public static function signIn($userName, $password, $rememberMe = false, $md5 = true)
{
$retVal = false;
// set ZendX_Doctrine_Auth_Adapter
$auth = Zend_Auth::getInstance();
$authAdapter = new ZendX_Doctrine_Auth_Adapter(Doctrine::getConnectionByTableName('Model_Entity_User'));
$password = $md5 ? md5($password) : $password;
$authAdapter->setTableName('Model_Entity_User u')->setIdentityColumn('userName')->setCredentialColumn('password')->setCredentialTreatment('? AND active = 1')->setIdentity($userName)->setCredential($password);
// set Zend_Auth
$result = $auth->authenticate($authAdapter);
// Check Auth Validation
if ($result->isValid()) {
// Remove some fields which are secure!
$omitColumns = array('password', 'activationKey', 'created_at', 'updated_at', 'deleted_at', 'created_by', 'updated_by');
$identity = $authAdapter->getResultRowObject(null, $omitColumns);
$identity->roles = Kebab_Model_User::getUserRoles($identity->id);
$identity->acl = new Kebab_Access_Acl();
$identity->stories = Kebab_Model_Story::getUserStoriesName($identity->roles);
$auth->getStorage()->write($identity);
if ($rememberMe) {
Zend_Session::rememberMe(604800);
}
$retVal = true;
}
return $retVal;
}
/**
*
* @todo add openid authentication
*
*/
public function loginAction()
{
$form = new App_Form_Login();
if (!empty($_POST) && $form->isValid($_POST)) {
$username = $form->getValue('username');
$password = $form->getValue('password');
//------------------------------------
// make sure the login form validates
//------------------------------------
if ($form->isValid($_POST)) {
$auth = Zend_Auth::getInstance();
//------------------------------------------
// Attempt a standard database login
//------------------------------------------
$adapter = new ZendX_Doctrine_Auth_Adapter(Doctrine_Manager::connection(), 'Account', 'username', 'password', 'MD5(?) AND enabled = 1 AND confirmed = 1');
$adapter->setIdentity($username);
$adapter->setCredential($password);
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
$message = 'The username and password provided does not match our records';
$this->_flash->addMessage($message);
$form->addError($message);
} else {
$userdata = $adapter->getResultRowObject(null, 'password');
//translate the user into an actual doctrine object
$accounts = new App_Table_Account();
$auth->getStorage()->write($accounts->find($userdata->id));
//audit the login
$login = new AccountLogin();
$login->accountId = $userdata->id;
$login->ip = ip2long($_SERVER['REMOTE_ADDR']);
$login->save();
$this->_flash->addMessage('Welcome back, ' . $result->getIdentity());
$this->_redirector->gotoSimple('profile');
}
}
}
// force users to logout before they can try to login
if (Zend_Auth::getInstance()->getIdentity() !== null) {
$this->_flash->addMessage('You are already logged in! You must log out before you can
log into a different account.');
$this->_redirector->gotoSimple('profile');
}
$form->setMethod(Zend_Form::METHOD_POST);
$this->view->form = $form;
}
/**
* Function for doing get Authentication of given user's values.
*/
protected function _getAuthAdapter($values)
{
$authAdapter = new ZendX_Doctrine_Auth_Adapter(Doctrine::getConnectionByTableName('Model_Users'));
$encryptedPassword = MD5($values['password']);
$authAdapter->setTableName('Model_Users u')->setIdentityColumn('u.email')->setCredentialColumn('u.password')->setIdentity($values['email'])->setCredential($encryptedPassword);
return $authAdapter;
}
