/** * Authenticate user and initializes the session. * Listens to Login.initSession hook. * * @param Core_Event_Notification $notification */ function initSession($notification) { $info = $notification->getNotificationObject(); $login = $info['login']; $password = $info['password']; $rememberMe = $info['rememberMe']; $tokenAuth = Module_UserManagement_API::getInstance()->getTokenAuth($login, $password); $auth = Zend_Registry::get('auth'); $auth->setLogin($login); $auth->setTokenAuth($tokenAuth); $authResult = $auth->authenticate(); $authCookieName = Zend_Registry::get('config')->General->login_cookie_name; $authCookieExpiry = $rememberMe ? time() + Zend_Registry::get('config')->General->login_cookie_expire : 0; $authCookiePath = Zend_Registry::get('config')->General->login_cookie_path; $cookie = new Core_Cookie($authCookieName, $authCookieExpiry, $authCookiePath); if (!$authResult->isValid()) { $cookie->delete(); throw new Exception('Login_LoginPasswordNotCorrect'); } $cookie->set('login', $login); $cookie->set('token_auth', $auth->getHashTokenAuth($login, $authResult->getTokenAuth())); $cookie->setSecure(Core_Common::isHttps()); $cookie->setHttpOnly(true); $cookie->save(); Zend_Session::regenerateId(); }
/** * 删除cookie * * @param string $name cookie名称 * @param string $path cookie路径 * @param string $domain cookie作用域 * @return boolean true/false */ public static function delete($name, $path = null, $domain = null) { Core_Cookie::check_domain($domain); return Core_Cookie::set($name, '', -864000, $path, $domain, false, false); }