/**
  * 
  * @param PCRequest $request
  * @param PCModelApplication $application
  * @return bool
  */
 public function doLogin($request, $application)
 {
     $param = $request->getParams();
     $userName = $param['uname'];
     $pwd = $param['pwd'];
     $keys = array('username' => $userName, "account_type" => PCModelUser::$TYPE_DEFAULT);
     $user_array = PCModelManager::fetchModelObjectInstances(PCModelUser::getMapper(), $keys, NULL, TRUE);
     $user = $user_array[0];
     if (isset($user) && strcmp($pwd, $user->getPassword()) == 0) {
         $secret = $application->getAppSecret();
         $appId = $application->getIdentifier();
         $time = time();
         $cookieValue = PCAuth::computeHashForString($userName . $time . $secret);
         $distantFuture = PCResponseCookie::getDistantFuture();
         if (PCMapperToken::setTokenForUserWithIdentifier($user->getIdentifier(), $appId, $cookieValue, $distantFuture)) {
             $_SESSION['user'] = $this->user_id = $user->getIdentifier();
             $presence_cookie = PCResponseCookie::lifetimeCookie("presence_c", $cookieValue);
             //setcookie("presence_c", $cookieValue, $expirationTime,"/");
             $user_cookie = PCResponseCookie::lifetimeCookie("user", $user->getIdentifier());
             //setcookie("user",$user->getIdentifier(), $expirationTime,"/");
             $response = PCResponse::currentResponse();
             $response->addCookie($presence_cookie);
             $response->addCookie($user_cookie);
         } else {
             return FALSE;
         }
         return TRUE;
     }
     return FALSE;
 }
Ejemplo n.º 2
0
    /**
     * Setta i cookie dell'utente
     * @param PCModelUserOauth $user
     * @return boolean
     */
    private function authorizeUser($user) {
        if(isset($user) === FALSE) return FALSE;
        $_SESSION['user'] = $user->getIdentifier();

        $secret = $this->application->getAppSecret();
        $appId = $this->application->getIdentifier();
        $time = time();
        $cookieValue = PCAuth::computeHashForString($user->getUsername() . $time . $secret);
        $distantFuture = PCResponseCookie::getDistantFuture();

        if (PCMapperToken::setTokenForUserWithIdentifier($user->getIdentifier(), $appId, $cookieValue, $distantFuture)) {

            $_SESSION['user'] = $user->getIdentifier();

            $presence_cookie = PCResponseCookie::lifetimeCookie("presence_c", $cookieValue);
            $user_cookie = PCResponseCookie::lifetimeCookie("user", $user->getIdentifier());

            $response = PCResponse::currentResponse();
            $response->addCookie($presence_cookie);
            $response->addCookie($user_cookie);
            PCModelUser::setCurrentUser($user);
            return TRUE;
        }
        return FALSE;
    }
Ejemplo n.º 3
0
 /**
  * 
  * @param PCRequest $request
  * @param PCAuthCookiesAdapter $adapter
  */
 public function __construct($request, $adapter = NULL) {
     parent::__construct($request);
     
     $this->adapter = ($adapter == NULL ? new PCAuthDefaultCookiesAdapter() : $adapter);
     $this->application = PCModelManager::fetchObjectWithIdentifier(PCModelApplication::getMapper(), PCModelApplication::WEBSITE_APP_ID, NULL, TRUE);
     
     $this->setupSession();
     $this->authorize();
 }
Ejemplo n.º 4
0
     /**
     * Crea una nuova password(aggiorna il db) e la restituisce. restituisce false in caso negativo
     * @param PCModelUser $user_id l' id dell' utente
     * @param string $hash l' hash inviato dall'utente
     * @param PCModelUser
     * @return boolean|string
     */
    public static function handleRepassRequest($user_id, $hash, &$user_to_ret) {
        $keys = array('request_hash'=>$hash, 'user_id'=>$user_id);
        $items = PCModelManager::fetchModelObjectInstances(PCModelRepass::getMapper(), $keys, NULL, TRUE);
        if (count($items) <= 0) {
            return FALSE;
        }

        $item = $items[0];

        if ($item == NULL || $item->isExpired()) {
            c_dump("SCADUTA");
            return FALSE;
        }

        $bindigngs = array(":h" => $hash, ":user"=> $user_id);
        
        PCModelManager::deleteObject(PCModelRepass::getMapper(), "request_hash = :h AND user_id = :user", $bindigngs);
        
        $newPwd = PCMapperRepass::rand_password(8); 
        

        $model_user = PCModelManager::fetchObjectWithIdentifier(PCModelUser::getMapper(), $item->getUser_id(), NULL, TRUE);
        
        
        if($model_user == NULL){
            $id = $item->getUser_id();
            error_log("User non presente (user_id: $id )");
            return FALSE;
        }
        
        $newPwdHash = PCAuth::computeHashForString($newPwd);
        
        if(PCMapperUser::changePasswordForUser($model_user, $newPwdHash) == FALSE){
            return FALSE;
        }
        $user_to_ret = $model_user;
        return $newPwd;
        
    }
Ejemplo n.º 5
0
 /**
  * 
  * @param PCRequest $request
  */
 public function registerAction($request)
 {
     require_once __EXTERNAL_LIBRARIES__ . '/recaptcha/recaptchalib.php';
     $auth = $request->getAuthHandler();
     if ($auth->isAuthorized()) {
         return new PCRendererJSON(array("error" => "you can't register a new user while logged"), 400);
     }
     $attributes = $request->getParams();
     $privatekey = "6Lfm39cSAAAAAFpyN0tQr4TYNt1zqiaHn9E22lYb";
     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $attributes["recaptcha_challenge_field"], $attributes["recaptcha_response_field"]);
     if (!$resp->is_valid) {
         // What happens when the CAPTCHA was entered incorrectly
         error_log($resp->error);
         return new PCRendererJSON(array("captcha_error" => "Incorrect Captcha"));
     }
     if (!isset($attributes['username']) || !isset($attributes['name']) || !isset($attributes['surname']) || !isset($attributes['email']) || !isset($attributes['password'])) {
         throw new PCExceptionAuth("Missing param", 400);
     }
     $inputError = NULL;
     if (PCHelperValidator::validatePassword($attributes['password'], $inputError) == FALSE) {
         return new PCRendererJSON(array("error" => $inputError), 400);
     }
     if (PCHelperValidator::validateUsername($attributes['username'], $inputError) == FALSE) {
         return new PCRendererJSON(array("error" => $inputError), 400);
     }
     if (PCHelperValidator::validateName($attributes['name'], $inputError) == FALSE) {
         return new PCRendererJSON(array("error" => $inputError), 400);
     }
     if (PCHelperValidator::validateSurname($attributes['surname'], $inputError) == FALSE) {
         return new PCRendererJSON(array("error" => $inputError), 400);
     }
     if (PCHelperValidator::validateEmail($attributes['email'], $inputError) == FALSE) {
         return new PCRendererJSON(array("error" => $inputError), 400);
     }
     $username = $attributes['username'];
     $name = $attributes['name'];
     $surname = $attributes['surname'];
     $email = $attributes['email'];
     $password = $attributes['password'];
     $store = array();
     $store['username'] = $username;
     $store['name'] = $name;
     $store['surname'] = $surname;
     $store['email'] = $email;
     $store['password'] = PCAuth::computeHashForString($password);
     $error = NULL;
     if (PCMapperUser::createUserWithAttributes($store, $error)) {
         if (PCConfigManager::sharedManager()->getBoolValue('NOTIF_ON_REGISTER')) {
             PCHelperNotificationSender::sendPushNotificationToAdmin("User Registered", "uname: {$username} Name: {$name} Sur: {$surname} mail: {$email}");
         }
         return new PCRendererJSON(array("OK" => "User added"));
     }
     return new PCRendererJSON(array("error" => $error), 400);
 }