public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$env = sfContext::getInstance()->getConfiguration()->getEnvironment();
if ($env != 'test') {
$this->checkPermissions();
$this->resetPasswordCheck();
// here?
$this->checkDatabase();
$this->checkHtaccess();
$this->performTests();
}
$request = sfContext::getInstance()->getRequest();
if (!$this->isAuthenticated()) {
if ($request->getPostParameter('password') == '' && $request->getCookie($this->cookie_name) != '' && $request->getMethod() != sfRequest::POST) {
$params = array();
$params['password'] = $request->getCookie($this->cookie_name);
$form = new LoginForm($this, true, array(), array(), false);
// no csrf
$form->bind($params);
if ($form->isValid()) {
$this->setAuthenticated(true);
}
}
}
}
/**
* Initializes the sfGuardSecurityUser object.
*
* @param sfEventDispatcher $dispatcher The event dispatcher object
* @param sfStorage $storage The session storage object
* @param array $options An array of options
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if (!$this->isAuthenticated()) {
$this->user = null;
}
}
public function initialize($context, $parameters = null)
{
if (sfConfig::get('sf_timeout') == 0) {
// session will expire if window is open for a day
sfConfig::set('sf_timeout', 86400);
}
return parent::initialize($context, $parameters);
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$adminUserId = Doctrine::getTable('AdminUser')->find($this->getId());
if (!$adminUserId) {
$this->logout();
}
}
public function initialize($context, $parameters = array())
{
parent::initialize($context, $parameters);
if (!$this->isAuthenticated()) {
// remove user if timeout
$this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser');
$this->user = null;
}
}
/**
* Initializes the sfGuardSecurityUser object.
*
* @param sfEventDispatcher $dispatcher The event dispatcher object
* @param sfStorage $storage The session storage object
* @param array $options An array of options
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if (!$this->isAuthenticated()) {
// remove user if timeout
$this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser');
$this->user = null;
}
}
/**
* Init
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
// remove user if timeout
if (!$this->isAuthenticated()) {
$this->getAttributeHolder()->removeNamespace('open_auth');
$this->_user = null;
}
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if (sfConfig::get('app_sf_object_guard_plugin_persistent_credentials', true)) {
$this->credentialsLoadedFor = $storage->read(self::CREDENTIAL_TABLES_NAMESPACE);
if (!$this->isAuthenticated()) {
$this->credentialsLoadedFor = array();
}
}
}
public function initialize($context, $parameters = array())
{
parent::initialize($context, $parameters);
$this->prefix = sfConfig::get('app_phpbb_prefix', 'Phpbb');
if (!$this->isAuthenticated()) {
// remove user if timeout
$this->getAttributeHolder()->removeNamespace('avrPhpbbSecurityUser');
$this->user = null;
}
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$request = sfContext::getInstance()->getRequest();
// check auth by api_secret and get parameters
$isAuth = md5(implode('_', array($request->getParameter('api_id'), $request->getParameter('viewer_id'), sfConfig::get('sf_vkontakte_secret_key')))) == $request->getParameter('auth_key');
$this->setAuthenticated($isAuth);
if ($isAuth) {
$this->id = $request->getParameter('viewer_id');
}
}
/**
* Initializes the current user.
*
* @see sfBasicSecurityUser
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$request = sfContext::getInstance()->getRequest();
$authMode = $request->getUrlParameter('authMode');
if ($authMode) {
$this->setCurrentAuthMode($authMode);
}
$this->createAuthAdapter($this->getCurrentAuthMode());
$this->initializeCredentials();
}
/**
* Initializes the DmSecurityUser object.
*
* @param sfEventDispatcher $dispatcher The event dispatcher object
* @param sfStorage $storage The session storage object
* @param array $options An array of options
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if (!$this->isAuthenticated()) {
// remove user if timeout
$this->getAttributeHolder()->removeNamespace('dmSecurityUser');
$this->user = null;
} elseif ($user = $this->getUser()) {
$this->isSuperAdmin = $user->get('is_super_admin');
}
}
/**
* Initializes the current user.
*
* @see sfBasicSecurityUser
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if ($this->getMemberId() && $this->isTimedOut()) {
$this->getAttributeHolder()->removeNamespace('opSecurityUser');
}
$request = sfContext::getInstance()->getRequest();
$authMode = $request->getUrlParameter('authMode');
if ($authMode) {
$this->setCurrentAuthMode($authMode);
}
$this->createAuthAdapter($this->getCurrentAuthMode());
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
if (!isset($options['session_namespaces'])) {
$options['session_namespaces'] = array(self::SITE_IDENTIFIER_NAMESPACE, self::LAST_REQUEST_NAMESPACE, self::AUTH_NAMESPACE, self::CREDENTIAL_NAMESPACE, self::ATTRIBUTE_NAMESPACE);
}
parent::initialize($dispatcher, $storage, $options);
if (!$this->isValidSiteIdentifier()) {
// This session is not for this site.
$this->logout();
// So we need to clear all data of the current session because they might be tainted by attacker.
// If OpenPNE uses that tainted data, it may cause limited session fixation attack.
$this->clearSessionData();
return null;
}
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
// initialize parent
parent::initialize($dispatcher, $storage, $options);
// On timeout, remove *all* user credentials
if ($this->isTimedOut()) {
$this->signOut();
return;
}
if ($this->isAuthenticated()) {
$this->user = QubitUser::getById($this->getUserID());
// If this user's account has been *deleted* or this user session is from a
// different install of qubit on the same server (cross-site), then signout
// user
if (null === $this->user) {
$this->signOut();
}
}
}
/**
* @see sfBasicSecurityUser::initialize()
*/
public function initialize($context, $parameters = array())
{
// if "temp_remember" cookie is set, update lastRequest time to now to make sure
// that user session is not considered too old
if (sfContext::getInstance()->getRequest()->getCookie('temp_remember')) {
$this->lastRequest = time();
}
// Dirty hack to avoid that too much code is executed in order to detect
// the user culture at that point (in sfUser::initialize()) since a more
// comprehensive detection is performed at the end of this method.
$storage = $context->getStorage();
// Saves current culture retrieved from session (if any)
$saved_culture = $storage->read(self::CULTURE_NAMESPACE);
// and temporary writes a dummy one.
$storage->write(self::CULTURE_NAMESPACE, $this->dummy_culture);
parent::initialize($context, $parameters);
// Restores previously saved culture
$storage->write(self::CULTURE_NAMESPACE, $saved_culture);
// before finally performing the real culture detection:
$this->setCulture($this->detectCulture());
}
/**
* Initializes the DmSecurityUser object.
*
* @param sfEventDispatcher $dispatcher The event dispatcher object
* @param sfStorage $storage The session storage object
* @param array $options An array of options
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
// initialize parent
parent::initialize($dispatcher, $storage, $options);
if (!array_key_exists('timeout', $this->options)) {
$this->options['timeout'] = 1800;
}
// force the max lifetime for session garbage collector to be greater than timeout
if (ini_get('session.gc_maxlifetime') < $this->options['timeout']) {
ini_set('session.gc_maxlifetime', $this->options['timeout']);
}
// read data from storage
$this->authenticated = $storage->read(self::AUTH_NAMESPACE);
$this->credentials = $storage->read(self::CREDENTIAL_NAMESPACE);
$this->lastRequest = $storage->read(self::LAST_REQUEST_NAMESPACE);
$this->isSuperAdmin = $storage->read(self::SUPER_ADMIN_NAMESPACE);
if (null === $this->authenticated) {
$this->authenticated = false;
$this->credentials = array();
} else {
// Automatic logout logged in user if no request within timeout parameter seconds
$timeout = $this->options['timeout'];
if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout) {
if ($this->options['logging']) {
$this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout')));
}
$this->setTimedOut();
$this->setAuthenticated(false);
}
}
$this->lastRequest = time();
if (!$this->isAuthenticated()) {
// remove user if timeout
$this->getAttributeHolder()->removeNamespace('dmSecurityUser');
$this->user = null;
} elseif ($user = $this->getUser()) {
$this->isSuperAdmin = $user->get('is_super_admin');
}
}
// ->listCredentials()
$t->diag('->listCredentials()');
$user->clearCredentials();
$user->addCredential('user');
$t->is($user->listCredentials(), array('user'), '->listCredentials() returns user credentials as an array');
// ->setAuthenticated() ->isAuthenticated()
$t->diag('->setAuthenticated() ->isAuthenticated()');
$t->is($user->isAuthenticated(), false, '->isAuthenticated() returns false by default');
$user->setAuthenticated(true);
$t->is($user->isAuthenticated(), true, '->isAuthenticated() returns true if the user is authenticated');
$user->setAuthenticated(false);
$t->is($user->isAuthenticated(), false, '->setAuthenticated() accepts a boolean as its first parameter');
// ->setTimedOut() ->getTimedOut()
sfConfig::set('sf_timeout', 86400);
$user = new sfBasicSecurityUser();
$user->initialize($context);
$t->diag('->setTimedOut() ->isTimedOut()');
$t->is($user->isTimedOut(), false, '->isTimedOut() returns false if the session is not timed out');
$user->setTimedOut();
$t->is($user->isTimedOut(), true, '->isTimedOut() returns true if the session is timed out');
// ->hasCredential()
$t->diag('->hasCredential()');
$user->clearCredentials();
$t->is($user->hasCredential('admin'), false, '->hasCredential() returns false if user has not the credential');
$user->addCredential('admin');
$t->is($user->hasCredential('admin'), true, '->addCredential() takes a credential as its first argument');
// admin AND user
$t->is($user->hasCredential(array('admin', 'user')), false, '->hasCredential() can takes an array of credential as a parameter');
// admin OR user
$t->is($user->hasCredential(array(array('admin', 'user'))), true, '->hasCredential() can takes an array of credential as a parameter');
// (admin OR user) AND owner
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if ($this->isTimedOut()) {
$authService = new AuthenticationService();
$authService->clearCredentials();
$_SESSION = array();
}
}
