public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     $env = sfContext::getInstance()->getConfiguration()->getEnvironment();
     if ($env != 'test') {
         $this->checkPermissions();
         $this->resetPasswordCheck();
         // here?
         $this->checkDatabase();
         $this->checkHtaccess();
         $this->performTests();
     }
     $request = sfContext::getInstance()->getRequest();
     if (!$this->isAuthenticated()) {
         if ($request->getPostParameter('password') == '' && $request->getCookie($this->cookie_name) != '' && $request->getMethod() != sfRequest::POST) {
             $params = array();
             $params['password'] = $request->getCookie($this->cookie_name);
             $form = new LoginForm($this, true, array(), array(), false);
             // no csrf
             $form->bind($params);
             if ($form->isValid()) {
                 $this->setAuthenticated(true);
             }
         }
     }
 }
 /**
  * Initializes the sfGuardSecurityUser object.
  *
  * @param sfEventDispatcher $dispatcher The event dispatcher object
  * @param sfStorage $storage The session storage object
  * @param array $options An array of options
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if (!$this->isAuthenticated()) {
         $this->user = null;
     }
 }
 public function initialize($context, $parameters = null)
 {
     if (sfConfig::get('sf_timeout') == 0) {
         // session will expire if window is open for a day
         sfConfig::set('sf_timeout', 86400);
     }
     return parent::initialize($context, $parameters);
 }
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     $adminUserId = Doctrine::getTable('AdminUser')->find($this->getId());
     if (!$adminUserId) {
         $this->logout();
     }
 }
 public function initialize($context, $parameters = array())
 {
     parent::initialize($context, $parameters);
     if (!$this->isAuthenticated()) {
         // remove user if timeout
         $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser');
         $this->user = null;
     }
 }
 /**
  * Initializes the sfGuardSecurityUser object.
  *
  * @param sfEventDispatcher $dispatcher The event dispatcher object
  * @param sfStorage $storage The session storage object
  * @param array $options An array of options
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if (!$this->isAuthenticated()) {
         // remove user if timeout
         $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser');
         $this->user = null;
     }
 }
 /**
  * Init
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     // remove user if timeout
     if (!$this->isAuthenticated()) {
         $this->getAttributeHolder()->removeNamespace('open_auth');
         $this->_user = null;
     }
 }
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if (sfConfig::get('app_sf_object_guard_plugin_persistent_credentials', true)) {
         $this->credentialsLoadedFor = $storage->read(self::CREDENTIAL_TABLES_NAMESPACE);
         if (!$this->isAuthenticated()) {
             $this->credentialsLoadedFor = array();
         }
     }
 }
 public function initialize($context, $parameters = array())
 {
     parent::initialize($context, $parameters);
     $this->prefix = sfConfig::get('app_phpbb_prefix', 'Phpbb');
     if (!$this->isAuthenticated()) {
         // remove user if timeout
         $this->getAttributeHolder()->removeNamespace('avrPhpbbSecurityUser');
         $this->user = null;
     }
 }
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     $request = sfContext::getInstance()->getRequest();
     // check auth by api_secret and get parameters
     $isAuth = md5(implode('_', array($request->getParameter('api_id'), $request->getParameter('viewer_id'), sfConfig::get('sf_vkontakte_secret_key')))) == $request->getParameter('auth_key');
     $this->setAuthenticated($isAuth);
     if ($isAuth) {
         $this->id = $request->getParameter('viewer_id');
     }
 }
 /**
  * Initializes the current user.
  *
  * @see sfBasicSecurityUser
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     $request = sfContext::getInstance()->getRequest();
     $authMode = $request->getUrlParameter('authMode');
     if ($authMode) {
         $this->setCurrentAuthMode($authMode);
     }
     $this->createAuthAdapter($this->getCurrentAuthMode());
     $this->initializeCredentials();
 }
Beispiel #12
0
 /**
  * Initializes the DmSecurityUser object.
  *
  * @param sfEventDispatcher $dispatcher The event dispatcher object
  * @param sfStorage $storage The session storage object
  * @param array $options An array of options
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if (!$this->isAuthenticated()) {
         // remove user if timeout
         $this->getAttributeHolder()->removeNamespace('dmSecurityUser');
         $this->user = null;
     } elseif ($user = $this->getUser()) {
         $this->isSuperAdmin = $user->get('is_super_admin');
     }
 }
 /**
  * Initializes the current user.
  *
  * @see sfBasicSecurityUser
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if ($this->getMemberId() && $this->isTimedOut()) {
         $this->getAttributeHolder()->removeNamespace('opSecurityUser');
     }
     $request = sfContext::getInstance()->getRequest();
     $authMode = $request->getUrlParameter('authMode');
     if ($authMode) {
         $this->setCurrentAuthMode($authMode);
     }
     $this->createAuthAdapter($this->getCurrentAuthMode());
 }
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     if (!isset($options['session_namespaces'])) {
         $options['session_namespaces'] = array(self::SITE_IDENTIFIER_NAMESPACE, self::LAST_REQUEST_NAMESPACE, self::AUTH_NAMESPACE, self::CREDENTIAL_NAMESPACE, self::ATTRIBUTE_NAMESPACE);
     }
     parent::initialize($dispatcher, $storage, $options);
     if (!$this->isValidSiteIdentifier()) {
         // This session is not for this site.
         $this->logout();
         // So we need to clear all data of the current session because they might be tainted by attacker.
         // If OpenPNE uses that tainted data, it may cause limited session fixation attack.
         $this->clearSessionData();
         return null;
     }
 }
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     // initialize parent
     parent::initialize($dispatcher, $storage, $options);
     // On timeout, remove *all* user credentials
     if ($this->isTimedOut()) {
         $this->signOut();
         return;
     }
     if ($this->isAuthenticated()) {
         $this->user = QubitUser::getById($this->getUserID());
         // If this user's account has been *deleted* or this user session is from a
         // different install of qubit on the same server (cross-site), then signout
         // user
         if (null === $this->user) {
             $this->signOut();
         }
     }
 }
 /**
  * @see sfBasicSecurityUser::initialize()
  */
 public function initialize($context, $parameters = array())
 {
     // if "temp_remember" cookie is set, update lastRequest time to now to make sure
     // that user session is not considered too old
     if (sfContext::getInstance()->getRequest()->getCookie('temp_remember')) {
         $this->lastRequest = time();
     }
     // Dirty hack to avoid that too much code is executed in order to detect
     // the user culture at that point (in sfUser::initialize()) since a more
     // comprehensive detection is performed at the end of this method.
     $storage = $context->getStorage();
     // Saves current culture retrieved from session (if any)
     $saved_culture = $storage->read(self::CULTURE_NAMESPACE);
     // and temporary writes a dummy one.
     $storage->write(self::CULTURE_NAMESPACE, $this->dummy_culture);
     parent::initialize($context, $parameters);
     // Restores previously saved culture
     $storage->write(self::CULTURE_NAMESPACE, $saved_culture);
     // before finally performing the real culture detection:
     $this->setCulture($this->detectCulture());
 }
 /**
  * Initializes the DmSecurityUser object.
  *
  * @param sfEventDispatcher $dispatcher The event dispatcher object
  * @param sfStorage $storage The session storage object
  * @param array $options An array of options
  */
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     // initialize parent
     parent::initialize($dispatcher, $storage, $options);
     if (!array_key_exists('timeout', $this->options)) {
         $this->options['timeout'] = 1800;
     }
     // force the max lifetime for session garbage collector to be greater than timeout
     if (ini_get('session.gc_maxlifetime') < $this->options['timeout']) {
         ini_set('session.gc_maxlifetime', $this->options['timeout']);
     }
     // read data from storage
     $this->authenticated = $storage->read(self::AUTH_NAMESPACE);
     $this->credentials = $storage->read(self::CREDENTIAL_NAMESPACE);
     $this->lastRequest = $storage->read(self::LAST_REQUEST_NAMESPACE);
     $this->isSuperAdmin = $storage->read(self::SUPER_ADMIN_NAMESPACE);
     if (null === $this->authenticated) {
         $this->authenticated = false;
         $this->credentials = array();
     } else {
         // Automatic logout logged in user if no request within timeout parameter seconds
         $timeout = $this->options['timeout'];
         if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout) {
             if ($this->options['logging']) {
                 $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout')));
             }
             $this->setTimedOut();
             $this->setAuthenticated(false);
         }
     }
     $this->lastRequest = time();
     if (!$this->isAuthenticated()) {
         // remove user if timeout
         $this->getAttributeHolder()->removeNamespace('dmSecurityUser');
         $this->user = null;
     } elseif ($user = $this->getUser()) {
         $this->isSuperAdmin = $user->get('is_super_admin');
     }
 }
// ->listCredentials()
$t->diag('->listCredentials()');
$user->clearCredentials();
$user->addCredential('user');
$t->is($user->listCredentials(), array('user'), '->listCredentials() returns user credentials as an array');
// ->setAuthenticated() ->isAuthenticated()
$t->diag('->setAuthenticated() ->isAuthenticated()');
$t->is($user->isAuthenticated(), false, '->isAuthenticated() returns false by default');
$user->setAuthenticated(true);
$t->is($user->isAuthenticated(), true, '->isAuthenticated() returns true if the user is authenticated');
$user->setAuthenticated(false);
$t->is($user->isAuthenticated(), false, '->setAuthenticated() accepts a boolean as its first parameter');
// ->setTimedOut() ->getTimedOut()
sfConfig::set('sf_timeout', 86400);
$user = new sfBasicSecurityUser();
$user->initialize($context);
$t->diag('->setTimedOut() ->isTimedOut()');
$t->is($user->isTimedOut(), false, '->isTimedOut() returns false if the session is not timed out');
$user->setTimedOut();
$t->is($user->isTimedOut(), true, '->isTimedOut() returns true if the session is timed out');
// ->hasCredential()
$t->diag('->hasCredential()');
$user->clearCredentials();
$t->is($user->hasCredential('admin'), false, '->hasCredential() returns false if user has not the credential');
$user->addCredential('admin');
$t->is($user->hasCredential('admin'), true, '->addCredential() takes a credential as its first argument');
// admin AND user
$t->is($user->hasCredential(array('admin', 'user')), false, '->hasCredential() can takes an array of credential as a parameter');
// admin OR user
$t->is($user->hasCredential(array(array('admin', 'user'))), true, '->hasCredential() can takes an array of credential as a parameter');
// (admin OR user) AND owner
Beispiel #19
0
 public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
 {
     parent::initialize($dispatcher, $storage, $options);
     if ($this->isTimedOut()) {
         $authService = new AuthenticationService();
         $authService->clearCredentials();
         $_SESSION = array();
     }
 }