public static function encrypt($string, $key = '')
{
$encrypted = null;
if (function_exists("mcrypt_generic") && mcrypt_module_self_test(MCRYPT_WAKE)) {
$encrypted = jCrypt::mcryptEncrypt($string, $key);
} else {
$encrypted = jCrypt::simpleCrypt($string, $key);
}
return base64_encode($encrypted);
}
/**
* Encrypt a string with a specific key
* @param string $string the string to encrypt
* @param string $key the key used to encrypt
* @return string encrypted string
*/
public static function encrypt($string, $key)
{
$encrypted = null;
// Check if mcrypt is installed, and if WAKE algo exists
if (function_exists("mcrypt_generic") && mcrypt_module_self_test(MCRYPT_WAKE)) {
$encrypted = jCrypt::mcryptEncrypt($string, $key);
} else {
$encrypted = jCrypt::simpleCrypt($string, $key);
}
return base64_encode($encrypted);
}
/**
* authentificate a user, and create a user in the php session
* @param string $login the login of the user
* @param string $password the password to test (not encrypted)
* @param boolean $persistant (optional) the session must be persistant
* @return boolean true if authentification is ok
*/
public static function login($login, $password, $persistant = false)
{
$dr = self::_getDriver();
$config = self::_getConfig();
if ($user = $dr->verifyPassword($login, $password)) {
$eventresp = jEvent::notify('AuthCanLogin', array('login' => $login, 'user' => $user));
foreach ($eventresp->getResponse() as $rep) {
if (!isset($rep['canlogin']) || $rep['canlogin'] === false) {
return false;
}
}
$_SESSION[$config['session_name']] = $user;
$persistence = 0;
// Add a cookie for session persistance, if enabled
if ($persistant && isset($config['persistant_enable']) && $config['persistant_enable']) {
if (!isset($config['persistant_crypt_key']) || !isset($config['persistant_cookie_name'])) {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
if (isset($config['persistant_duration'])) {
$persistence = $config['persistant_duration'] * 86400;
} else {
$persistence = 86400;
}
// 24h
$persistence += time();
$encrypted = jCrypt::encrypt(serialize(array($login, $password)), $config['persistant_crypt_key']);
setcookie($config['persistant_cookie_name'] . '[auth]', $encrypted, $persistence, $config['persistant_cookie_path']);
}
jEvent::notify('AuthLogin', array('login' => $login, 'persistence' => $persistence));
return true;
} else {
return false;
}
}
public static function generateCookieToken($login, $password)
{
$persistence = 0;
$config = self::loadConfig();
// Add a cookie for session persistance, if enabled
if (isset($config['persistant_enable']) && $config['persistant_enable']) {
if (!isset($config['persistant_crypt_key']) || !isset($config['persistant_cookie_name']) || trim($config['persistant_crypt_key']) == '' || trim($config['persistant_cookie_name']) == '') {
jLog::log(jLocale::get('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key'), 'error');
return 0;
}
if (isset($config['persistant_duration'])) {
$persistence = intval($config['persistant_duration']) * 86400;
} else {
$persistence = 86400;
// 24h
}
$persistence += time();
$encrypted = jCrypt::encrypt(serialize(array($login, $password)), $config['persistant_crypt_key']);
setcookie($config['persistant_cookie_name'] . '[auth]', $encrypted, $persistence, $config['persistant_cookie_path'], "", false, true);
}
return $persistence;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
if (isset($this->config['persistant_enable']) && $this->config['persistant_enable'] && !jAuth::isConnected()) {
if (isset($this->config['persistant_cookie_name']) && isset($this->config['persistant_crypt_key'])) {
$cookieName = $this->config['persistant_cookie_name'];
if (isset($_COOKIE[$cookieName]['auth']) && strlen($_COOKIE[$cookieName]['auth']) > 0) {
$decrypted = jCrypt::decrypt($_COOKIE[$cookieName]['auth'], $this->config['persistant_crypt_key']);
$decrypted = @unserialize($decrypted);
if ($decrypted && is_array($decrypted)) {
list($login, $password) = $decrypted;
jAuth::login($login, $password);
}
}
if (isset($_COOKIE[$cookieName]['login'])) {
// destroy deprecated cookies
setcookie($cookieName . '[login]', '', time() - 3600, $this->config['persistant_cookie_path']);
setcookie($cookieName . '[passwd]', '', time() - 3600, $this->config['persistant_cookie_path']);
}
} else {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
}
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
$authok = false;
if ($needAuth) {
if ($notLogged) {
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
if (!$badip) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
} else {
$authok = true;
}
} else {
$authok = true;
}
return $selector;
}
public static function generateCookieToken($login, $password)
{
$persistence = 0;
$config = self::loadConfig();
// Add a cookie for session persistance, if enabled
if (isset($config['persistant_enable']) && $config['persistant_enable']) {
if (!isset($config['persistant_crypt_key']) || !isset($config['persistant_cookie_name'])) {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
if (isset($config['persistant_duration'])) {
$persistence = $config['persistant_duration'] * 86400;
} else {
$persistence = 86400;
}
// 24h
$persistence += time();
//$login = $_SESSION[$config['session_name']]->login;
$encrypted = jCrypt::encrypt(serialize(array($login, $password)), $config['persistant_crypt_key']);
setcookie($config['persistant_cookie_name'] . '[auth]', $encrypted, $persistence, $config['persistant_cookie_path']);
}
return $persistence;
}
