Ejemplo n.º 1
0
 /**
  * constructor
  */
 public function __construct()
 {
     parent::__construct();
     if (!Core::getUser() instanceof UserAccount && get_class($this) !== 'LoginController') {
         if (isset($_REQUEST['user']) && isset($_REQUEST['pass']) && in_array(get_class($this), array('OrderPrintController', 'POPrintController')) && ($userAccount = UserAccount::getUserByUsernameAndPassword(trim($_REQUEST['user']), trim($_REQUEST['pass']), true)) instanceof UserAccount) {
             Core::setUser($userAccount);
         } else {
             $this->getResponse()->Redirect('/login.html');
         }
     }
 }
Ejemplo n.º 2
0
 /**
  * login a user
  *
  * @param array $params
  *
  * @throws Exception
  * @return multitype:
  */
 private function _login($params)
 {
     if (!isset($params['username']) || ($username = trim($params['username'])) === '') {
         throw new Exception('username is empty!');
     }
     if (!isset($params['password']) || ($password = trim($params['password'])) === '') {
         throw new Exception('password is empty!');
     }
     $userAccount = UserAccount::getUserByUsernameAndPassword($username, $password, true);
     $role = null;
     if (count($roles = $userAccount->getRoles()) > 0) {
         $role = $roles[0];
     }
     Core::setUser($userAccount, $role);
     return array();
 }
Ejemplo n.º 3
0
 /**
  * validate a user providing $username and $password
  *
  * @param string $username
  * @param string $password
  * @return true, if there is such a userAccount in the database;otherwise, false;
  */
 public function validateUser($username, $password)
 {
     if (!Core::getUser() instanceof UserAccount) {
         $userAccount = UserAccount::getUserByUsernameAndPassword($username, $password);
         if (!$userAccount instanceof UserAccount) {
             return false;
         }
         $role = null;
         if (!Core::getRole() instanceof Role) {
             if (count($roles = $userAccount->getRoles()) > 0) {
                 $role = $roles[0];
             }
         }
         Core::setUser($userAccount, $role);
     }
     return true;
 }
Ejemplo n.º 4
0
 /**
  * Logs in a user with the given username and password POSTed. Though true
  * REST doesn't believe in sessions, it is often desirable for an AJAX server.
  *
  * @url POST /login
  */
 public function login()
 {
     try {
         $username = trim($_POST['username']);
         if ($username === '') {
             throw new AuthenticationException("Empty username not allowed");
         }
         $password = trim($_POST['password']);
         if ($password === '') {
             throw new AuthenticationException("Empty password not allowed");
         }
         $userAccount = UserAccount::getUserByUsernameAndPassword($username, $password);
         if ($userAccount instanceof UserAccount) {
             Core::getUser($userAccount);
         }
     } catch (Exception $ex) {
         throw new RestException(401, $ex->getMessage(), $ex);
     }
     return array("success" => "Logged in " . $username);
 }