public function initialize($env, $rq) { $this->env = $env; $this->dao = $this->getDao(); if ($env != NULL and $env->events() != NULL) { require_once "include/event/SessionEvent.class.php"; SessionEvent::register($env->events()); } $id = NULL; $cookie = FALSE; $time = time(); if ($rq != NULL) { $id = $rq->getSessionId(); } // initialize guest mode if ($id === "guest" and $this->env->features()->isFeatureEnabled("guest_mode")) { $user = $this->env->settings()->setting("guest_user_id"); if (!$user) { throw new ServiceException("INVALID_CONFIGURATION", "No guest user defined"); } Logging::logDebug("Guest session: " . $user); $this->session = array("user_id" => $user); } else { $cookie = ($this->useCookie and $this->env->cookies()->exists("session")); if ($id == NULL and $cookie) { $id = $this->env->cookies()->get("session"); } // no session found if ($id == NULL) { return; } $expiration = $this->getLastValidSessionTime($time); $sessionData = $this->dao->getSession($id, $this->env->configuration()->formatTimestampInternal($expiration)); if ($sessionData == NULL) { $this->env->cookies()->remove("session"); $this->removeAllExpiredSessions(); return; } $this->session = $sessionData; $this->data = $this->dao->getSessionData($id); } $this->id = $id; // load user data $this->user = $this->findSessionUser($this->session["user_id"]); if (!$this->user) { // user expired $this->end(); $this->id = NULL; return; } if ($this->env->features()->isFeatureEnabled('user_groups')) { $this->userGroups = $this->env->configuration()->getUsersGroups($this->user["id"]); } // extend session time $this->dao->updateSessionTime($this->id, $this->env->configuration()->formatTimestampInternal($time)); // check if cookie is for same id if (!$cookie or strcmp($this->id, $this->env->cookies()->get("session")) != 0) { $this->setCookie($time); } }
private function authenticate() { if (!$this->request->hasData("username") or !$this->request->hasData("password")) { throw new ServiceException("INVALID_REQUEST", "Missing parameters"); } $pw = base64_decode($this->request->data("password")); $this->env->authentication()->login($this->request->data("username"), $pw); $this->env->events()->onEvent(SessionEvent::login($this->env->request()->ip())); $sessionInfo = $this->getSessionInfo(); if ($this->request->hasData("remember") and strcmp($this->request->data("remember"), "1") === 0) { $this->env->authentication()->storeCookie(); } $this->response()->success($sessionInfo); }
public function login($username, $pw) { $user = $this->env->configuration()->findUser($username, $this->env->settings()->setting("email_login"), time()); if (!$user) { syslog(LOG_NOTICE, "Failed Mollify login attempt from [" . $this->env->request()->ip() . "], user [" . $username . "]"); $this->env->events()->onEvent(SessionEvent::failedLogin($username, $this->env->request()->ip())); throw new ServiceException("AUTHENTICATION_FAILED"); } $auth = $this->env->configuration()->getUserAuth($user["id"]); if (!$this->auth($user, $auth, $pw)) { syslog(LOG_NOTICE, "Failed Mollify login attempt from [" . $this->env->request()->ip() . "], user [" . $username . "]"); $this->env->events()->onEvent(SessionEvent::failedLogin($username, $this->env->request()->ip())); throw new ServiceException("AUTHENTICATION_FAILED"); } $this->setAuth($user, $auth["type"]); return $user; }
public function __construct(SessionInterface $session, $oldId) { parent::__construct($session); $this->oldId = $oldId; }