public function execute()
{
// Prevent the page fron being embeded in an iframe
header('X-Frame-Options: DENY');
// Check if user already logged in and redirect to kmc2
if ($this->getRequest()->getCookie('kmcks')) {
$this->redirect('kmc/kmc2');
}
if (infraRequestUtils::getProtocol() != infraRequestUtils::PROTOCOL_HTTPS && kConf::get('kmc_secured_login')) {
$url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header('Location:' . $url);
die;
}
$this->www_host = kConf::get('www_host');
$https_enabled = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? true : false;
$this->securedLogin = kConf::get('kmc_secured_login') || $https_enabled ? true : false;
$swfUrl = $this->securedLogin ? 'https://' : 'http://';
$swfUrl .= $this->www_host . myContentStorage::getFSFlashRootPath();
$swfUrl .= '/kmc/login/' . kConf::get('kmc_login_version') . '/login.swf';
$this->swfUrl = $swfUrl;
$this->partner_id = $this->getRequestParameter("partner_id");
$this->logoUrl = null;
if ($this->partner_id) {
$partner = PartnerPeer::retrieveByPK($this->partner_id);
if ($partner) {
$this->logoUrl = kmcUtils::getWhitelabelData($partner, 'logo_url');
}
}
$this->beta = $this->getRequestParameter("beta");
//prevent script injections - allow only base64_encode chars , which is used when creating A new hash key
$passHashparam = $this->getRequestParameter("setpasshashkey");
if ($passHashparam && !preg_match(self::BASE64_ENCODE_CHARS_REGEX, $passHashparam)) {
KExternalErrors::dieError(KExternalErrors::INVALID_HASH);
}
$this->setPassHashKey = $passHashparam;
$this->hashKeyErrorCode = null;
$this->displayErrorFromServer = false;
if ($this->setPassHashKey) {
try {
$loginData = UserLoginDataPeer::isHashKeyValid($this->setPassHashKey);
$partnerId = $loginData->getConfigPartnerId();
$partner = PartnerPeer::retrieveByPK($partnerId);
if ($partner && $partner->getPasswordStructureValidations()) {
$this->displayErrorFromServer = true;
}
} catch (kCoreException $e) {
$this->hashKeyErrorCode = $e->getCode();
}
}
sfView::SUCCESS;
}
public function execute()
{
$this->beta = $this->getRequestParameter("beta");
$this->kmc_login_version = kConf::get('kmc_login_version');
$this->setPassHashKey = $this->getRequestParameter("setpasshashkey");
$this->hashKeyErrorCode = null;
if ($this->setPassHashKey) {
try {
if (!UserLoginDataPeer::isHashKeyValid($this->setPassHashKey)) {
$this->hashKeyErrorCode = kUserException::NEW_PASSWORD_HASH_KEY_INVALID;
}
} catch (kCoreException $e) {
$this->hashKeyErrorCode = $e->getCode();
}
}
sfView::SUCCESS;
}
public function execute()
{
// Prevent the page fron being embeded in an iframe
header('X-Frame-Options: DENY');
$service_url = requestUtils::getHost();
$service_url = str_replace("http://", "", $service_url);
if (kConf::get('kmc_secured_login')) {
$service_url = 'https://' . $service_url;
if ((empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && $_SERVER['SERVER_PORT'] != 443) {
header('Location:' . $service_url . '/' . $_SERVER['REQUEST_URI']);
die;
}
} else {
$service_url = 'http://' . $service_url;
header('Location:' . $service_url . '/' . $_SERVER['REQUEST_URI']);
die;
}
$this->service_url = $service_url;
$this->kmc_login_version = kConf::get('kmc_login_version');
$this->setPassHashKey = $this->getRequestParameter("setpasshashkey");
$this->hashKeyErrorCode = null;
$this->hashKeyLoginId = null;
if ($this->setPassHashKey) {
try {
if (!UserLoginDataPeer::isHashKeyValid($this->setPassHashKey)) {
$this->hashKeyErrorCode = kUserException::NEW_PASSWORD_HASH_KEY_INVALID;
} else {
$userLoginDataId = UserLoginDataPeer::getIdFromHashKey($this->setPassHashKey);
$userLoginData = UserLoginDataPeer::retrieveByPK($userLoginDataId);
if (!$userLoginData) {
$this->hashKeyLoginId = "";
}
$this->hashKeyLoginId = $userLoginData->getLoginEmail();
}
} catch (kCoreException $e) {
$this->hashKeyErrorCode = $e->getCode();
}
}
sfView::SUCCESS;
}
public function execute()
{
// Prevent the page fron being embeded in an iframe
header('X-Frame-Options: DENY');
$this->beta = $this->getRequestParameter("beta");
$this->kmc_login_version = kConf::get('kmc_login_version');
$this->setPassHashKey = $this->getRequestParameter("setpasshashkey");
$this->hashKeyErrorCode = null;
$this->displayErrorFromServer = false;
if ($this->setPassHashKey) {
try {
$loginData = UserLoginDataPeer::isHashKeyValid($this->setPassHashKey);
$partnerId = $loginData->getConfigPartnerId();
$partner = PartnerPeer::retrieveByPK($partnerId);
if ($partner && $partner->getPasswordStructureValidations()) {
$this->displayErrorFromServer = true;
}
} catch (kCoreException $e) {
$this->hashKeyErrorCode = $e->getCode();
}
}
sfView::SUCCESS;
}
/**
* Tests UserLoginData->resetPassword()
*/
public function testResetPassword()
{
// check start
$this->assertNull($this->UserLoginData->getPasswordHashKey());
$this->dummyPartner->setNumPrevPassToKeep(3);
$this->dummyPartner->save();
// set first password
$pass1 = $this->UserLoginData->resetPassword();
$this->assertTrue($this->UserLoginData->isPasswordValid($pass1));
// no reset when old password is wrong
$pass2 = uniqid();
$this->assertNull($this->UserLoginData->resetPassword($pass2, uniqid()));
$this->assertNull($this->UserLoginData->resetPassword($pass2, null));
$this->assertNull($this->UserLoginData->resetPassword($pass2, ''));
$this->assertNull($this->UserLoginData->resetPassword($pass2, 0));
// reset password with right old password
$pass2_2 = $this->UserLoginData->resetPassword($pass2, $pass1);
$this->assertEquals($pass2, $pass2_2);
$this->assertFalse($this->UserLoginData->isPasswordValid($pass1));
$this->assertTrue($this->UserLoginData->isPasswordValid($pass2));
// set parameters for later check [*] below
$this->UserLoginData->setLoginAttempts(3);
$this->UserLoginData->setLoginBlockedUntil(time());
$this->assertEquals(3, $this->UserLoginData->getLoginAttempts());
$this->assertNotNull($this->UserLoginData->getLoginBlockedUntil());
// check password used before
$pass3 = uniqid();
$this->UserLoginData->resetPassword($pass3, $pass2_2);
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass2));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3));
$pass4 = uniqid();
$this->UserLoginData->resetPassword($pass4, $pass3);
$pass5 = uniqid();
$this->UserLoginData->resetPassword($pass5, $pass4);
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1));
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass2));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass4));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass5));
// check changed parameters [*]
$this->assertEquals(0, $this->UserLoginData->getLoginAttempts());
$this->assertNull($this->UserLoginData->getLoginBlockedUntil());
$this->assertNotNull($this->UserLoginData->getPasswordHashKey());
// check new hash key validity
$dataFromHash = UserLoginDataPeer::isHashKeyValid($this->UserLoginData->getPasswordHashKey());
$this->assertEquals($this->UserLoginData->getId(), $dataFromHash->getId());
}
/**
* Set initial users password
*
* @param string $hashKey
* @param string $newPassword new password to set
*
* @throws KalturaErrors::LOGIN_DATA_NOT_FOUND
* @throws KalturaErrors::PASSWORD_STRUCTURE_INVALID
* @throws KalturaErrors::NEW_PASSWORD_HASH_KEY_EXPIRED
* @throws KalturaErrors::NEW_PASSWORD_HASH_KEY_INVALID
* @throws KalturaErrors::PASSWORD_ALREADY_USED
* @throws KalturaErrors::INTERNAL_SERVERL_ERROR
*/
protected function setInitialPasswordImpl($hashKey, $newPassword)
{
KalturaResponseCacher::disableCache();
try {
$loginData = UserLoginDataPeer::isHashKeyValid($hashKey);
if ($loginData) {
$this->validateApiAccessControl($loginData->getLastLoginPartnerId());
}
$result = UserLoginDataPeer::setInitialPassword($hashKey, $newPassword);
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
throw new KalturaAPIException(KalturaErrors::LOGIN_DATA_NOT_FOUND);
}
if ($code == kUserException::PASSWORD_STRUCTURE_INVALID) {
$loginData = UserLoginDataPeer::isHashKeyValid($hashKey);
$invalidPasswordStructureMessage = $loginData->getInvalidPasswordStructureMessage();
throw new KalturaAPIException(KalturaErrors::PASSWORD_STRUCTURE_INVALID, $invalidPasswordStructureMessage);
}
if ($code == kUserException::NEW_PASSWORD_HASH_KEY_EXPIRED) {
throw new KalturaAPIException(KalturaErrors::NEW_PASSWORD_HASH_KEY_EXPIRED);
}
if ($code == kUserException::NEW_PASSWORD_HASH_KEY_INVALID) {
throw new KalturaAPIException(KalturaErrors::NEW_PASSWORD_HASH_KEY_INVALID);
}
if ($code == kUserException::PASSWORD_ALREADY_USED) {
throw new KalturaAPIException(KalturaErrors::PASSWORD_ALREADY_USED);
}
throw $e;
}
if (!$result) {
throw new KalturaAPIException(KalturaErrors::INTERNAL_SERVERL_ERROR);
}
}
