/**
* Authenticate the user
*
* @var Controller_Action
* @var Username
* @var Password
* @return if success user's object otherwise NULL.
*/
public function authenticate(Controller_Action $controller, $username, $password)
{
$user = NULL;
if (!$this->ldapConnect()) {
$controller->setError('Could not connect to the LDAP Server.');
return $user;
}
//If the login id is not the COMMON_NAME_ATTRIBUTE, find the value to bind
if (defined('LDAP_ALT_LOGIN_ATTRIBUTE') && LDAP_ALT_LOGIN_ATTRIBUTE !== false) {
$ldap_commonName = $this->getLdapCommonName(LDAP_ALT_LOGIN_ATTRIBUTE . '=' . $username);
} else {
$ldap_commonName = $username;
}
$ldap_username = $this->getLdapUsername($ldap_commonName);
error_log("Ldap: {$ldap_commonName} : {$ldap_username}");
$login_status = $this->ldapBind($ldap_username, $password);
if ($login_status) {
// if ($sr=ldap_read($this->ldap_connection, LDAP_USER_DN,"(objectclass=*)",array('samaccountname'))) {
// error_log("LdapDump: ".json_encode(ldap_get_entries($this->ldap_connection,$sr)));
// }
$ldapEmail = $this->getLdapEmail(LDAP_COMMON_NAME_ATTRIBUTE . "=" . $ldap_commonName);
if ($this->user->loadByUsername($ldapEmail)) {
if ($this->user->isActive()) {
$user = $this->user;
} else {
$controller->setError("User is deactivated.");
}
} else {
//Ldap users are already authenticated. If they don't exist yet, take care of it.
$user = new LoveUser();
$data = array("Username" => $ldapEmail, "Password" => 'LDAP', "Nickname" => array_shift(split('@', $ldapEmail)), "Active" => 1, "Confirmed" => 1, "Removed" => 0, "Admin" => 0, "Token" => '', "DateAdded" => 0, "DateModified" => 0);
$user->loadData($data);
try {
$id = $user->save();
$result = $id;
} catch (Exception $e) {
$controller->setError($e->getMessage());
}
}
} else {
$controller->setError("Invalid login");
}
$this->ldapClose();
return $user;
}
/**
* Create controller function
*
* This function creates a new user.
*
* The function validates the passed data
* and return error and description of error
* if the data is invalid. When the data is valid
* a new user is created.
*
* @return json|xml true on success false on error
*/
public function create()
{
if ($this->isRequestValid("create")) {
// Create a new user object, and fill it with the given data.
$user = new LoveUser();
$username = isset($_REQUEST['username']) ? trim($_REQUEST['username']) : '';
$password = isset($_REQUEST['password']) ? $_REQUEST['password'] : '';
$nickname = isset($_REQUEST['nickname']) ? trim($_REQUEST['nickname']) : '';
$token = isset($_REQUEST['confirm_string']) ? trim($_REQUEST['confirm_string']) : uniqid();
// TODO: Disable nickname collision checks, and enable soft failing.
if (!$user->loadByUsername($username)) {
if (!$user->loadByNickname($nickname)) {
$data = array("Username" => $username, "Password" => $password, "Nickname" => $nickname, "Active" => 1, "Confirmed" => 1, "Removed" => 0, "Admin" => 0, "Token" => $token, "DateAdded" => 0, "DateModified" => 0);
$user->loadData($data);
$id = $user->save();
// Push user created to the applications
if (!$this->getResponse()->pushUser($this->AppAuth->getAppName(), $id, 'pushCreateUser')) {
$this->setError("User could not be pushed to the registred applications.");
}
$this->response->addParams(array("id" => $user->getId(), "username" => $user->getUsername(), "nickname" => $user->getNickname(), "confirm_string" => $token, "token" => $_REQUEST["token"]));
} else {
$this->setError("Nickname already registered!");
}
} else {
$this->setError("Username already registered!");
}
}
$this->completeResponse();
}
