public function execute() { // Prevent the page fron being embeded in an iframe header('X-Frame-Options: DENY'); // Check if user already logged in and redirect to kmc2 if ($this->getRequest()->getCookie('kmcks')) { $this->redirect('kmc/kmc2'); } if (infraRequestUtils::getProtocol() != infraRequestUtils::PROTOCOL_HTTPS && kConf::get('kmc_secured_login')) { $url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; header('Location:' . $url); die; } $this->www_host = kConf::get('www_host'); $https_enabled = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? true : false; $this->securedLogin = kConf::get('kmc_secured_login') || $https_enabled ? true : false; $swfUrl = $this->securedLogin ? 'https://' : 'http://'; $swfUrl .= $this->www_host . myContentStorage::getFSFlashRootPath(); $swfUrl .= '/kmc/login/' . kConf::get('kmc_login_version') . '/login.swf'; $this->swfUrl = $swfUrl; $this->partner_id = $this->getRequestParameter("partner_id"); $this->logoUrl = null; if ($this->partner_id) { $partner = PartnerPeer::retrieveByPK($this->partner_id); if ($partner) { $this->logoUrl = kmcUtils::getWhitelabelData($partner, 'logo_url'); } } $this->beta = $this->getRequestParameter("beta"); //prevent script injections - allow only base64_encode chars , which is used when creating A new hash key $passHashparam = $this->getRequestParameter("setpasshashkey"); if ($passHashparam && !preg_match(self::BASE64_ENCODE_CHARS_REGEX, $passHashparam)) { KExternalErrors::dieError(KExternalErrors::INVALID_HASH); } $this->setPassHashKey = $passHashparam; $this->hashKeyErrorCode = null; $this->displayErrorFromServer = false; if ($this->setPassHashKey) { try { $loginData = UserLoginDataPeer::isHashKeyValid($this->setPassHashKey); $partnerId = $loginData->getConfigPartnerId(); $partner = PartnerPeer::retrieveByPK($partnerId); if ($partner && $partner->getPasswordStructureValidations()) { $this->displayErrorFromServer = true; } } catch (kCoreException $e) { $this->hashKeyErrorCode = $e->getCode(); } } sfView::SUCCESS; }
public function execute() { $this->beta = $this->getRequestParameter("beta"); $this->kmc_login_version = kConf::get('kmc_login_version'); $this->setPassHashKey = $this->getRequestParameter("setpasshashkey"); $this->hashKeyErrorCode = null; if ($this->setPassHashKey) { try { if (!UserLoginDataPeer::isHashKeyValid($this->setPassHashKey)) { $this->hashKeyErrorCode = kUserException::NEW_PASSWORD_HASH_KEY_INVALID; } } catch (kCoreException $e) { $this->hashKeyErrorCode = $e->getCode(); } } sfView::SUCCESS; }
public function execute() { // Prevent the page fron being embeded in an iframe header('X-Frame-Options: DENY'); $service_url = requestUtils::getHost(); $service_url = str_replace("http://", "", $service_url); if (kConf::get('kmc_secured_login')) { $service_url = 'https://' . $service_url; if ((empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && $_SERVER['SERVER_PORT'] != 443) { header('Location:' . $service_url . '/' . $_SERVER['REQUEST_URI']); die; } } else { $service_url = 'http://' . $service_url; header('Location:' . $service_url . '/' . $_SERVER['REQUEST_URI']); die; } $this->service_url = $service_url; $this->kmc_login_version = kConf::get('kmc_login_version'); $this->setPassHashKey = $this->getRequestParameter("setpasshashkey"); $this->hashKeyErrorCode = null; $this->hashKeyLoginId = null; if ($this->setPassHashKey) { try { if (!UserLoginDataPeer::isHashKeyValid($this->setPassHashKey)) { $this->hashKeyErrorCode = kUserException::NEW_PASSWORD_HASH_KEY_INVALID; } else { $userLoginDataId = UserLoginDataPeer::getIdFromHashKey($this->setPassHashKey); $userLoginData = UserLoginDataPeer::retrieveByPK($userLoginDataId); if (!$userLoginData) { $this->hashKeyLoginId = ""; } $this->hashKeyLoginId = $userLoginData->getLoginEmail(); } } catch (kCoreException $e) { $this->hashKeyErrorCode = $e->getCode(); } } sfView::SUCCESS; }
public function execute() { // Prevent the page fron being embeded in an iframe header('X-Frame-Options: DENY'); $this->beta = $this->getRequestParameter("beta"); $this->kmc_login_version = kConf::get('kmc_login_version'); $this->setPassHashKey = $this->getRequestParameter("setpasshashkey"); $this->hashKeyErrorCode = null; $this->displayErrorFromServer = false; if ($this->setPassHashKey) { try { $loginData = UserLoginDataPeer::isHashKeyValid($this->setPassHashKey); $partnerId = $loginData->getConfigPartnerId(); $partner = PartnerPeer::retrieveByPK($partnerId); if ($partner && $partner->getPasswordStructureValidations()) { $this->displayErrorFromServer = true; } } catch (kCoreException $e) { $this->hashKeyErrorCode = $e->getCode(); } } sfView::SUCCESS; }
/** * Tests UserLoginData->resetPassword() */ public function testResetPassword() { // check start $this->assertNull($this->UserLoginData->getPasswordHashKey()); $this->dummyPartner->setNumPrevPassToKeep(3); $this->dummyPartner->save(); // set first password $pass1 = $this->UserLoginData->resetPassword(); $this->assertTrue($this->UserLoginData->isPasswordValid($pass1)); // no reset when old password is wrong $pass2 = uniqid(); $this->assertNull($this->UserLoginData->resetPassword($pass2, uniqid())); $this->assertNull($this->UserLoginData->resetPassword($pass2, null)); $this->assertNull($this->UserLoginData->resetPassword($pass2, '')); $this->assertNull($this->UserLoginData->resetPassword($pass2, 0)); // reset password with right old password $pass2_2 = $this->UserLoginData->resetPassword($pass2, $pass1); $this->assertEquals($pass2, $pass2_2); $this->assertFalse($this->UserLoginData->isPasswordValid($pass1)); $this->assertTrue($this->UserLoginData->isPasswordValid($pass2)); // set parameters for later check [*] below $this->UserLoginData->setLoginAttempts(3); $this->UserLoginData->setLoginBlockedUntil(time()); $this->assertEquals(3, $this->UserLoginData->getLoginAttempts()); $this->assertNotNull($this->UserLoginData->getLoginBlockedUntil()); // check password used before $pass3 = uniqid(); $this->UserLoginData->resetPassword($pass3, $pass2_2); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass2)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3)); $pass4 = uniqid(); $this->UserLoginData->resetPassword($pass4, $pass3); $pass5 = uniqid(); $this->UserLoginData->resetPassword($pass5, $pass4); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1)); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass2)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass4)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass5)); // check changed parameters [*] $this->assertEquals(0, $this->UserLoginData->getLoginAttempts()); $this->assertNull($this->UserLoginData->getLoginBlockedUntil()); $this->assertNotNull($this->UserLoginData->getPasswordHashKey()); // check new hash key validity $dataFromHash = UserLoginDataPeer::isHashKeyValid($this->UserLoginData->getPasswordHashKey()); $this->assertEquals($this->UserLoginData->getId(), $dataFromHash->getId()); }
/** * Set initial users password * * @param string $hashKey * @param string $newPassword new password to set * * @throws KalturaErrors::LOGIN_DATA_NOT_FOUND * @throws KalturaErrors::PASSWORD_STRUCTURE_INVALID * @throws KalturaErrors::NEW_PASSWORD_HASH_KEY_EXPIRED * @throws KalturaErrors::NEW_PASSWORD_HASH_KEY_INVALID * @throws KalturaErrors::PASSWORD_ALREADY_USED * @throws KalturaErrors::INTERNAL_SERVERL_ERROR */ protected function setInitialPasswordImpl($hashKey, $newPassword) { KalturaResponseCacher::disableCache(); try { $loginData = UserLoginDataPeer::isHashKeyValid($hashKey); if ($loginData) { $this->validateApiAccessControl($loginData->getLastLoginPartnerId()); } $result = UserLoginDataPeer::setInitialPassword($hashKey, $newPassword); } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { throw new KalturaAPIException(KalturaErrors::LOGIN_DATA_NOT_FOUND); } if ($code == kUserException::PASSWORD_STRUCTURE_INVALID) { $loginData = UserLoginDataPeer::isHashKeyValid($hashKey); $invalidPasswordStructureMessage = $loginData->getInvalidPasswordStructureMessage(); throw new KalturaAPIException(KalturaErrors::PASSWORD_STRUCTURE_INVALID, $invalidPasswordStructureMessage); } if ($code == kUserException::NEW_PASSWORD_HASH_KEY_EXPIRED) { throw new KalturaAPIException(KalturaErrors::NEW_PASSWORD_HASH_KEY_EXPIRED); } if ($code == kUserException::NEW_PASSWORD_HASH_KEY_INVALID) { throw new KalturaAPIException(KalturaErrors::NEW_PASSWORD_HASH_KEY_INVALID); } if ($code == kUserException::PASSWORD_ALREADY_USED) { throw new KalturaAPIException(KalturaErrors::PASSWORD_ALREADY_USED); } throw $e; } if (!$result) { throw new KalturaAPIException(KalturaErrors::INTERNAL_SERVERL_ERROR); } }