Beispiel #1
0
 public function postLogin()
 {
     $email = Request::post('email', 'email');
     $pass = Request::post('password');
     $login_result = UserModel::login($email, $pass);
     $data = array();
     if (!$login_result) {
         // BAD PASSWORD COMBO
         Messenger::error('Invalid password.');
     } else {
         $session = Session::getInstance();
         $session->setState(Session::STATE_APP);
         $data['cookies'] = array('session' => $session->session_key);
         Output::setJsonCookies(true);
         return $data;
     }
 }
Beispiel #2
0
 /**
  * Create the default logged in user.
  *
  * @return User
  *   The currently logged in user.
  */
 public static function createInstance()
 {
     // If a session is found.
     $session = SessionTool::getInstance(true, false);
     if ($session && $session->user_id > 0) {
         // If we are logged into someone elses account.
         if ($impersonate = $session->getSetting('impersonate')) {
             $user = User::loadById($impersonate);
         } else {
             // Try to load the user on this session.
             $user = User::loadById($session->user_id);
         }
     }
     if (!empty($user)) {
         return $user;
     } else {
         // No user was found.
         return User::anonymous();
     }
 }
Beispiel #3
0
 /**
  * Add the session token as a JS accessible variable.
  */
 public static function addSessionToken() {
     self::set('token', Session::getInstance()->getToken());
 }
Beispiel #4
0
 /**
  * Destroy a user object and end the session.
  */
 public function logOut()
 {
     $session = Session::getInstance();
     if ($this->id > 0) {
         $this->data = NULL;
         $this->id = 0;
         if (is_object($session)) {
             $session->destroy();
         }
     }
 }
Beispiel #5
0
 /**
  * Make sure a valid token has been received.
  *
  * @return boolean
  *   Whether the token is valid.
  */
 public function validateToken() {
     // If this is a post request, there must be a valid token.
     if (!$this->ignoreToken && strtolower(Request::type()) == 'post') {
         $token = Request::post('token', 'hex');
         return !empty($token) && $token == Session::getInstance()->getToken();
     } else {
         // This is not a POST request so it's not required.
         return true;
     }
 }