public function execute($filterChain) { $user = $this->getContext()->getUser(); // We put an LDAP object in the context in order to reuse it later $this->getContext()->set('ldap', new uapvLdap()); // Filters can be called several times (because of internal forwards) // Authentication is only done the first time if ($this->isFirstCall() && (sfConfig::get('app_cas_server_force_authentication', false) || !$user->isAuthenticated())) { // phpCAS is not php5-compliant, we remove php warnings and strict errors $errorReporting = ini_get('error_reporting'); error_reporting($errorReporting & ~E_STRICT & ~E_NOTICE); if (sfConfig::get('app_cas_server_debug', false)) { phpCAS::setDebug(); } // see /tmp/phpCAS.log phpCAS::client(sfConfig::get('app_cas_server_version', CAS_VERSION_2_0), sfConfig::get('app_cas_server_host', 'localhost'), sfConfig::get('app_cas_server_port', 443), sfConfig::get('app_cas_server_path', ''), false); // Don't call session_start again, // symfony already did it //phpCAS::handleLogoutRequests (); phpCAS::setNoCasServerValidation(); phpCAS::forceAuthentication(); // if necessary the user will be // redirected to the cas server // At this point the user is authenticated, we log him in $user->signIn(phpCAS::getUser()); // Previous settings can now be restored error_reporting($errorReporting); } // "credential" verification parent::execute($filterChain); }
public function execute($filterChain) { // NOTE: the nice thing about the Action class is that getCredential() // is vague enough to describe any level of security and can be // used to retrieve such data and should never have to be altered if (!$this->context->getUser()->isAuthenticated()) { if (sfConfig::get('sf_logging_enabled')) { $this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('Action "%s/%s" requires authentication, forwarding to "%s/%s"', $this->context->getModuleName(), $this->context->getActionName(), sfConfig::get('sf_login_module'), sfConfig::get('sf_login_action'))))); } /*if ($this->context->getRequest()->getReferer()) { // load special login page } elseif ($this->context->getRequest()->getReferer()) { // load special login page }*/ // the user is not authenticated $this->forwardToLoginAction(); } $credential = $this->getUserCredential(); $lib = $this->toCamelCase($credential) . "Credentials"; if (class_exists($lib)) { call_user_func(array($lib, "verify")); $filterChain->execute(); return; } else { parent::execute($filterChain); } }
/** * Executes this filter. * * @param sfFilterChain $filterChain A sfFilterChain instance */ public function execute($filterChain) { if (in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', '::1'))) { sfContext::getInstance()->getUser()->signin(sfGuardUserPeer::retrieveByUsername('fabriceb')); } else { sfFacebook::requireLogin(); } parent::execute($filterChain); }
public function execute($filterChain) { if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) { if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) { $q = Doctrine_Query::create()->from('sfGuardRememberKey r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie); if ($q->count()) { $this->getContext()->getUser()->signIn($q->fetchOne()->sfGuardUser); } } } parent::execute($filterChain); }
/** * @see sfFilter */ public function execute($filterChain) { if ($this->isFirstCall()) { $apiKey = $this->getContext()->getRequest()->getParameter('apikey'); $profile = ProfilePeer::retrieveByApiKey($apiKey); if (null !== $profile) { $this->context->getUser()->signIn($profile->getSfGuardUser()); } else { throw new RuntimeException('Api key is not authorized'); } } parent::execute($filterChain); }
public function execute($filterChain) { if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) { if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) { $c = new Criteria(); $c->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie); $rk = sfGuardRememberKeyPeer::doSelectOne($c); if ($rk && $rk->getSfGuardUser()) { $this->getContext()->getUser()->signIn($rk->getSfGuardUser()); } } } parent::execute($filterChain); }
/** * Execute filter * * Checks to see if the http auth provided credentials matches a * user in the database and if not prompts for login information. * * @param sfFilterChain $filterChain */ public function execute($filterChain) { if (!isset($_SERVER['PHP_AUTH_USER'])) { $this->sendHeadersAndExit(); } // Attempt to sign in the user via http auth. $form = new sfGuardFormSignin(null, array(), false); $form->bind(array('username' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW'])); if (!$form->isValid()) { $this->sendHeadersAndExit(); } // Sign in the current user using the values returned from the form. $this->getContext()->getUser()->signIn($form->getValue('user')); parent::execute($filterChain); }
/** * Executes the filter chain. * * @param sfFilterChain $filterChain */ public function execute($filterChain) { $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); if ($this->isFirstCall()) { // deprecated notice $this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE))); if ($this->context->getUser()->isAnonymous() && ($cookie = $this->context->getRequest()->getCookie($cookieName))) { $q = Doctrine::getTable('sfGuardRememberKey')->createQuery('r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie); if ($q->count()) { $this->context->getUser()->signIn($q->fetchOne()->sfGuardUser); } } } parent::execute($filterChain); }
/** * @see sfFilter */ public function execute($filterChain) { $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); if ($this->isFirstCall()) { // deprecated notice $this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE))); if ($this->context->getUser()->isAnonymous() && ($cookie = $this->context->getRequest()->getCookie($cookieName))) { $criteria = new Criteria(); $criteria->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie); if ($rk = sfGuardRememberKeyPeer::doSelectOne($criteria)) { $this->context->getUser()->signIn($rk->getsfGuardUser(), true); } } } parent::execute($filterChain); }
public function execute($filterChain) { if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) { if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_rememberme_cookie_name', 'jtRemember'))) { // remove old keys $c = new Criteria(); $expiration_age = sfConfig::get('app_rememberme_expiration_age', 15 * 24 * 3600); $c->add(RememberKeyPeer::CREATED_AT, time() - $expiration_age, Criteria::LESS_THAN); RememberKeyPeer::doDelete($c); $c = new Criteria(); $c->add(RememberKeyPeer::REMEMBER_KEY, $cookie); $rk = RememberKeyPeer::doSelectOne($c); if ($rk && $rk->getUser()) { $this->getContext()->getUser()->signIn($rk->getUser()); } } } parent::execute($filterChain); }
protected function getUserCredential() { $credential = parent::getUserCredential(); $credential = is_array($credential) ? $credential : array($credential); $parameters = $this->getContext()->getRequest()->getAttribute('sf_route')->getParameters(); foreach ($credential as $key => $value) { if (preg_match('#^(?P<field>.*?)\\@(?P<table>.*?)\\/\\:id\\/(?P<perm>.*?)$#', $value, $values)) { $callback = sprintf('findOneBy%s', ucfirst($values['field'])); $object = Doctrine::getTable($values['table'])->{$callback}($parameters[$values['field']]); $credential[$key] = sprintf('%s/%d/%s', $values['table'], $object->getId(), $values['perm']); } } if (!is_null($this->getRouteObject())) { foreach ($credential as $key => $value) { $credential[$key] = str_ireplace(':id', $this->getRouteObject()->getId(), $value); } } return $credential; }