangerines. */ public function add_uploader() { $con = $this->config; // calc new username and password $uploader_name = "uploader-" . $this->get_name(); $uploader_pass = Helpers::calc_password(16); $uploader_user = new User(array("name" => $uploader_name, "pass" => $uploader_pass)); // If read with no error, authenticated flag will be set. $uploader_user->read(); // If authenticate, we're done, there's already a user. if ($uploader_user->is_authenticated()) { return true; } // If not, then make a user, add them as a reader $test = $uploader_user->save(); $this->add_reader($uploader_user, false); $settings_doc_response = h\Request::get($con->group_doc_url("settings", $this->name, "main"))->authenticateWith($con->constants->ADMIN_U, $con->constants->ADMIN_P)->sendsJson()->send(); $settings = json_decode($settings_doc_response, true); // @TODO break this out into a new method. Issue #4 if (!isset($settings['upPass']) || $settings['upPass'] == "pass") { $settings['upPass'] = $uploader_pass; $settings['groupName'] = $this->name; $settings['groupDDoc'] = $con->constants->D_DOC; $settings['groupHost'] = $con->get_host('main'); $settings_doc_response = h\Request::put($con->group_doc_url("settings", $this->name, "main"))->authenticateWith($con->constants->ADMIN_U, $con->constants->ADMIN_P)->sendsJson()->body(json_encode($settings))->send(); } else { throw new RuntimeException("Group already has an uploader"); } }
* reasonably feasible for technical reasons, the Appropriate Legal Notices must * display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM". ********************************************************************************/ /********************************************************************************* * Description: TODO: To be written. * Portions created by SugarCRM are Copyright (C) SugarCRM, Inc. * All Rights Reserved. * Contributor(s): ______________________________________.. ********************************************************************************/ global $mod_strings; $focus = new User(); // Add in defensive code here. $focus->user_name = $_REQUEST['user_name']; $user_password = $_REQUEST['user_password']; $focus->load_user($user_password); if ($focus->is_authenticated()) { // save the user information into the session // go to the home screen header("Location: " . $GLOBALS['app']->getLoginRedirect()); unset($_SESSION['login_password']); unset($_SESSION['login_error']); unset($_SESSION['login_user_name']); $_SESSION['authenticated_user_id'] = $focus->id; // store the user's theme in the session if (isset($_REQUEST['login_theme'])) { $authenticated_user_theme = $_REQUEST['login_theme']; } elseif (isset($_REQUEST['ck_login_theme_20'])) { $authenticated_user_theme = $_REQUEST['ck_login_theme_20']; } else { $authenticated_user_theme = $sugar_config['default_theme']; }
{ $app->set('user', User::get_by_username($app->request('username'))); $app->set('is_current_user', $app->request('username') == User::current_user() ? true : false); $app->set('posts', Post::get_posts_by_user($app->request('username'), $app->request('skip') ? $app->request('skip') : 0)); $app->set('post_count', Post::get_post_count_by_user($app->request('username'))); } get('/user/:username', function ($app) { get_user_profile($app); $app->render('user/profile'); }); get('/user/:username/:skip', function ($app) { get_user_profile($app); $app->render('user/_posts', false); }); post('/post', function ($app) { if (User::is_authenticated()) { $post = new Post(); $post->content = $app->form('content'); $post->create(); $app->redirect('/user/' . User::current_user()); } else { $app->set('error', 'You must be logged in to do that.'); $app->render('user/login'); } }); delete('/post/delete/:id/:rev', function ($app) { $post = new Post(); $post->_id = $app->request('id'); $post->_rev = $app->request('rev'); $post->delete(); $app->redirect('/user/' . User::current_user());
public function testis_authenticated() { $user = new User(); //test without setting name $this->assertEquals(false, $user->is_authenticated()); //test with name set $user->authenticated = true; $this->assertEquals(true, $user->is_authenticated()); }
public function register() { return false; parent::load('model', 'system/contrib/auth.User'); /* * Loggined redirect to default */ if (User::is_authenticated()) { import('system/share/network/redirect'); HTTPRedirect::to(ini('base/DEFAULT_ACTION')); } $smarty = parent::load('smarty'); $register_form = parent::load('form', 'LoginForm', $_POST); if (!$this->is_post()) { $smarty->assign('register_form', $register_form->output()); $smarty->display('auth/register'); return; } if ($register_form->is_valid() && Request::$method == 'POST') { $user = UserTable::findByUsername($register_form->data['username']); if ($user) { array_push($register_form->messages, _('Username exists')); } else { $user = new User(); $user->username = $register_form->data['username']; $user->password = User::generate_password($register_form->data['password']); $user->save(); User::authentication($user->username, $register_form->data['password']); import('system/share/network/redirect'); HTTPRedirect::to(url_reverse('auth_index')); } } $smarty->assign('register_form', $register_form->output()); $smarty->display('auth/register'); }
public static function login_required($base_app) { $base_app->load('model', 'system/contrib/auth.User', false); if (!User::is_authenticated()) { import('system/share/network/redirect'); HTTPRedirect::to('accounts/login'); Boot::shutdown(); } return true; }
* Remove a reader from a group. */ $group_name = Helpers::require_variable('group', 'a group name'); $target_user_name = Helpers::require_variable('user', 'a user to remove'); $user_name = Helpers::require_variable('auth_u', 'a username'); $user_pass = Helpers::require_variable('auth_p', 'user authentication'); try { // Authenticate user making request $admin_user = new User(array("name" => $user_name, "pass" => $user_pass)); if (!$admin_user->authenticate()) { throw new Exception("Authentication failed."); } $user = new User(array("name" => $target_user_name, "admin" => true)); // Verify user exists $user->read(); if (!$user->is_authenticated()) { throw new Exception($user->get_name() . " is not a valid user."); } $group = new Group(array("name" => $group_name)); // Assert group's existence $group->read(); if (!$group->is_admin($admin_user)) { throw new Exception("You must be an admin to remove members."); } $group->remove_reader($user); $attempt = new Attempt('success', 'Removed member ' . $user->get_name() . ' from ' . $group->get_name() . '.'); } catch (Exception $e) { $attempt = new Attempt('error', $e->getMessage()); } // END of remove_reader } else {