/**
*
* @todo add openid authentication
*
*/
public function loginAction()
{
$form = new App_Form_Login();
if (!empty($_POST) && $form->isValid($_POST)) {
$username = $form->getValue('username');
$password = $form->getValue('password');
//------------------------------------
// make sure the login form validates
//------------------------------------
if ($form->isValid($_POST)) {
$auth = Zend_Auth::getInstance();
//------------------------------------------
// Attempt a standard database login
//------------------------------------------
$adapter = new ZendX_Doctrine_Auth_Adapter(Doctrine_Manager::connection(), 'Account', 'username', 'password', 'MD5(?) AND enabled = 1 AND confirmed = 1');
$adapter->setIdentity($username);
$adapter->setCredential($password);
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
$message = 'The username and password provided does not match our records';
$this->_flash->addMessage($message);
$form->addError($message);
} else {
$userdata = $adapter->getResultRowObject(null, 'password');
//translate the user into an actual doctrine object
$accounts = new App_Table_Account();
$auth->getStorage()->write($accounts->find($userdata->id));
//audit the login
$login = new AccountLogin();
$login->accountId = $userdata->id;
$login->ip = ip2long($_SERVER['REMOTE_ADDR']);
$login->save();
$this->_flash->addMessage('Welcome back, ' . $result->getIdentity());
$this->_redirector->gotoSimple('profile');
}
}
}
// force users to logout before they can try to login
if (Zend_Auth::getInstance()->getIdentity() !== null) {
$this->_flash->addMessage('You are already logged in! You must log out before you can
log into a different account.');
$this->_redirector->gotoSimple('profile');
}
$form->setMethod(Zend_Form::METHOD_POST);
$this->view->form = $form;
}
