/**
* The login action, when you do login/login
*/
public function postLogin()
{
// Il metodo è utilizzato solo per il login con email
$this->app->log->debug(get_class($this) . '->postLogin()');
// check if csrf token is valid
$token = $this->app->request->post(Session::SESSION_CSRF_TOKEN);
if (!Csrf::isTokenValid($token)) {
LoginModel::logout();
$this->redirectHome();
exit;
}
// perform the login method, put result (true or false) into $login_successful
$login_successful = LoginModel::login($this->app->request->post('user_name'), $this->app->request->post('user_password'), $this->app->request->post('set_remember_me_cookie'), UserModel::PROVIDER_TYPE_DEFAULT);
// check login status: if true, then redirect user to user/index, if false, then to login form again
$this->redirectAfterLogin($login_successful);
}
protected function renderLogin()
{
$redirect = $this->getRedirectUrl();
// FIXME: mockup hard-coded
//$xml = "<xml><note><to>Tove</to><from>Jani</from><heading>Reminder</heading><body>Don't forget me this weekend!</body></note></xml>";
//$redirect = "/api/fattura/import-directly/" . XmlUtil::base64url_encode($xml); // dimensione massima consigliata 64k
$csrf_token = Csrf::makeToken();
// https://en.wikipedia.org/wiki/Cross-site_request_forgery
$this->app->render($this->app->config('app.templates.path') . '/login/index.twig', array('type' => 1, 'captcha_key' => $this->app->config('captcha.key'), 'redirect' => urlencode($redirect), 'csrf_token' => $csrf_token, 'feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages()));
}