Ejemplo n.º 1
0
 public function __beforeAction()
 {
     // User authentication
     $user_model = new User_Model();
     User_Model::$auth_status = User_Model::AUTH_STATUS_NOT_LOGGED;
     // Authentication by post
     if (isset($_POST['username']) && isset($_POST['password'])) {
         $username = $_POST['username'];
         $password = $_POST['password'];
         try {
             if (!preg_match('#^[a-z0-9-]+$#', $username)) {
                 throw new Exception('Invalid username');
             }
             if ($user_model->authenticate($username, $password)) {
                 User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
                 // Write session and cookie to remember sign-in
                 Cookie::write('login', Encryption::encode($username . ':' . $password), 60 * 24 * 3600);
                 Session::write('username', $username);
             } else {
                 throw new Exception('Bad username or password');
             }
         } catch (Exception $e) {
             User_Model::$auth_status = User_Model::AUTH_STATUS_BAD_USERNAME_OR_PASSWORD;
             Cookie::delete('login');
             Session::delete('username');
         }
     } else {
         // Authentication by session
         if (($username = Session::read('username')) !== null) {
             try {
                 $user_model->loadUser($username);
                 User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
             } catch (Exception $e) {
                 Session::delete('username');
                 Cookie::delete('login');
             }
             // Authentication by cookies
         } else {
             if (($login = Cookie::read('login')) !== null) {
                 try {
                     if (isset($login) && ($login = Encryption::decode($login))) {
                         $login = explode(':', $login);
                         $username = $login[0];
                         if (!preg_match('#^[a-z0-9-]+$#', $username)) {
                             throw new Exception('Invalid username');
                         }
                         array_splice($login, 0, 1);
                         $password = implode(':', $login);
                         if ($user_model->authenticate($username, $password)) {
                             User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
                             // Write session to remember sign-in
                             Session::write('username', $username);
                         } else {
                             throw new Exception('Bad username or password');
                         }
                     } else {
                         throw new Exception('Invalid user cookie');
                     }
                 } catch (Exception $e) {
                     Cookie::delete('login');
                 }
             }
         }
     }
 }
Ejemplo n.º 2
0
 /**
  *  Verifica se o usuário está autenticado.
  *
  *  @return boolean Verdadeiro caso o usuário esteja autenticado
  */
 public function loggedIn()
 {
     if (is_null($this->loggedIn)) {
         $user = Cookie::read("user_id");
         $password = Cookie::read("password");
         if (!is_null($user) && !is_null($password)) {
             $user = $this->identify(array($this->fields["id"] => $user, $this->fields["password"] => $password));
             $this->loggedIn = !empty($user);
         } else {
             $this->loggedIn = false;
         }
     }
     return $this->loggedIn;
 }
Ejemplo n.º 3
0
function current_timezone()
{
    return Cookie::read('anchor-install-timezone', 0) * 3600;
}