Ejemplo n.º 1
0
 public function authenticateAction()
 {
     $server = $this->_getOpenIdProvider();
     $request = $server->decodeRequest();
     $authAttempts = new Users_Model_AuthAttempts();
     $attempt = $authAttempts->get();
     $form = new Form_OpenidLogin(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed());
     $formData = $this->_request->getPost();
     $form->populate($formData);
     if (!$form->isValid($formData)) {
         $formErrors = $form->getErrors();
         // gotta resort to pass errors as params because we don't use the session here
         if (@$formErrors['captcha']) {
             $this->_forward('login', null, null, array('invalidCaptcha' => true));
         } else {
             $this->_forward('login');
         }
         return;
     }
     $users = new Users_Model_Users();
     $result = $users->authenticate($request->idSelect() ? $form->getValue('openIdIdentity') : $request->identity, $this->_config->yubikey->enabled && $this->_config->yubikey->force ? $form->getValue('yubikey') : $form->getValue('password'), true, $this->view);
     if ($result) {
         if ($attempt) {
             $attempt->delete();
         }
         $sites = new Model_Sites();
         $trustRoot = $this->_getTrustRoot($request);
         if ($sites->isTrusted($users->getUser(), $trustRoot)) {
             $this->_forward('proceed', null, null, array('allow' => true));
         } elseif ($sites->isNeverTrusted($users->getUser(), $trustRoot)) {
             $this->_forward('proceed', null, null, array('deny' => true));
         } else {
             $this->_forward('trust');
         }
     } else {
         if (!$attempt) {
             $authAttempts->create();
         } else {
             $attempt->addFailure();
             $attempt->save();
         }
         $this->_forward('login', null, null, array('invalidLogin' => true));
     }
 }