public function loginSubmit()
{
if (CommonUtilities::form_submitted()) {
$username = $_POST['username'];
$password = $_POST['password'];
try {
if (WSIS::authenticate($username, $password)) {
$userRoles = (array) WSIS::getUserRoles($username);
if (in_array(Config::get('pga_config.wsis')['admin-role-name'], $userRoles)) {
Session::put("admin", true);
}
if (in_array(Config::get('pga_config.wsis')['read-only-admin'], $userRoles)) {
Session::put("admin-read-only", true);
}
$userProfile = WSIS::getUserProfile($username);
if ($userProfile != null && !empty($userProfile)) {
Session::put("user-profile", $userProfile);
}
CommonUtilities::store_id_in_session($username);
CommonUtilities::print_success_message('Login successful! You will be redirected to your home page shortly.');
//TODO::If this option is not safe, have to find a better method to send credentials to identity server on every connection.
Session::put("gateway_id", Config::get('pga_config.airavata')['gateway-id']);
Session::put("password", $_POST["password"]);
return Redirect::to("home");
} else {
return Redirect::to("login")->with("invalid-credentials", true);
}
} catch (Exception $ex) {
return Redirect::to("login")->with("invalid-credentials", true);
}
}
}
public function loginSubmit()
{
if (CommonUtilities::form_submitted()) {
$wsisConfig = Config::get('pga_config.wsis');
if ($wsisConfig['tenant-domain'] == "") {
$username = Input::get("username");
} else {
$username = Input::get("username") . "@" . $wsisConfig['tenant-domain'];
}
$password = $_POST['password'];
$response = WSIS::authenticate($username, $password);
if (!isset($response->access_token)) {
return Redirect::to("login")->with("invalid-credentials", true);
}
$accessToken = $response->access_token;
$refreshToken = $response->refresh_token;
$expirationTime = time() + $response->expires_in - 5;
//5 seconds safe margin
$userProfile = WSIS::getUserProfileFromOAuthToken($accessToken);
$username = $userProfile['username'];
$userRoles = (array) WSIS::getUserRoles($username);
$authzToken = new Airavata\Model\Security\AuthzToken();
$authzToken->accessToken = $accessToken;
$authzToken->claimsMap = array('userName' => $username);
Session::put('authz-token', $authzToken);
Session::put('oauth-refresh-code', $refreshToken);
Session::put('oauth-expiration-time', $expirationTime);
Session::put("user-profile", $userProfile);
if (in_array(Config::get('pga_config.wsis')['admin-role-name'], $userRoles)) {
Session::put("admin", true);
}
if (in_array(Config::get('pga_config.wsis')['read-only-admin-role-name'], $userRoles)) {
Session::put("admin-read-only", true);
}
if (in_array(Config::get('pga_config.wsis')['user-role-name'], $userRoles)) {
Session::put("authorized-user", true);
}
//only for super admin
if (Config::get('pga_config.portal')['super-admin-portal'] == true) {
Session::put("super-admin", true);
}
CommonUtilities::store_id_in_session($username);
Session::put("gateway_id", Config::get('pga_config.airavata')['gateway-id']);
if (Session::get("admin") || Session::get("admin-read-only") || Session::get("authorized-user")) {
return $this->initializeWithAiravata($username);
}
if (Session::get("admin") || Session::get("admin-read-only")) {
return Redirect::to("admin/dashboard");
} else {
return Redirect::to("home");
}
}
}
