public function authenticate()
{
$user = $this->_xpdo->newObject($this->_className, array($this->_identityVar => $this->_identity));
if (!is_object($user)) {
$this->_resultInfo['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$this->_resultInfo['messages'][] = 'No account with that username could be located';
return $this->_createAuthResult();
}
//Check If Account Is Enabled
if ($user->status) {
//Check Credentials
$hashing = new Cryptography_HashingService();
if ($hashing->Verify($this->_credentials, $user->password)) {
$userService = new Service_User();
if ($profile = $userService->getUserProfile($user->id)) {
$user->profile = $profile;
} else {
$this->_resultInfo['messages'][] = "Could not load User Profile";
}
$this->_resultInfo['identity'] = $user;
$this->_resultInfo['code'] = Zend_Auth_Result::SUCCESS;
$this->_resultInfo['messages'][] = "Login was successful";
return $this->_createAuthResult();
} else {
$this->_resultInfo['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$this->_resultInfo['identity'] = $this->_identity;
$this->_resultInfo['messages'][] = "The password supplied is not correct";
$userService = new Service_User();
if ($userService->registerFailure($user->id) > Zend_Registry::get('maxAccessAttempts')) {
$userService->disableAccount($user->id);
$this->_resultInfo['messages'][] = "The account has been locked due to multiple failed access attempts";
}
return $this->_createAuthResult();
}
} else {
$this->_resultInfo['code'] = Zend_Auth_Result::FAILURE;
$this->_resultInfo['messages'][] = "That account is not currently enabled. If this is a new account, please check for your confirmation e-mail";
return $this->_createAuthResult();
}
}
/**
* Writes $contents to Storage
*
* @param mixed $contents
* @throws Zend_Auth_Storage_Exception If writing $contents is not completed
* @return bool
*/
public function write($contents)
{
$requestObject = new Zend_Controller_Request_Http();
if ($cookie = $requestObject->getCookie(self::$_cookieName, FALSE)) {
//Decrypt Cookie
$encryption = new Cryptography_EncryptionService('1111834');
$decrypted = $encryption->decrypt($cookie);
//Separate Session ID from UserID
$sessioncookie = explode('||', $decrypted);
$sessionid = $sessioncookie[0];
//Check Session Table
try {
$session = Doctrine_Core::getTable('Model_Session')->findOneBy(self::$_sessionidfield, $sessionid);
} catch (Doctrine_Exception $e) {
throw new Zend_Auth_Storage_Exception();
}
if (!$session) {
$session = new Model_Session();
$session->{self::$_accessedfield} = time();
$session->{self::$_useridfield} = $contents->id;
$session->{self::$_hostnamefield} = $_SERVER['REMOTE_ADDR'];
$session->{self::$_datafield} = serialize($contents);
try {
$session->save();
} catch (Doctrine_Exception $e) {
throw new Zend_Auth_Storage_Exception();
}
$encryption = new Cryptography_EncryptionService('1111834');
$hashing = new Cryptography_HashingService();
$cookievalue = $session->id . '||' . $hashing->Compute($session->{self::$_hostnamefield});
if (setcookie(self::$_cookieName, $encryption->encrypt($cookievalue), 0, '/')) {
return true;
} else {
throw new Zend_Auth_Storage_Exception();
}
}
$session->{self::$_accessedfield} = time();
$session->{self::$_datafield} = serialize($contents->toArray());
try {
$session->save();
} catch (Doctrine_Exception $e) {
throw new Zend_Auth_Storage_Exception();
}
return true;
} else {
$session = new Model_Session();
$session->{self::$_accessedfield} = time();
$session->{self::$_useridfield} = $contents->id;
$session->{self::$_hostnamefield} = $_SERVER['REMOTE_ADDR'];
$session->{self::$_datafield} = serialize($contents);
try {
$session->save();
} catch (Doctrine_Exception $e) {
throw new Zend_Auth_Storage_Exception();
}
$encryption = new Cryptography_EncryptionService('1111834');
$hashing = new Cryptography_HashingService();
$cookievalue = $session->id . '||' . $hashing->Compute($session->{self::$_hostnamefield});
if (setcookie(self::$_cookieName, $encryption->encrypt($cookievalue), 0, '/')) {
return true;
} else {
throw new Zend_Auth_Storage_Exception();
}
}
}
