function showLogin_PageDidLoad($page, $params) { $ac = WFAuthorizationManager::sharedAuthorizationManager(); $authinfo = $ac->authorizationInfo(); if ($authinfo->isLoggedIn()) { $page->outlet('userinfo')->setValue('User is logged in (' . $authinfo->userid() . ')'); $page->assign('showLogout', true); } else { $page->outlet('userinfo')->setValue('No user logged in.'); $page->assign('showLogout', false); } }
/** * Execute the checking of security clearance for the user and the module. * * NOTE: This function may issue an HTTP 302 and redirect the user to the login page, then halt script execution. * * @throws WFException if anything unexpected happens. */ private function runSecurityCheck() { try { // check security, but only for the root invocation if ($this->invocation->isRootInvocation()) { $authInfo = WFAuthorizationManager::sharedAuthorizationManager()->authorizationInfo(); $access = $this->checkSecurity($authInfo); if (!in_array($access, array(WFAuthorizationManager::ALLOW, WFAuthorizationManager::DENY, WFAuthorizationManager::PROMPT))) { throw new WFException("Unexpected return code from checkSecurity."); } // if access is denied, see if there is a logged in user. If so, then DENY. If not, then allow login. if ($access == WFAuthorizationManager::DENY) { if ($authInfo->isLoggedIn()) { // if no one is logged in, allow login, otherwise deny. throw new WFAuthorizationException("Access denied.", WFAuthorizationException::DENY); } else { // if no one is logged in, allow login, otherwise deny. throw new WFAuthorizationException("Try logging in.", WFAuthorizationException::TRY_LOGIN); } } else { if ($access == WFAuthorizationManager::PROMPT) { if (!$authInfo->isLoggedIn()) { throw new WFException("WFAuthorizationManager::PROMPT is not a valid response when no one is logged in."); } else { // if no one is logged in, allow login, otherwise deny. throw new WFAuthorizationException("Please re-login to access this secure area.", WFAuthorizationException::TRY_PROMPT); } } } } } catch (WFAuthorizationException $e) { if (php_sapi_name() === 'cli') { throw new WFException($e->getMessage()); } if (WFRequestController::sharedRequestController()->isAjax()) { throw new WFRequestController_HTTPException("Not authorized.", 403); } switch ($e->getCode()) { case WFAuthorizationException::TRY_PROMPT: WFAuthorizationManager::sharedAuthorizationManager()->doLoginRedirect($_SERVER['REQUEST_URI'], true); break; case WFAuthorizationException::TRY_LOGIN: WFAuthorizationManager::sharedAuthorizationManager()->doLoginRedirect($_SERVER['REQUEST_URI']); break; case WFAuthorizationException::DENY: header("Location: " . WFRequestController::WFURL('login', 'notAuthorized')); exit; break; } } }