public static function getInstance()
{
if (empty(self::$instance)) {
self::$instance = new MAuthentication();
}
return self::$instance;
}
public function login($credentials, $options = array())
{
// Get the global MAuthentication object.
mimport('framework.user.authentication');
$authenticate = MAuthentication::getInstance();
$response = $authenticate->authenticate($credentials, $options);
if ($response->status === MAuthentication::STATUS_SUCCESS) {
// validate that the user should be able to login (different to being authenticated)
// this permits authentication plugins blocking the user
$authorisations = $authenticate->authorise($response, $options);
foreach ($authorisations as $authorisation) {
$denied_states = array(MAuthentication::STATUS_EXPIRED, MAuthentication::STATUS_DENIED);
if (in_array($authorisation->status, $denied_states)) {
// Trigger onUserAuthorisationFailure Event.
$this->triggerEvent('onUserAuthorisationFailure', array((array) $authorisation));
// If silent is set, just return false.
if (isset($options['silent']) && $options['silent']) {
return false;
}
// Return the error.
switch ($authorisation->status) {
case MAuthentication::STATUS_EXPIRED:
return MError::raiseWarning('102002', MText::_('MLIB_LOGIN_EXPIRED'));
break;
case MAuthentication::STATUS_DENIED:
return MError::raiseWarning('102003', MText::_('MLIB_LOGIN_DENIED'));
break;
default:
return MError::raiseWarning('102004', MText::_('MLIB_LOGIN_AUTHORISATION'));
break;
}
}
}
// Import the user plugin group.
MPluginHelper::importPlugin('user');
// OK, the credentials are authenticated and user is authorised. Lets fire the onLogin event.
$results = $this->triggerEvent('onUserLogin', array((array) $response, $options));
if (!in_array(false, $results, true)) {
// Set the remember me cookie if enabled.
if (isset($options['remember']) && $options['remember']) {
// Create the encryption key, apply extra hardening using the user agent string.
$privateKey = self::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new MCryptKey('simple', $privateKey, $privateKey);
$crypt = new MCrypt(new MCryptCipherSimple(), $key);
$rcookie = $crypt->encrypt(json_encode($credentials));
$lifetime = time() + 365 * 24 * 60 * 60;
// Use domain and path set in config for cookie if it exists.
$cookie_domain = $this->getCfg('cookie_domain', '');
$cookie_path = $this->getCfg('cookie_path', '/');
// Check for SSL connection
$secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || getenv('SSL_PROTOCOL_VERSION');
setcookie(self::getHash('MLOGIN_REMEMBER'), $rcookie, $lifetime, $cookie_path, $cookie_domain, $secure, true);
}
return true;
}
}
// Trigger onUserLoginFailure Event.
$this->triggerEvent('onUserLoginFailure', array((array) $response));
// If silent is set, just return false.
if (isset($options['silent']) && $options['silent']) {
return false;
}
// If status is success, any error will have been raised by the user plugin
if ($response->status !== MAuthentication::STATUS_SUCCESS) {
MError::raiseWarning('102001', $response->error_message);
}
return false;
}
