Ejemplo n.º 1
0
 /**
  * Ritorna se l'email e la password passate corrispondono a un utente valido.
  *
  * @static
  * @param string $Email L'email dell'utente che si vuole loggare
  * @param string $Password La password dell'utente che si vuole loggare
  * @return bool Se lo login è andata a buon fine o meno
  */
 public static function isValidLogin($Email, $Password)
 {
     $Auth = Zend_Auth::getInstance();
     $Adapter = self::getAuthAdapter();
     $Adapter->setIdentity($Email);
     $Adapter->setCredential($Password);
     self::$AuthResult = $Auth->authenticate($Adapter);
     if (self::$AuthResult->isValid()) {
         $Auth->getStorage()->write(self::getUserById($Adapter->getResultRowObject()->IDUser));
         return true;
     } else {
         return false;
     }
 }
 /**
  * Set the result for this validator
  *
  * @param \Zend_Auth_Result $result
  * @return boolean True when valid
  */
 protected function setAuthResult(\Zend_Auth_Result $result)
 {
     $this->_authResult = $result;
     return $this->_authResult->isValid();
 }
Ejemplo n.º 3
0
 /**
  * Process everything after authentication.
  *
  * @param \Zend_Auth_Result $result
  */
 protected function afterAuthorization(\Zend_Auth_Result $result, $lastAuthorizer = null)
 {
     try {
         $select = $this->db->select();
         $select->from('gems__user_login_attempts', array('gula_failed_logins', 'gula_last_failed', 'gula_block_until', new \Zend_Db_Expr('UNIX_TIMESTAMP() - UNIX_TIMESTAMP(gula_last_failed) AS since_last')))->where('gula_login = ?', $this->getLoginName())->where('gula_id_organization = ?', $this->getCurrentOrganizationId())->limit(1);
         $values = $this->db->fetchRow($select);
         // The first login attempt
         if (!$values) {
             $values['gula_login'] = $this->getLoginName();
             $values['gula_id_organization'] = $this->getCurrentOrganizationId();
             $values['gula_failed_logins'] = 0;
             $values['gula_last_failed'] = null;
             $values['gula_block_until'] = null;
             $values['since_last'] = $this->failureIgnoreTime + 1;
         }
         if ($result->isValid()) {
             // Reset login failures
             $values['gula_failed_logins'] = 0;
             $values['gula_last_failed'] = null;
             $values['gula_block_until'] = null;
         } else {
             // Reset the counters when the last login was longer ago than the delay factor
             if ($values['since_last'] > $this->failureIgnoreTime) {
                 $values['gula_failed_logins'] = 1;
             } elseif ($lastAuthorizer === 'pwd') {
                 // Only increment failed login when password failed
                 $values['gula_failed_logins'] += 1;
             }
             // If block is already set
             if ($values['gula_block_until']) {
                 // Do not change it anymore
                 unset($values['gula_block_until']);
             } else {
                 // Only set the block when needed
                 if ($this->failureBlockCount <= $values['gula_failed_logins']) {
                     $values['gula_block_until'] = new \Zend_Db_Expr('DATE_ADD(CURRENT_TIMESTAMP, INTERVAL ' . $this->failureIgnoreTime . ' SECOND)');
                 }
             }
             // Always record the last fail
             $values['gula_last_failed'] = new \MUtil_Db_Expr_CurrentTimestamp();
             $values['gula_failed_logins'] = max(1, $values['gula_failed_logins']);
             // Response gets slowly slower
             $sleepTime = min($values['gula_failed_logins'] - 1, 10) * 2;
             sleep($sleepTime);
             // \MUtil_Echo::track($sleepTime, $values, $result->getMessages());
         }
         // Value not saveable
         unset($values['since_last']);
         if (isset($values['gula_login'])) {
             $this->db->insert('gems__user_login_attempts', $values);
         } else {
             $where = $this->db->quoteInto('gula_login = ? AND ', $this->getLoginName());
             $where .= $this->db->quoteInto('gula_id_organization = ?', $this->getCurrentOrganizationId());
             $this->db->update('gems__user_login_attempts', $values, $where);
         }
     } catch (\Zend_Db_Exception $e) {
         // Fall through as this does not work if the database upgrade did not yet run
         // \MUtil_Echo::r($e);
     }
 }
Ejemplo n.º 4
0
 public function authenticate()
 {
     if (empty($this->_identity)) {
         return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array(trlKwf('Please specify a user name.')));
     } else {
         if ($this->_credential === null) {
             return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array(trlKwf('Please specify a password.')));
         }
     }
     $cache = $this->_getCache();
     $failedLoginsFromThisIp = $cache->load($this->_getCacheId());
     if ($failedLoginsFromThisIp && $failedLoginsFromThisIp >= 15) {
         return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $this->_identity, array(trlKwf('Too many wrong logins.'), trlKwf('There were too many wrong logins from your connection. Please try again in 5 minutes.')));
     }
     $ret = null;
     $validLogin = false;
     $row = null;
     $users = Zend_Registry::get('userModel');
     foreach ($users->getAuthMethods() as $auth) {
         if ($this->_useCookieToken) {
             if ($auth instanceof Kwf_User_Auth_Interface_AutoLogin) {
                 $row = $auth->getRowById($this->_identity);
                 if ($row) {
                     if ($auth->validateAutoLoginToken($row, $this->_credential)) {
                         $ret = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_identity, array(trlKwf('Authentication successful')));
                     } else {
                         $ret = new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $this->_identity, array(trlKwf('Supplied password is invalid')));
                     }
                     break;
                 }
             }
         } else {
             if ($auth instanceof Kwf_User_Auth_Interface_Password) {
                 $row = $auth->getRowByIdentity($this->_identity);
                 if ($row) {
                     if ($this->_credential == 'test' && Kwf_Config::getValue('debug.testPasswordAllowed')) {
                         $ret = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_identity, array(trlKwf('Authentication successful')));
                     } else {
                         if ($auth->validatePassword($row, $this->_credential)) {
                             $ret = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_identity, array(trlKwf('Authentication successful')));
                         } else {
                             $ret = new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $this->_identity, array(trlKwf('Supplied password is invalid')));
                         }
                     }
                     break;
                 }
             }
         }
     }
     if (!$row) {
         $ret = new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array(trlKwf('User not existent in this web')));
     } else {
         if ($ret->isValid()) {
             $users->loginUserRow($row, true);
         }
     }
     if (!$ret->isValid()) {
         $cache = $this->_getCache();
         $failedLoginsFromThisIp = $cache->load($this->_getCacheId());
         if (!$failedLoginsFromThisIp) {
             $failedLoginsFromThisIp = 0;
         }
         $failedLoginsFromThisIp++;
         $cache->save($failedLoginsFromThisIp, $this->_getCacheId());
         $this->_sendWrongLoginMail(array('Identity' => $this->_identity));
         if ($failedLoginsFromThisIp > 3) {
             sleep(3);
         }
     }
     return $ret;
 }
Ejemplo n.º 5
0
 public function setIdentity(Zend_Auth_Result $authResult)
 {
     if ($authResult->isValid()) {
         $this->getStorage()->write($authResult->getIdentity());
     }
 }