If a user is authenticated, a browser cookie is created so the user will be remembered until the cookie is destroyed. Plugins can override SessionInitializer behavior by extending this class and overriding methods. In order for these changes to have effect, however, an instance of the derived class must be used by the Login/Controller.
SessionInitializer Class Documentation
Ejemplo n.º 1
0
 /**
  * Authenticates user
  *
  * @return AuthResult
  */
 public function authenticate()
 {
     if (!empty($this->md5Password)) {
         // favor authenticating by password
         $this->token_auth = UsersManagerAPI::getInstance()->getTokenAuth($this->login, $this->getTokenAuthSecret());
     }
     if (is_null($this->login)) {
         $model = new Model();
         $user = $model->getUserByTokenAuth($this->token_auth);
         if (!empty($user['login'])) {
             $code = $user['superuser_access'] ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS;
             return new AuthResult($code, $user['login'], $this->token_auth);
         }
     } else {
         if (!empty($this->login)) {
             $model = new Model();
             $user = $model->getUser($this->login);
             if (!empty($user['token_auth']) && (SessionInitializer::getHashTokenAuth($this->login, $user['token_auth']) === $this->token_auth || $user['token_auth'] === $this->token_auth)) {
                 $this->setTokenAuth($user['token_auth']);
                 $code = !empty($user['superuser_access']) ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS;
                 return new AuthResult($code, $this->login, $user['token_auth']);
             }
         }
     }
     return new AuthResult(AuthResult::FAILURE, $this->login, $this->token_auth);
 }
Ejemplo n.º 2
0
Archivo: Auth.php Proyecto: piwik/piwik 
 private function authenticateWithTokenOrHashToken($token, $login)
 {
     $user = $this->userModel->getUser($login);
     if (!empty($user['token_auth']) && (SessionInitializer::getHashTokenAuth($login, $user['token_auth']) === $token || $user['token_auth'] === $token)) {
         return $this->authenticationSuccess($user);
     }
     return new AuthResult(AuthResult::FAILURE, $login, $token);
 }
Ejemplo n.º 3
0
 /**
  * Authenticate user and password.  Redirect if successful.
  *
  * @param string $login user name
  * @param string $password md5 password
  * @param bool $rememberMe Remember me?
  * @param string $urlToRedirect URL to redirect to, if successfully authenticated
  * @return string failure message if unable to authenticate
  */
 protected function authenticateAndRedirect($login, $password, $rememberMe, $urlToRedirect = false, $passwordHashed = false)
 {
     Nonce::discardNonce('Login.login');
     $this->auth->setLogin($login);
     if ($passwordHashed === false) {
         $this->auth->setPassword($password);
     } else {
         $this->auth->setPasswordHash($password);
     }
     $this->sessionInitializer->initSession($this->auth, $rememberMe);
     // remove password reset entry if it exists
     $this->passwordResetter->removePasswordResetInfo($login);
     if (empty($urlToRedirect)) {
         $urlToRedirect = Url::getCurrentUrlWithoutQueryString();
     }
     Url::redirectToUrl($urlToRedirect);
 }
Ejemplo n.º 4
0
 private function processPasswordChange($userLogin)
 {
     $alias = Common::getRequestVar('alias');
     $email = Common::getRequestVar('email');
     $newPassword = false;
     $password = Common::getRequestvar('password', false);
     $passwordBis = Common::getRequestvar('passwordBis', false);
     if (!empty($password) || !empty($passwordBis)) {
         if ($password != $passwordBis) {
             throw new Exception($this->translator->translate('Login_PasswordsDoNotMatch'));
         }
         $newPassword = $password;
     }
     // UI disables password change on invalid host, but check here anyway
     if (!Url::isValidHost() && $newPassword !== false) {
         throw new Exception("Cannot change password with untrusted hostname!");
     }
     APIUsersManager::getInstance()->updateUser($userLogin, $newPassword, $email, $alias);
     if ($newPassword !== false) {
         $newPassword = Common::unsanitizeInputValue($newPassword);
     }
     // logs the user in with the new password
     if ($newPassword !== false) {
         $sessionInitializer = new SessionInitializer();
         $auth = StaticContainer::get('Piwik\\Auth');
         $auth->setLogin($userLogin);
         $auth->setPassword($password);
         $sessionInitializer->initSession($auth, $rememberMe = false);
     }
 }
Ejemplo n.º 5
0
 /**
  * @group Plugins
  */
 public function testAuthenticateSuccessLoginAndHashedTokenAuth()
 {
     $user = $this->_setUpUser();
     $hash = \Piwik\Plugins\Login\SessionInitializer::getHashTokenAuth($user['login'], $user['tokenAuth']);
     // valid login & hashed token auth
     $rc = $this->authenticate($user['login'], $tokenAuth = $hash);
     $this->assertUserLogin($rc);
 }