/** * Try to login user in admin * * @param string $username * @param string $password * @param Mage_Core_Controller_Request_Http $request * @return Mage_Admin_Model_User|null */ public function login($username, $password, $request = null) { if (empty($username) || empty($password)) { return; } $user = Mage::getModel('admin/user')->login($username, $password); if ($user->getId() && $user->getIsActive() != '1') { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Your Account has been deactivated.')); $request->setParam('messageSent', true); } } elseif (!Mage::getModel('admin/user')->hasAssigned2Role($user->getId())) { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Access Denied.')); $request->setParam('messageSent', true); } } else { if ($user->getId()) { $session = Mage::getSingleton('admin/session'); $session->setIsFirstVisit(true); $session->setUser($user); $session->setAcl(Mage::getResourceModel('admin/acl')->loadAcl()); if ($request) { header('Location: ' . $request->getRequestUri()); exit; } } else { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Invalid Username or Password.')); $request->setParam('messageSent', true); } } } return $user; }
/** * Custom REQUEST_URI logic * * @param Mage_Core_Controller_Request_Http $request * @return string|null */ protected function _getRequestUri($request = null) { if (Mage::getSingleton('adminhtml/url')->useSecretKey()) { return Mage::getSingleton('adminhtml/url')->getUrl('*/*/*', array('_current' => true)); } elseif ($request) { return $request->getRequestUri(); } else { return null; } }
/** * Validate signature * * @throws Mage_Oauth_Exception */ protected function _validateSignature() { $util = new Zend_Oauth_Http_Utility(); $calculatedSign = $util->sign(array_merge($this->_params, $this->_protocolParams), $this->_protocolParams['oauth_signature_method'], $this->_consumer->getSecret(), $this->_token->getSecret(), $this->_request->getMethod(), $this->_request->getScheme() . '://' . $this->_request->getHttpHost() . $this->_request->getRequestUri()); if ($calculatedSign != $this->_protocolParams['oauth_signature']) { $this->_throwException('', self::ERR_SIGNATURE_INVALID); } }
/** * @param Mage_Core_Controller_Request_Http $request * @return string */ public function buildKey(Mage_Core_Controller_Request_Http $request) { $requestUri = $request->getRequestUri(); return md5($requestUri); }