public function setUp()
 {
     $this->_service = LoginAttemptService::getInstance();
 }
Example #2
0
 protected function _schemeM2MPasswordToken($creds, $request, $authType)
 {
     // If an old session exists, remove it
     Zend_Auth::getInstance()->clearIdentity();
     // Get user profile
     $creds = $this->_decodeCredentials($creds);
     $user = $this->_getTokenUser($creds);
     if ($creds === false || $user === false) {
         return false;
     }
     $loginAttemptService = \Core\Service\LoginAttemptService::getInstance();
     $loginAttemptModel = new LoginAttemptModel(array('userId' => $user->id, 'remoteIp' => $request->getClientIp()));
     // Fetch if user have a valid token
     $lostPasswordToken = UserService::getInstance()->getUserLostPasswordToken($user->getId(), $creds[1]);
     if (!$lostPasswordToken) {
         $loginAttemptModel->result = LoginAttemptModel::RESULT_FAILED;
         $loginAttemptModel->type = LoginAttemptModel::FAIL_TYPE_CRED;
         $loginAttemptService->create($loginAttemptModel);
         throw new \Application\Exceptions\ForbiddenException("Fail attempting to log in with non existing token: " . $creds[1], \Application\Error\PermissionCodes::AUTH_TOKEN_ALREADY_USED);
     }
     // Generate a token for M2MToken auth
     $token = $this->_generateToken(false);
     // Regenerate a new session
     if (!Zend_Session::isRegenerated()) {
         Zend_Session::regenerateId();
     }
     $loginAttemptModel->result = LoginAttemptModel::RESULT_SUCCESS;
     $loginAttemptService->create($loginAttemptModel);
     return array('id' => $user->getId(), 'username' => $user->getUserName(), 'token' => $token, 'orgId' => $user->getOrganizationId(), 'role' => $user->getRole(), 'authType' => $authType);
 }