Ejemplo n.º 1
0
 /**
  * Authorizes the user with his username and password. Initializes
  * the user session if the user data are valid.
  * 
  * @access protected
  * @param \Zepi\Web\UserInterface\Form\Form $form
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @return string|boolean
  */
 protected function sendRequest(Form $form, Framework $framework, RequestAbstract $request, Response $response)
 {
     $group = $form->searchPartByKeyAndType('user-data');
     $username = trim($group->getPart('username')->getValue());
     $result = $this->validateData($framework, $username);
     // If the validate function returned a string there was an error in the validation.
     if ($result !== true) {
         return $result;
     }
     // Load the user
     $user = $this->userManager->getUserForUsername($username);
     // Generate an request token
     $token = uniqid(md5($user->getMetaData('email')), true);
     $user->setMetaData('passwordRequestToken', $token);
     $user->setMetaData('passwordRequestTokenLifetime', time() + 3600);
     $this->userManager->updateUser($user);
     // Send the request mail
     $requestLink = $request->getFullRoute('/generate-new-password/' . $user->getUuid() . '/' . $token . '/');
     $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password requested', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\RequestNewPassword', array('user' => $user, 'requestLink' => $requestLink)));
     return true;
 }
Ejemplo n.º 2
0
 /**
  * Validates the input user data
  * 
  * @param \Zepi\Turbo\Framework $framework
  * @param string $username
  * @param string $password
  * @return boolean|\Zepi\Web\AccessControl\Entity\User
  */
 protected function validateUserData(Framework $framework, $username, $password)
 {
     // If the password isn't at least 8 characters long
     if (strlen($password) < 8) {
         return false;
     }
     // If the given username doesn't exists
     if (!$this->userManager->hasUserForUsername($username)) {
         return false;
     }
     $user = $this->userManager->getUserForUsername($username);
     // If the user not is usable
     if ($user === false) {
         return false;
     }
     // If the inserted password not is correct
     if (!$user->comparePasswords($password)) {
         return false;
     }
     // Everything is okey
     return $user;
 }
Ejemplo n.º 3
0
 /**
  * Returns true if the username is in use and not is the edited user.
  * 
  * @param string $username
  * @param \Zepi\Web\AccessControl\Entity\User $user
  * @return boolean
  */
 protected function isUsernameInUse($username, User $user)
 {
     return $this->userManager->hasUserForUsername($username) && $this->userManager->getUserForUsername($username)->getUuid() != $user->getUuid();
 }