/**
*
*/
function in()
{
$conf = jApp::coord()->getPlugin('auth')->config;
// both after_login and after_logout config fields are required
if ($conf['after_login'] == '') {
throw new jException('jauth~autherror.no.after_login');
}
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.after_logout');
}
$rep = $this->getResponse('redirectUrl');
if (!jAuth::login($this->param('login'), $this->param('password'), $this->param('rememberMe'))) {
// auth fails
sleep(intval($conf['on_error_sleep']));
$params = array('login' => $this->param('login'), 'failed' => 1);
if ($conf['enable_after_login_override']) {
$params['auth_url_return'] = $this->param('auth_url_return');
}
$rep->url = jUrl::get($conf['after_logout'], $params);
} else {
if ($conf['enable_after_login_override']) {
$url_return = $this->param('auth_url_return');
if ($url_return) {
$rep->url = $url_return;
} else {
$rep->url = jUrl::get($conf['after_login']);
}
} else {
$rep->url = jUrl::get($conf['after_login']);
}
}
return $rep;
}
/**
*
*/
function in()
{
$rep = $this->getResponse('redirectUrl');
$conf = jApp::coord()->getPlugin('auth')->config;
$url_return = '/';
if ($conf['after_login'] == '') {
throw new jException('jcommunity~login.error.no.auth_login');
}
if ($conf['after_logout'] == '') {
throw new jException('jcommunity~login.error.no.auth_logout');
}
$form = jForms::fill('jcommunity~login');
if (!$form) {
$rep->url = jUrl::get($conf['after_logout']);
return $rep;
}
if (!jAuth::login($form->getData('auth_login'), $form->getData('auth_password'), $form->getData('auth_remember_me'))) {
sleep(intval($conf['on_error_sleep']));
$form->setErrorOn('auth_login', jLocale::get('jcommunity~login.error'));
//jMessage::add(jLocale::get('jcommunity~login.error'), 'error');
if ($auth_url_return = $this->param('auth_url_return')) {
$url_return = jUrl::get('login:index', array('auth_url_return' => $auth_url_return));
} else {
$url_return = jUrl::get('login:index');
}
} else {
jForms::destroy('jcommunity~login');
if (!($conf['enable_after_login_override'] && ($url_return = $this->param('auth_url_return')))) {
$url_return = jUrl::get($conf['after_login']);
}
}
$rep->url = $url_return;
return $rep;
}
/**
*
*/
function in()
{
$conf = $GLOBALS['gJCoord']->getPlugin('auth')->config;
$url_return = '/';
// both after_login and after_logout config fields are required
if ($conf['after_login'] == '') {
throw new jException('jauth~autherror.no.auth_login');
}
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.auth_logout');
}
// if after_login_override = off or url_return doesnt exists, set url_return to after_login
// if auth_url_return exists, redirect to it
if (!($conf['enable_after_login_override'] && ($url_return = $this->param('auth_url_return')))) {
$url_return = jUrl::get($conf['after_login']);
}
if (!jAuth::login($this->param('login'), $this->param('password'), $this->param('rememberMe'))) {
// auth fails
sleep(intval($conf['on_error_sleep']));
$params = array('login' => $this->param('login'), 'failed' => 1);
if ($conf['enable_after_login_override']) {
$params['auth_url_return'] = $this->param('auth_url_return');
}
$url_return = jUrl::get($conf['after_logout'], $params);
}
$rep = $this->getResponse('redirectUrl');
$rep->url = $url_return;
return $rep;
}
public function setUp()
{
$conf = parse_ini_file(jApp::configPath() . 'auth_class.coord.ini.php', true);
global $gJCoord;
require_once JELIX_LIB_PATH . 'plugins/coord/auth/auth.coord.php';
if (isset($gJCoord->plugins['auth'])) {
$this->oldAuthPlugin = $gJCoord->plugins['auth'];
}
$gJCoord->plugins['auth'] = new AuthCoordPlugin($conf);
$this->config =& $gJCoord->plugins['auth']->config;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
jAuth::login('laurent', 'foo', false);
}
/**
*
*/
function in()
{
$conf = $GLOBALS['gJCoord']->getPlugin('auth')->config;
if (!jAuth::login($this->param('login'), $this->param('password'))) {
sleep(intval($conf['on_error_sleep']));
$result = 'BAD';
} else {
$result = 'OK';
}
$rep = $this->getResponse('text');
$rep->content = $result;
return $rep;
}
/**
* activate a new password. the key should be given as a parameter
*/
function confirm()
{
$repError = $this->_check();
if ($repError) {
return $repError;
}
$rep = $this->getResponse("redirect");
$rep->action = "password:confirmform";
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return $rep;
}
$form = jForms::fill('confirmation');
if ($form == null) {
return $rep;
}
if (!$form->check()) {
return $rep;
}
$login = $form->getData('conf_login');
$user = jAuth::getUser($login);
if (!$user) {
$form->setErrorOn('conf_login', jLocale::get('password.form.confirm.login.doesnt.exist'));
return $rep;
}
if ($user->status != JCOMMUNITY_STATUS_PWD_CHANGED) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('status', JCOMMUNITY_STATUS_VALID);
$rep->body->assign('MAIN', $tpl->fetch('password_ok'));
return $rep;
}
if (strcmp($user->request_date, date('Y-m-d H:i:s', time() - 48 * 60 * 60)) < 0) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('status', JCOMMUNITY_STATUS_MAIL_CHANGED);
$rep->body->assign('MAIN', $tpl->fetch('password_ok'));
return $rep;
}
if ($form->getData('conf_key') != $user->keyactivate) {
$form->setErrorOn('conf_key', jLocale::get('password.form.confirm.bad.key'));
return $rep;
}
$passwd = $form->getData('conf_password');
$user->status = JCOMMUNITY_STATUS_VALID;
jAuth::updateUser($user);
jAuth::changePassword($login, $passwd);
jAuth::login($login, $passwd);
jForms::destroy('confirmation');
$rep->action = "password:confirmok";
return $rep;
}
/**
* Redirect to the appropriate action depending on the REQUEST parameter.
* @param $PROJECT Name of the project
* @param $REQUEST Request type
* @return Redirect to the corresponding action depending on the request parameters
*/
function index()
{
if (isset($_SERVER['PHP_AUTH_USER'])) {
$ok = jAuth::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$rep = $this->getResponse('redirect');
// Get the project
$project = $this->iParam('project');
if (!$project) {
// Error message
jMessage::add('The parameter project is mandatory !', 'ProjectNotDefind');
return $this->serviceException();
}
// Get parameters
if (!$this->getServiceParameters()) {
return $this->serviceException();
}
// Return the appropriate action
$service = strtoupper($this->iParam('SERVICE'));
$request = strtoupper($this->iParam('REQUEST'));
if ($request == "GETCAPABILITIES") {
return $this->GetCapabilities();
} elseif ($request == "GETCONTEXT") {
return $this->GetContext();
} elseif ($request == "GETSCHEMAEXTENSION") {
return $this->GetSchemaExtension();
} elseif ($request == "GETLEGENDGRAPHICS") {
return $this->GetLegendGraphics();
} elseif ($request == "GETLEGENDGRAPHIC") {
return $this->GetLegendGraphics();
} elseif ($request == "GETFEATUREINFO") {
return $this->GetFeatureInfo();
} elseif ($request == "GETPRINT") {
return $this->GetPrint();
} elseif ($request == "GETSTYLES") {
return $this->GetStyles();
} elseif ($request == "GETMAP") {
return $this->GetMap();
} elseif ($request == "GETFEATURE") {
return $this->GetFeature();
} elseif ($request == "DESCRIBEFEATURETYPE") {
return $this->DescribeFeatureType();
} elseif ($request == "GETTILE") {
return $this->GetTile();
} elseif ($request == "GETPROJ4") {
return $this->GetProj4();
} else {
global $HTTP_RAW_POST_DATA;
if (isset($HTTP_RAW_POST_DATA)) {
$requestXml = $HTTP_RAW_POST_DATA;
} else {
$requestXml = file('php://input');
$requestXml = implode("\n", $requestXml);
}
$xml = simplexml_load_string($requestXml);
if ($xml == false) {
jMessage::add('REQUEST ' . $request . ' not supported by Lizmap Web Client', 'InvalidRequest');
return $this->serviceException();
}
return $this->PostRequest($requestXml);
}
}
/**
* activate an account. the key should be given as a parameter
*/
function confirm()
{
if (jAuth::isConnected()) {
return $this->noaccess();
}
$rep = $this->getResponse("redirect");
$rep->action = "registration:confirmform";
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return $rep;
}
$form = jForms::fill('confirmation');
if ($form == null) {
return $rep;
}
if (!$form->check()) {
return $rep;
}
$login = $form->getData('conf_login');
$user = jAuth::getUser($login);
if (!$user) {
$form->setErrorOn('conf_login', jLocale::get('register.form.confirm.login.doesnt.exist'));
return $rep;
}
if ($user->status != JCOMMUNITY_STATUS_NEW) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('already', true);
$rep->body->assign('MAIN', $tpl->fetch('registration_ok'));
return $rep;
}
if ($form->getData('conf_key') != $user->keyactivate) {
$form->setErrorOn('conf_key', jLocale::get('register.form.confirm.bad.key'));
return $rep;
}
$user->status = JCOMMUNITY_STATUS_VALID;
jEvent::notify('jcommunity_registration_confirm', array('user' => $user));
jAuth::updateUser($user);
jAuth::changePassword($login, $form->getData('conf_password'));
jAuth::login($login, $form->getData('conf_password'));
jForms::destroy('confirmation');
$rep->action = "registration:confirmok";
return $rep;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
if (isset($this->config['persistant_enable']) && $this->config['persistant_enable'] && !jAuth::isConnected()) {
if (isset($this->config['persistant_cookie_name']) && isset($this->config['persistant_crypt_key'])) {
$cookieName = $this->config['persistant_cookie_name'];
if (isset($_COOKIE[$cookieName]['auth']) && strlen($_COOKIE[$cookieName]['auth']) > 0) {
$decrypted = jCrypt::decrypt($_COOKIE[$cookieName]['auth'], $this->config['persistant_crypt_key']);
$decrypted = @unserialize($decrypted);
if ($decrypted && is_array($decrypted)) {
list($login, $password) = $decrypted;
jAuth::login($login, $password);
}
}
if (isset($_COOKIE[$cookieName]['login'])) {
// destroy deprecated cookies
setcookie($cookieName . '[login]', '', time() - 3600, $this->config['persistant_cookie_path']);
setcookie($cookieName . '[passwd]', '', time() - 3600, $this->config['persistant_cookie_path']);
}
} else {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
}
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
$authok = false;
if ($needAuth) {
if ($notLogged) {
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
if (!$badip) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
} else {
$authok = true;
}
} else {
$authok = true;
}
return $selector;
}
/**
* let's change the user password
*/
function savenewpwd()
{
$login = $this->param('user');
$rep = $this->getResponse('redirect');
$rep->action = 'jcommunity~account:show';
$rep->params = array('user' => $login);
if ($login == '' || !jAuth::isConnected() || jAuth::getUserSession()->login != $login) {
return $rep;
}
$form = jForms::fill('havefnubb~pwd', $login);
if (!$form) {
return $rep;
}
// check the form !
$form->check();
//if error go back to the form to retry to change the password
if (count($form->getErrors())) {
$rep->action = 'havefnubb~members:changepwd';
// check if the new password is different from the actual one
} else {
if ($form->getData('conf_password') == $form->getData('old_password')) {
jMessage::add(jLocale::get('havefnubb~members.pwd.passwd.are.the.same.unchanged'), 'warning');
$rep->action = 'havefnubb~members:changepwd';
return $rep;
}
//update the password
$passwd = $form->getData('conf_password');
$user = jAuth::getUser($login);
// update the user info
jAuth::updateUser($user);
// change the pass
jAuth::changePassword($login, $passwd);
// login back with new pass
jAuth::login($login, $passwd);
jForms::destroy('havefnubb~pwd');
}
jMessage::add(jLocale::get('havefnubb~member.pwd.passwd.successfully.changed'), 'ok');
return $rep;
}
