public function signin($email, $password, $passwordconfirm)
{
# TODO protect this controller by testing isAnonymous
if ($password != $passwordconfirm) {
if ($this->isRequestedFromController) {
return true;
} else {
die('Password missmatch');
}
} else {
# Here user transfert the anonymous properties into his new account
$res = UsersManagement::anonymousUserToRegisteredUser(Auth::getUserName(), $email, $password, $passwordconfirm);
if ($res) {
if ($this->isRequestedFromController) {
return true;
} else {
die('ok');
}
}
if (!$res) {
die('Hum... sorry there is an error, try again !');
}
# To add A new clean user (without his environement)
// try
// {
// UsersManagement::addUser(array('username' => $email,
// 'password' => $password,
// 'confirm_password' => $passwordconfirm,
// 'openid' => '',
// 'rights' => 0,
// 'copname' => 'cop1'),
// true);
// // Need to log before add widget to use tabs feature
// Auth::login($email, $password);
// self::addDefaultWidget($email);
// if($this->isRequestedFromController)
// return true;
// else die('ok');
// }catch(Exception $e){
// if($this->isRequestedFromController)
// return false;
// else die('Account creation failed ' . $e->getMessage());
// }
}
}
public static function isAnonymous()
{
return UsersManagement::isAnonymous(Auth::getUserName());
}
public function logConnection()
{
if (LOGS_USERS) {
if ($fp = @fopen(LOGS_USERS_SRC, 'a+')) {
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$ua = $_SERVER['HTTP_USER_AGENT'];
} else {
$ua = 'n.c';
}
@fwrite($fp, sprintf("[%s] Login '%s'\r\n", date('d/m/Y H:i:s'), Auth::getUserName() . " [{$ua}]"));
@fclose($fp);
}
}
}
/**
* Retrieve the authentication proof for a particular widget for the user
* currently logged on the system. It returns an associative array in JSON
* or php Array with the following keys :
*
* - identifier: the username of the user currently logged on the system.
* - signature: the username encrypted using the generated key for this widget installation.
*
* @param string $widgetId The widget identifier.
* @param string $format The format of the output data. Accepted data are 'json' or 'raw'.
* @return array|json The identification proof for the relevant widget.
*/
public static function retrieveAuthenticationProof($widgetId, $format = 'json')
{
$format = strtolower($format);
if ($format != 'json' && $format != 'raw') {
throw new BadArgumentException(MwwException::MODEL, 'The retrieveAuthenticationProof model method accepts only json or raw as output format');
}
$db = DbUtil::accessFactory();
$widgetId = $db->escape($widgetId);
$rs = $db->select("SELECT authkey FROM widgets WHERE widgetid = '{$widgetId}'");
if ($rs->count()) {
if ($rs->authkey != null) {
$key = $rs->authkey;
$username = Auth::getUserName();
$crypto = new Rijndael();
$signature = $crypto->encrypt($username, $key);
$proof = array('identifier' => $username, 'signature' => $signature);
if ($format == 'json') {
return json_encode($proof);
} else {
return $proof;
}
} else {
throw new WidgetAuthenticationException(MwwException::MODEL, "The widget with id '{$widgetId}' is not authentication ready");
}
} else {
throw new WidgetAuthenticationException(MwwException::MODEL, "The widget with id '{$widgetId}' does not exist");
}
}
