/**
* Allows access only to logged users that have a level equal to or less than provided role. If permission is not granted, it will send a JSON error object.
* <p><b>Note that while it's doing all login/auth/redirection work automatically, you still have to create the corresponding user table in your database in addition to provide the login module into orion's module directory.</b></p>
* @see OrionAuth
* MainConfig
* LoginModule
* @param string $slug the role identifier (ie: 'administrator', 'member', etc.). See your configuration file for a liste of roles and their permission level.
*/
public function allow($slug)
{
try {
if (!Core\Auth::login(true)) {
$this->sendError(self::E_LOGIN_DISALLOW);
}
if (!Core\Auth::allow($slug)) {
// this exception prevents any redirection defect or hack
$this->sendError(self::E_LOGIN_DISALLOW);
}
} catch (Core\Exception $e) {
throw $e;
}
}
public function _login()
{
try {
Core\Auth::login();
if (isset($_SESSION['orion_auth_target']) && $_SESSION['orion_auth_target'] != Core\Context::genModuleURL($this->name)) {
$target = $_SESSION['orion_auth_target'];
unset($_SESSION['orion_auth_target']);
Core\Context::redirect($target);
} else {
Core\Context::redirect(Core\Context::genURL(\Orion::config()->get('DEFAULT_LOGGED_PAGE')));
}
} catch (Core\Exception $e) {
$this->assign('info', $e->getMessage());
$this->assign('type', 'error');
}
$this->renderView('views/login');
}
