public function authenticate(AuthEvent $e)
{
if ($this->isSatisfied()) {
$storage = $this->getStorage()->read();
$e->setIdentity($storage['identity'])->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
return;
}
$identity = $e->getRequest()->post()->get('identity');
$credential = $e->getRequest()->post()->get('credential');
$credential = $this->preProcessCredential($credential);
$userObject = $this->getMapper()->findByEmail($identity);
if (!$userObject && ZfcUser::getOption('enable_username')) {
// Auth by username
$userObject = $this->getMapper()->findByUsername($identity);
}
if (!$userObject) {
$e->setCode(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND)->setMessages(array('A record with the supplied identity could not be found.'));
$this->setSatisfied(false);
return false;
}
$credentialHash = Password::hash($credential, $userObject->getPassword());
if ($credentialHash !== $userObject->getPassword()) {
// Password does not match
$e->setCode(AuthenticationResult::FAILURE_CREDENTIAL_INVALID)->setMessages(array('Supplied credential is invalid.'));
$this->setSatisfied(false);
return false;
}
// Success!
$e->setIdentity($userObject->getUserId());
$this->updateUserPasswordHash($userObject, $credential)->updateUserLastLogin($userObject)->setSatisfied(true);
$storage = $this->getStorage()->read();
$storage['identity'] = $e->getIdentity();
$this->getStorage()->write($storage);
$e->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
}
public function get($userId, $metaKey)
{
$rowset = $this->getTableGateway()->select(array('user_id' => $userId));
$row = $rowset->current();
$userMetaModelClass = ZfcUser::getOption('usermeta_model_class');
$userMeta = $userMetaModelClass::fromArray($row);
$this->events()->trigger(__FUNCTION__ . '.post', $this, array('user' => $userId, 'row' => $row));
return $userMeta;
}
public function findById($id)
{
$db = $this->getReadAdapter();
$sql = $db->select()->from($this->getTableName())->where($this->userIDField . ' = ?', $id);
$this->events()->trigger(__FUNCTION__, $this, array('query' => $sql));
$row = $db->fetchRow($sql);
$userModelClass = ZfcUser::getOption('user_model_class');
return $userModelClass::fromArray($row);
}
public function findById($id)
{
$rowset = $this->getTableGateway()->select(array($this->userIDField => $id));
$row = $rowset->current();
$userModelClass = ZfcUser::getOption('user_model_class');
$user = $userModelClass::fromArray($row);
$this->events()->trigger(__FUNCTION__ . '.post', $this, array('user' => $user, 'row' => $row));
return $user;
}
public function get($userId, $metaKey)
{
$db = $this->getReadAdapter();
$sql = $db->select()->from($this->getTableName())->where('user_id = ?', $userId)->where('meta_key = ?', $metaKey);
$this->events()->trigger(__FUNCTION__ . '.pre', $this, array('query' => $sql));
$row = $db->fetchRow($sql);
$userMetaModelClass = ZfcUser::getOption('usermeta_model_class');
$userMeta = $userMetaModelClass::fromArray($row);
$this->events()->trigger(__FUNCTION__ . '.post', $this, array('user' => $userId, 'row' => $row));
return $userMeta;
}
protected function fromRow($row)
{
if (!$row) {
return false;
}
$userModelClass = ZfcUser::getOption('user_model_class');
$user = $userModelClass::fromArray($row->getArrayCopy());
$user->setLastLogin(DateTime::createFromFormat('Y-m-d H:i:s', $row['last_login']));
$user->setRegisterTime(DateTime::createFromFormat('Y-m-d H:i:s', $row['register_time']));
return $user;
}
public function initLate()
{
parent::initLate();
$this->removeElement('userId');
if (!Module::getOption('enable_username')) {
$this->removeElement('username');
}
if (!Module::getOption('enable_display_name')) {
$this->removeElement('display_name');
}
if (Module::getOption('registration_form_captcha') && $this->captcha_element) {
$this->addElement($this->captcha_element, 'captcha');
}
$this->getElement('submit')->setLabel('Register');
}
public static function getPreferredSalt()
{
$algorithm = strtolower(ZfcUser::getOption('password_hash_algorithm'));
switch ($algorithm) {
case 'blowfish':
$cost = ZfcUser::getOption('blowfish_cost');
break;
case 'sha512':
$cost = ZfcUser::getOption('sha512_rounds');
break;
case 'sha256':
$cost = ZfcUser::getOption('sha256_rounds');
break;
default:
throw new \Exception(sprintf('Unsupported hashing algorithm: %s', $algorithm));
break;
}
return static::getSalt($algorithm, (int) $cost);
}
/**
* createFromForm
*
* @param Form $form
* @return ZfcUser\Model\User
*/
public function createFromForm(Form $form)
{
$class = ZfcUser::getOption('user_model_class');
$user = new $class();
$user->setEmail($form->getValue('email'))->setPassword(Password::hash($form->getValue('password')))->setRegisterIp($_SERVER['REMOTE_ADDR'])->setRegisterTime(new DateTime('now'))->setEnabled(true);
if (ZfcUser::getOption('require_activation')) {
$user->setActive(false);
} else {
$user->setActive(true);
}
if (ZfcUser::getOption('enable_username')) {
$user->setUsername($form->getValue('username'));
}
if (ZfcUser::getOption('enable_display_name')) {
$user->setDisplayName($form->getValue('display_name'));
}
$this->events()->trigger(__FUNCTION__, $this, array('user' => $user, 'form' => $form));
$this->userMapper->persist($user);
return $user;
}
/**
* Register new user
*/
public function registerAction()
{
if ($this->zfcUserAuthentication()->getAuthService()->hasIdentity()) {
return $this->redirect()->toRoute('zfcuser');
}
$request = $this->getRequest();
$form = $this->getRegisterForm();
if ($request->isPost()) {
if (false === $form->isValid($request->post()->toArray())) {
$this->flashMessenger()->setNamespace('zfcuser-register-form')->addMessage($request->post()->toArray());
return $this->redirect()->toRoute('zfcuser/register');
} else {
$this->getUserService()->createFromForm($form);
if (ZfcUser::getOption('login_after_registration')) {
$post = $request->post();
$post['identity'] = $post['email'];
$post['credential'] = $post['password'];
return $this->forward()->dispatch('zfcuser', array('action' => 'authenticate'));
}
return $this->redirect()->toRoute('zfcuser/login');
}
}
return array('registerForm' => $form);
}