public static function handler($data = null) { if (isset($_SESSION['done_autoauth'])) { return; } if (empty($_SERVER['SSL_CLIENT_RAW_CERT'])) { return self::done(); } if (Session::isLoggedIn()) { return self::done(); } $certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis')); $userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']); if ($userId == NULL) { return self::done(); } $users = new users(ConnectionFactory::get('mongo')); $user = $users->get($userId, false); if (empty($user)) { return; } if (!in_array('autoauth', $user['auths'])) { return self::done(); } if ($user['status'] == users::ACCT_LOCKED) { return self::done(); } Session::setBatchVars($user); return self::done(); }
public static function handler($data = null) { Session::init(); $key = Cache::PREFIX . 'sessionReq_' . Session::getId(); if (apc_exists($key)) { Session::setBatchVars(apc_fetch($key)); apc_delete($key); } $ip = Session::getVar('ip'); if (Session::isLoggedIn() && Session::getVar('lockToIP') && $ip != null && $ip != $_SERVER['REMOTE_ADDR']) { Session::destroy(); header('Location: ' . Url::format('/')); die; } Session::setVar('ip', $_SERVER['REMOTE_ADDR']); $twitter = new twitter(ConnectionFactory::get('redis')); Layout::set('tweets', $twitter->getOfficialTweets()); self::slowBan(); self::errorBan(); }
public function settings($arguments) { // Update if (!Session::isLoggedIn()) { return Error::set('You are not logged in!'); } $user = new users(ConnectionFactory::get('mongo')); $this->view['valid'] = true; $this->view['user'] = $user->get(Session::getVar('username')); $this->view['secure'] = !empty($_SERVER['SSL_CLIENT_RAW_CERT']) ? true : false; if ($this->view['secure']) { $this->view['clientSSLKey'] = certs::getKey($_SERVER['SSL_CLIENT_RAW_CERT']); } if (!empty($arguments[0]) && $arguments[0] == 'save') { if (!empty($_POST['oldpassword']) && !empty($_POST['password'])) { $old = $user->hash($_POST['oldpassword'], $this->view['user']['username']); if ($old != $this->view['user']['password']) { return Error::set('Previous password is invalid.'); } } $username = !empty($_POST['username']) ? $_POST['username'] : null; $password = !empty($_POST['password']) ? $_POST['password'] : null; $email = !empty($_POST['email']) ? $_POST['email'] : null; $hideEmail = !empty($_POST['hideEmail']) ? true : false; $lockToIp = !empty($_POST['lockToIp']) ? true : false; $error = $user->edit(Session::getVar('_id'), $username, $password, $email, $hideEmail, null, $lockToIp); if (is_string($error)) { return Error::set($error); } $this->view['user'] = $user->get(Session::getVar('username')); Session::setBatchVars($this->view['user']); Error::set('User profile saved.', true); } if (!empty($arguments[0]) && $arguments[0] == 'saveAuth') { $password = !empty($_POST['passwordAuth']) ? true : false; $certificate = !empty($_POST['certificateAuth']) ? true : false; $certAndPass = !empty($_POST['certAndPassAuth']) ? true : false; $autoauth = !empty($_POST['autoAuth']) ? true : false; $return = $user->changeAuth(Session::getVar('_id'), $password, $certificate, $certAndPass, $autoauth); if (is_string($return)) { return Error::set($return); } $this->view['user'] = $user->get(Session::getVar('username')); } Layout::set('title', 'Settings'); }
/** * Authenticate a user. * * @param string $username The username to use. * @param string $password The password to use. * * @return mixed User data on success, or error string. */ public function authenticate($username, $password) { $auths = array('Password', 'Certificate', 'CAP'); $applicable = array(); foreach ($auths as $auth) { $good = call_user_func(array($this, 'qualify' . $auth), $username, $password); if ($good) { $applicable[] = $auth; } } foreach ($applicable as $auth) { $good = call_user_func(array($this, 'check' . $auth), $username, $password); if ($good != false) { if ($good['status'] == self::ACCT_LOCKED) { return 'User banned.'; } $key = Cache::PREFIX . 'Session_user_' . $good['username']; if (apc_exists($key)) { Session::forceLogout($good['username'], apc_fetch($key)); } Session::setBatchVars($good); return $good; } } return 'Invalid username/password'; }