public function authenticate() { $user = $this->_xpdo->newObject($this->_className, array($this->_identityVar => $this->_identity)); if (!is_object($user)) { $this->_resultInfo['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND; $this->_resultInfo['messages'][] = 'No account with that username could be located'; return $this->_createAuthResult(); } //Check If Account Is Enabled if ($user->status) { //Check Credentials $hashing = new Cryptography_HashingService(); if ($hashing->Verify($this->_credentials, $user->password)) { $userService = new Service_User(); if ($profile = $userService->getUserProfile($user->id)) { $user->profile = $profile; } else { $this->_resultInfo['messages'][] = "Could not load User Profile"; } $this->_resultInfo['identity'] = $user; $this->_resultInfo['code'] = Zend_Auth_Result::SUCCESS; $this->_resultInfo['messages'][] = "Login was successful"; return $this->_createAuthResult(); } else { $this->_resultInfo['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID; $this->_resultInfo['identity'] = $this->_identity; $this->_resultInfo['messages'][] = "The password supplied is not correct"; $userService = new Service_User(); if ($userService->registerFailure($user->id) > Zend_Registry::get('maxAccessAttempts')) { $userService->disableAccount($user->id); $this->_resultInfo['messages'][] = "The account has been locked due to multiple failed access attempts"; } return $this->_createAuthResult(); } } else { $this->_resultInfo['code'] = Zend_Auth_Result::FAILURE; $this->_resultInfo['messages'][] = "That account is not currently enabled. If this is a new account, please check for your confirmation e-mail"; return $this->_createAuthResult(); } }
/** * Writes $contents to Storage * * @param mixed $contents * @throws Zend_Auth_Storage_Exception If writing $contents is not completed * @return bool */ public function write($contents) { $requestObject = new Zend_Controller_Request_Http(); if ($cookie = $requestObject->getCookie(self::$_cookieName, FALSE)) { //Decrypt Cookie $encryption = new Cryptography_EncryptionService('1111834'); $decrypted = $encryption->decrypt($cookie); //Separate Session ID from UserID $sessioncookie = explode('||', $decrypted); $sessionid = $sessioncookie[0]; //Check Session Table try { $session = Doctrine_Core::getTable('Model_Session')->findOneBy(self::$_sessionidfield, $sessionid); } catch (Doctrine_Exception $e) { throw new Zend_Auth_Storage_Exception(); } if (!$session) { $session = new Model_Session(); $session->{self::$_accessedfield} = time(); $session->{self::$_useridfield} = $contents->id; $session->{self::$_hostnamefield} = $_SERVER['REMOTE_ADDR']; $session->{self::$_datafield} = serialize($contents); try { $session->save(); } catch (Doctrine_Exception $e) { throw new Zend_Auth_Storage_Exception(); } $encryption = new Cryptography_EncryptionService('1111834'); $hashing = new Cryptography_HashingService(); $cookievalue = $session->id . '||' . $hashing->Compute($session->{self::$_hostnamefield}); if (setcookie(self::$_cookieName, $encryption->encrypt($cookievalue), 0, '/')) { return true; } else { throw new Zend_Auth_Storage_Exception(); } } $session->{self::$_accessedfield} = time(); $session->{self::$_datafield} = serialize($contents->toArray()); try { $session->save(); } catch (Doctrine_Exception $e) { throw new Zend_Auth_Storage_Exception(); } return true; } else { $session = new Model_Session(); $session->{self::$_accessedfield} = time(); $session->{self::$_useridfield} = $contents->id; $session->{self::$_hostnamefield} = $_SERVER['REMOTE_ADDR']; $session->{self::$_datafield} = serialize($contents); try { $session->save(); } catch (Doctrine_Exception $e) { throw new Zend_Auth_Storage_Exception(); } $encryption = new Cryptography_EncryptionService('1111834'); $hashing = new Cryptography_HashingService(); $cookievalue = $session->id . '||' . $hashing->Compute($session->{self::$_hostnamefield}); if (setcookie(self::$_cookieName, $encryption->encrypt($cookievalue), 0, '/')) { return true; } else { throw new Zend_Auth_Storage_Exception(); } } }