/** * The login action, when you do login/login */ public function postLogin() { // Il metodo รจ utilizzato solo per il login con email $this->app->log->debug(get_class($this) . '->postLogin()'); // check if csrf token is valid $token = $this->app->request->post(Session::SESSION_CSRF_TOKEN); if (!Csrf::isTokenValid($token)) { LoginModel::logout(); $this->redirectHome(); exit; } // perform the login method, put result (true or false) into $login_successful $login_successful = LoginModel::login($this->app->request->post('user_name'), $this->app->request->post('user_password'), $this->app->request->post('set_remember_me_cookie'), UserModel::PROVIDER_TYPE_DEFAULT); // check login status: if true, then redirect user to user/index, if false, then to login form again $this->redirectAfterLogin($login_successful); }
protected function renderLogin() { $redirect = $this->getRedirectUrl(); // FIXME: mockup hard-coded //$xml = "<xml><note><to>Tove</to><from>Jani</from><heading>Reminder</heading><body>Don't forget me this weekend!</body></note></xml>"; //$redirect = "/api/fattura/import-directly/" . XmlUtil::base64url_encode($xml); // dimensione massima consigliata 64k $csrf_token = Csrf::makeToken(); // https://en.wikipedia.org/wiki/Cross-site_request_forgery $this->app->render($this->app->config('app.templates.path') . '/login/index.twig', array('type' => 1, 'captcha_key' => $this->app->config('captcha.key'), 'redirect' => urlencode($redirect), 'csrf_token' => $csrf_token, 'feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages())); }