/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported * @return Array - id - String id is the session_id of the session that was created. * - module_name - String - module name of user * - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name, * - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat * @exception 'SoapFault' -- The SOAP error, if any */ public function login($user_auth, $application, $name_value_list) { $GLOBALS['log']->info('Begin: SugarWebServiceImpl->login'); global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN') { $user_auth['password'] = md5($user_auth['password']); } //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(); //rrs $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } else { if (function_exists('mcrypt_cbc')) { $password = self::$helperObject->decrypt_string($user_auth['password']); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } } } } if ($success) { session_start(); global $current_user; //$current_user = $user; self::$helperObject->login_success($name_value_list); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - succesful login'); $nameValueArray = array(); global $current_language; $nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id); $nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name); $nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language); $cur_id = $current_user->getPreference('currency'); $nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id); $nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user)); $nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team); $nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef')); $nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef')); $currencyObject = new Currency(); $currencyObject->retrieve($cur_id); $nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name); $_SESSION['user_language'] = $current_language; return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray); } LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); $error->set_error('invalid_login'); self::$helperObject->setFaultObject($error); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - failed login'); }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported * @return Array - id - String id is the session_id of the session that was created. * - module_name - String - module name of user * - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name, * - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat * @exception 'SoapFault' -- The SOAP error, if any */ public function login($user_auth, $application, $name_value_list = array()) { $GLOBALS['log']->info("Begin: SugarWebServiceImpl->login({$user_auth['user_name']}, {$application}, " . print_r($name_value_list, true) . ")"); global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN' && $authController->authController->userAuthenticateClass != "LDAPAuthenticateUser") { $user_auth['password'] = md5($user_auth['password']); } $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } else { if (function_exists('mcrypt_cbc') && $authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] !== 'PLAIN')) { $password = self::$helperObject->decrypt_string($user_auth['password']); $authController->loggedIn = false; // reset login attempt to try again with decrypted password if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } } else { if ($authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] == 'PLAIN')) { $authController->loggedIn = false; // reset login attempt to try again with md5 password if ($authController->login($user_auth['user_name'], md5($user_auth['password']), array('passwordEncrypted' => true)) && isset($_SESSION['authenticated_user_id'])) { $success = true; } else { $error->set_error('ldap_error'); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } } } } } if ($success) { session_start(); global $current_user; //$current_user = $user; self::$helperObject->login_success($name_value_list); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $GLOBALS['log']->info('End: SugarWebServiceImpl->login - successful login'); $current_user->call_custom_logic('after_login'); $nameValueArray = array(); global $current_language; $nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id); $nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name); $nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language); $cur_id = $current_user->getPreference('currency'); $nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id); $nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user)); $nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team); $nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef')); $nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef')); $num_grp_sep = $current_user->getPreference('num_grp_sep'); $dec_sep = $current_user->getPreference('dec_sep'); $nameValueArray['user_number_seperator'] = self::$helperObject->get_name_value('user_number_seperator', empty($num_grp_sep) ? $sugar_config['default_number_grouping_seperator'] : $num_grp_sep); $nameValueArray['user_decimal_seperator'] = self::$helperObject->get_name_value('user_decimal_seperator', empty($dec_sep) ? $sugar_config['default_decimal_seperator'] : $dec_sep); $nameValueArray['mobile_max_list_entries'] = self::$helperObject->get_name_value('mobile_max_list_entries', $sugar_config['wl_list_max_entries_per_page']); $nameValueArray['mobile_max_subpanel_entries'] = self::$helperObject->get_name_value('mobile_max_subpanel_entries', $sugar_config['wl_list_max_entries_per_subpanel']); $currencyObject = new Currency(); $currencyObject->retrieve($cur_id); $nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name); $_SESSION['user_language'] = $current_language; return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray); } LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); $error->set_error('invalid_login'); self::$helperObject->setFaultObject($error); $GLOBALS['log']->error('End: SugarWebServiceImpl->login - failed login'); }
/** * Validate the user session based on user name and password hash. * * @param string $user_name -- The user name to create a session for * @param string $password -- The MD5 sum of the user's password * @return true -- If the session is created * @return false -- If the session is not created */ function validate_user($user_name, $password) { global $server, $current_user, $sugar_config, $system_config; $user = new User(); $user->user_name = $user_name; $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(); // Check to see if the user name and password are consistent. if ($user->authenticate_user($password)) { // we also need to set the current_user. $user->retrieve($user->id); $current_user = $user; login_success(); return true; } else { if (function_exists('mcrypt_cbc')) { $password = decrypt_string($password); if ($authController->login($user_name, $password) && isset($_SESSION['authenticated_user_id'])) { $user->retrieve($_SESSION['authenticated_user_id']); $current_user = $user; login_success(); return true; } } else { $GLOBALS['log']->fatal("SECURITY: failed attempted login for {$user_name} using SOAP api"); $server->setError("Invalid username and/or password"); return false; } } }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @return Array(session_id, error) -- session_id is the id of the session that was * created. Error is set if there was any error during creation. */ function login($user_auth, $application) { global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); } // if if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } // if } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); } else { if (function_exists('mcrypt_cbc')) { $password = decrypt_string($user_auth['password']); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } // if } } } // else if if ($success) { session_start(); global $current_user; //$current_user = $user; login_success(); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); return array('id' => session_id(), 'error' => $error); } $error->set_error('invalid_login'); $GLOBALS['log']->fatal('SECURITY: User authentication for ' . $user_auth['user_name'] . ' failed'); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @return Array(session_id, error) -- session_id is the id of the session that was * created. Error is set if there was any error during creation. */ function login($user_auth, $application) { global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs $user = $user->retrieve_by_string_fields(array('user_name' => $user_auth['user_name'], 'user_hash' => $user_auth['password'], 'deleted' => 0, 'status' => 'Active', 'portal_only' => 0)); if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } else { if (function_exists('mcrypt_cbc')) { $password = decrypt_string($user_auth['password']); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } } } if ($success) { session_start(); global $current_user; //$current_user = $user; login_success(); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); return array('id' => session_id(), 'error' => $error); } $error->set_error('invalid_login'); $GLOBALS['log']->fatal('SECURITY: User authentication for ' . $user_auth['user_name'] . ' failed'); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported * @return Array - id - String id is the session_id of the session that was created. * - module_name - String - module name of user * - name_value_list - Array - The name value pair of user_id, user_name, user_language * @exception 'SoapFault' -- The SOAP error, if any */ public function login($user_auth, $application, $name_value_list) { $GLOBALS['log']->info('Begin: SugarWebServiceImpl->login'); global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN') { $user_auth['password'] = md5($user_auth['password']); } //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs $user = $user->retrieve_by_string_fields(array('user_name' => $user_auth['user_name'], 'user_hash' => $user_auth['password'], 'deleted' => 0, 'status' => 'Active', 'portal_only' => 0)); if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } else { if (function_exists('mcrypt_cbc')) { $password = self::$helperObject->decrypt_string($user_auth['password']); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } // if } } // else if if ($success) { session_start(); global $current_user; //$current_user = $user; self::$helperObject->login_success($name_value_list); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - succesful login'); $nameValueArray = array(); global $current_language; $nameValueArray[] = self::$helperObject->get_name_value('user_id', $current_user->id); $nameValueArray[] = self::$helperObject->get_name_value('user_name', $current_user->user_name); $nameValueArray[] = self::$helperObject->get_name_value('user_language', $current_language); $_SESSION['user_language'] = $current_language; return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray); } // if LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); $error->set_error('invalid_login'); self::$helperObject->setFaultObject($error); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - failed login'); }
break; case 'register': $controller = new AuthenticationController(); $controller->register(); break; case 'auth.store': $controller = new AuthenticationController(); $controller->store(); break; case 'auth.attempt': $controller = new AuthenticationController(); $controller->attempt(); break; case 'login': $controller = new AuthenticationController(); $controller->login(); break; case 'account.edit': $controller = new AccountController(); $controller->edit(); case 'upload': $controller = new AccountController(); $controller->upload(); break; case 'logout': $controller = new AuthenticationController(); $controller->logout(); break; case 'comment.create': $controller = new CommentController(); $controller->create();