public static function getInstance() { if (empty(self::$instance)) { self::$instance = new MAuthentication(); } return self::$instance; }
public function login($credentials, $options = array()) { // Get the global MAuthentication object. mimport('framework.user.authentication'); $authenticate = MAuthentication::getInstance(); $response = $authenticate->authenticate($credentials, $options); if ($response->status === MAuthentication::STATUS_SUCCESS) { // validate that the user should be able to login (different to being authenticated) // this permits authentication plugins blocking the user $authorisations = $authenticate->authorise($response, $options); foreach ($authorisations as $authorisation) { $denied_states = array(MAuthentication::STATUS_EXPIRED, MAuthentication::STATUS_DENIED); if (in_array($authorisation->status, $denied_states)) { // Trigger onUserAuthorisationFailure Event. $this->triggerEvent('onUserAuthorisationFailure', array((array) $authorisation)); // If silent is set, just return false. if (isset($options['silent']) && $options['silent']) { return false; } // Return the error. switch ($authorisation->status) { case MAuthentication::STATUS_EXPIRED: return MError::raiseWarning('102002', MText::_('MLIB_LOGIN_EXPIRED')); break; case MAuthentication::STATUS_DENIED: return MError::raiseWarning('102003', MText::_('MLIB_LOGIN_DENIED')); break; default: return MError::raiseWarning('102004', MText::_('MLIB_LOGIN_AUTHORISATION')); break; } } } // Import the user plugin group. MPluginHelper::importPlugin('user'); // OK, the credentials are authenticated and user is authorised. Lets fire the onLogin event. $results = $this->triggerEvent('onUserLogin', array((array) $response, $options)); if (!in_array(false, $results, true)) { // Set the remember me cookie if enabled. if (isset($options['remember']) && $options['remember']) { // Create the encryption key, apply extra hardening using the user agent string. $privateKey = self::getHash(@$_SERVER['HTTP_USER_AGENT']); $key = new MCryptKey('simple', $privateKey, $privateKey); $crypt = new MCrypt(new MCryptCipherSimple(), $key); $rcookie = $crypt->encrypt(json_encode($credentials)); $lifetime = time() + 365 * 24 * 60 * 60; // Use domain and path set in config for cookie if it exists. $cookie_domain = $this->getCfg('cookie_domain', ''); $cookie_path = $this->getCfg('cookie_path', '/'); // Check for SSL connection $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || getenv('SSL_PROTOCOL_VERSION'); setcookie(self::getHash('MLOGIN_REMEMBER'), $rcookie, $lifetime, $cookie_path, $cookie_domain, $secure, true); } return true; } } // Trigger onUserLoginFailure Event. $this->triggerEvent('onUserLoginFailure', array((array) $response)); // If silent is set, just return false. if (isset($options['silent']) && $options['silent']) { return false; } // If status is success, any error will have been raised by the user plugin if ($response->status !== MAuthentication::STATUS_SUCCESS) { MError::raiseWarning('102001', $response->error_message); } return false; }