/**
* @return bool
*/
public static function preProcess()
{
if (!parent::preProcess()) {
return false;
}
static::$currentUser = Security::get()->currentUser();
return true;
}
/**
* @return array
*/
protected static function authenticate()
{
$principal = SecurityPrincipal::get();
if ($principal->authenticate(static::request()->username, static::request()->password)) {
Session::set('security.current_user', static::request()->username);
Session::set('security.authenticated', true);
$uri = Session::get('security.called_before_login');
Session::set('security.called_before_login', null);
return ['success' => true, 'controllerAction' => $uri];
} else {
return ['success' => false, 'controllerAction' => 'Security::login', 'params' => ['failure']];
}
}
public static function postEdit($redirect = true)
{
$signupForm = new forms\Signup();
$signupForm->validate(static::request());
# Otherwise controller would need to be extended (single actions cant be protected)
if (!security\Security::get()->isAuthenticated()) {
return security\controllers\Security::forbidden();
} elseif (!$signupForm->isValid()) {
return static::render(['errors' => $signupForm->getErrors()]);
} else {
$mediator = RegistrationMediator::get();
$credentials = ['id' => security\Security::get()->currentUser()->id, 'password' => static::request()->password, 'passwordRetyped' => static::request()->passwordRetyped, 'fullname' => static::request()->fullname, 'email' => static::request()->email, 'phone' => static::request()->phone, 'mobile' => static::request()->mobile];
# This is mediator dependent and cant therefore be abstracted into a form
$areCredentialsValid = $mediator->isValidPassword($credentials['password'], $credentials['passwordRetyped']);
if ($areCredentialsValid) {
# Now we can sha1 the password
$credentials['password'] = sha1($credentials['password']);
# Save it
$mediator->edit($credentials);
# and redirect or save, dependent on input var
return $redirect ? static::redirect('Registration::success') : $mediator->getSignedUpUser();
}
}
}
/**
* @param string $group
* @return bool
*/
public function isInGroup($group)
{
return Security::get()->isUserInGroup($this->username, $group);
}