public function authenticate(array $credentials)
{
$login = $credentials['username'];
$password = $this->phash($credentials['password']);
$super_admin = Environment::getVariable('admin');
if ($login == $super_admin['login']) {
if ($password == $super_admin['password']) {
$super_admin['roles'] = array('super admin');
$super_admin['id'] = 0;
$row = new DibiRow($super_admin);
MokujiServiceLocator::addService('UserAuthorizator', new Admin_UserModel());
} else {
throw new AuthenticationException("Invalid password.", self::INVALID_CREDENTIAL);
}
} else {
try {
$login_manager = Environment::getService('UserAuthenticator');
$row = $login_manager->authenticate($credentials);
} catch (InvalidStateException $e) {
throw new AuthenticationException("Login and password combination failed.", self::INVALID_CREDENTIAL);
}
}
$identity = new Identity($row->id, $row->roles, $row);
$identity->id = $row->id;
return $identity;
}
private function checkAuthorization()
{
$presenter = String::lower($this->getReflection()->getName());
$user = Environment::getUser();
$user->setAuthorizationHandler(MokujiServiceLocator::getService('UserAuthorizator'));
//if(Environment::getServiceLocator()->hasService('UserAuthorizator')) $user->setAuthorizationHandler(Environment::getService('UserAuthorizator'));
//else $user->setAuthorizationHandler(new Admin_UserModel());
if ($this->formatActionMethod($this->action) == 'actiondeny') {
return;
}
if ($user->isAllowed($presenter, $this->formatActionMethod($this->action)) === true) {
if ($user->isAllowed($presenter, $this->formatSignalMethod($this->signal)) === false) {
throw new AuthenticationException('This action is not allowed');
}
} else {
throw new AuthenticationException('This action is not allowed');
}
}
public function authenticate(array $credentials)
{
$login = $credentials['username'];
$password = $credentials['password'];
$row = db::select('*')->from('[:table:]')->where('login = %s', $login)->fetch();
if (!$row) {
throw new AuthenticationException("Login and password combination failed.", self::IDENTITY_NOT_FOUND);
}
if ($row->password !== $password) {
throw new AuthenticationException("Login and password combination failed.", self::INVALID_CREDENTIAL);
}
$row->roles = array($row->group);
$allowed = $this->getAllowedActions($row->group);
$permissions = array();
foreach ($allowed as $record) {
$permissions[$record->privilege][] = $record->resource;
}
$row->permissions = $permissions;
MokujiServiceLocator::addService('UserAuthorizator', new UsersModuleModel());
return $row;
}
