protected function superAdminLogin()
{
$item = $this->params()->fromPost();
$form = new Form\SuperAdminLoginForm();
$viewVariables = array('form' => $form, 'item' => $item);
if (!$this->getRequest()->isPost()) {
return $viewVariables;
}
$form->bind($item);
if (!$form->isValid()) {
return $viewVariables;
}
$auth = new Auth('Config', 'Session', 'Auth_Admin');
$authResult = $auth->authenticate(array('username' => $item['loginName'], 'password' => $item['inputPassword']));
if ($authResult->isValid()) {
$config = $this->getServiceLocator()->get('config');
$auth->saveLoginUser(array('id' => $config['superadmin']['id'], 'userName' => $item['loginName'], 'isSuperAdmin' => true));
$callback = $this->params()->fromPost('callback');
$callback = $callback ? $callback : '/admin/core/dashboard';
$this->redirect()->toUrl($callback);
return array();
}
switch ($authResult->getCode()) {
case Result::FAILURE_IDENTITY_NOT_FOUND:
$this->flashMessenger()->addMessage('user-name-failed');
break;
case Result::FAILURE_CREDENTIAL_INVALID:
$this->flashMessenger()->addMessage('password-failed');
break;
default:
}
return $viewVariables;
}
public function restPutLogin()
{
$this->layout('layout/adminblank');
$item = $this->params()->fromPost();
$callback = $this->params()->fromPost('callback');
$callback = $callback ? $callback : '/admin/core/dashboard';
$viewVariables = array();
if (!$this->getRequest()->isPost()) {
return $viewVariables;
}
$form = new \User\Form\AdminLoginForm();
$form->bind($item);
if ($form->isValid()) {
$item = $form->getData();
if ($item['isSuperAdmin']) {
$auth = new Auth('Config', 'Session', 'Auth_Admin');
$authResult = $auth->authenticate(array('username' => $item['loginName'], 'password' => $item['inputPassword']));
$config = Api::_()->getConfig();
if ($authResult->isValid()) {
$auth->saveLoginUser(array('id' => $config['superadmin']['id'], 'userName' => $item['loginName'], 'isSuperAdmin' => true));
return $this->redirect()->toUrl($callback);
}
} else {
$loginModel = Api::_()->getModel('User\\Model\\Login');
$authResult = $loginModel->loginByPassword($item['loginName'], $item['inputPassword']);
if ($authResult->isValid()) {
$user = Auth::getLoginUser('Auth_Admin');
if (!isset($user['Roles']) || !in_array('Admin', $user['Roles'])) {
$this->getResponse()->setStatusCode(401);
$this->flashMessenger()->addMessage('permission-not-enough');
return $this->redirect()->toUrl('/admin/');
}
return $this->redirect()->toUrl($callback);
}
}
switch ($authResult->getCode()) {
case Result::FAILURE_IDENTITY_NOT_FOUND:
$this->flashMessenger()->addMessage('user-name-failed');
break;
case Result::FAILURE_CREDENTIAL_INVALID:
$this->flashMessenger()->addMessage('password-failed');
break;
default:
}
} else {
$item = $form->getData();
}
return array('form' => $form, 'item' => $item);
}
