public static function signIn($userName, $password, $rememberMe = false, $md5 = true) { $retVal = false; // set ZendX_Doctrine_Auth_Adapter $auth = Zend_Auth::getInstance(); $authAdapter = new ZendX_Doctrine_Auth_Adapter(Doctrine::getConnectionByTableName('Model_Entity_User')); $password = $md5 ? md5($password) : $password; $authAdapter->setTableName('Model_Entity_User u')->setIdentityColumn('userName')->setCredentialColumn('password')->setCredentialTreatment('? AND active = 1')->setIdentity($userName)->setCredential($password); // set Zend_Auth $result = $auth->authenticate($authAdapter); // Check Auth Validation if ($result->isValid()) { // Remove some fields which are secure! $omitColumns = array('password', 'activationKey', 'created_at', 'updated_at', 'deleted_at', 'created_by', 'updated_by'); $identity = $authAdapter->getResultRowObject(null, $omitColumns); $identity->roles = Kebab_Model_User::getUserRoles($identity->id); $identity->acl = new Kebab_Access_Acl(); $identity->stories = Kebab_Model_Story::getUserStoriesName($identity->roles); $auth->getStorage()->write($identity); if ($rememberMe) { Zend_Session::rememberMe(604800); } $retVal = true; } return $retVal; }
/** * * @todo add openid authentication * */ public function loginAction() { $form = new App_Form_Login(); if (!empty($_POST) && $form->isValid($_POST)) { $username = $form->getValue('username'); $password = $form->getValue('password'); //------------------------------------ // make sure the login form validates //------------------------------------ if ($form->isValid($_POST)) { $auth = Zend_Auth::getInstance(); //------------------------------------------ // Attempt a standard database login //------------------------------------------ $adapter = new ZendX_Doctrine_Auth_Adapter(Doctrine_Manager::connection(), 'Account', 'username', 'password', 'MD5(?) AND enabled = 1 AND confirmed = 1'); $adapter->setIdentity($username); $adapter->setCredential($password); $result = $auth->authenticate($adapter); if (!$result->isValid()) { $message = 'The username and password provided does not match our records'; $this->_flash->addMessage($message); $form->addError($message); } else { $userdata = $adapter->getResultRowObject(null, 'password'); //translate the user into an actual doctrine object $accounts = new App_Table_Account(); $auth->getStorage()->write($accounts->find($userdata->id)); //audit the login $login = new AccountLogin(); $login->accountId = $userdata->id; $login->ip = ip2long($_SERVER['REMOTE_ADDR']); $login->save(); $this->_flash->addMessage('Welcome back, ' . $result->getIdentity()); $this->_redirector->gotoSimple('profile'); } } } // force users to logout before they can try to login if (Zend_Auth::getInstance()->getIdentity() !== null) { $this->_flash->addMessage('You are already logged in! You must log out before you can log into a different account.'); $this->_redirector->gotoSimple('profile'); } $form->setMethod(Zend_Form::METHOD_POST); $this->view->form = $form; }
/** * Function for doing get Authentication of given user's values. */ protected function _getAuthAdapter($values) { $authAdapter = new ZendX_Doctrine_Auth_Adapter(Doctrine::getConnectionByTableName('Model_Users')); $encryptedPassword = MD5($values['password']); $authAdapter->setTableName('Model_Users u')->setIdentityColumn('u.email')->setCredentialColumn('u.password')->setIdentity($values['email'])->setCredential($encryptedPassword); return $authAdapter; }