/**
*
*/
function out()
{
$rep = $this->getResponse('redirectUrl');
jAuth::logout();
$conf = jApp::coord()->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.after_logout');
}
if (jApp::coord()->execOriginalAction()) {
if ($conf['enable_after_logout_override']) {
$url_return = $this->param('auth_url_return');
if ($url_return) {
$rep->url = $url_return;
} else {
$rep->url = jUrl::get($conf['after_logout']);
}
}
} else {
// we are here because of an internal redirection (authentication missing)
// if we can indicate the url to go after the login, let's pass this url
// to the next action (which is in most of case a login form)
if ($conf['enable_after_login_override']) {
$rep->url = jUrl::get($conf['after_logout'], array('auth_url_return' => jUrl::getCurrentUrl()));
} else {
$rep->url = jUrl::get($conf['after_logout']);
}
}
return $rep;
}
protected function _prepareTpl()
{
$config = new \Jelix\JCommunity\Config();
$this->_tpl->assign('canRegister', $config->isRegistrationEnabled());
$this->_tpl->assign('canResetPassword', $config->isResetPasswordEnabled());
if (jAuth::isConnected()) {
$this->_tpl->assign('login', jAuth::getUserSession()->login);
} else {
$conf = jAuth::loadConfig();
$this->_tpl->assign('persistance_ok', jAuth::isPersistant());
$form = jForms::get("jcommunity~login");
if (!$form) {
$form = jForms::create("jcommunity~login");
}
$this->_tpl->assign('form', $form);
$this->_tpl->assign('url_return', '');
if ($conf['enable_after_login_override']) {
$req = jApp::coord()->request;
if ($req->getParam('auth_url_return')) {
$this->_tpl->assign('url_return', $req->getParam('auth_url_return'));
} else {
if ($this->param('as_main_content')) {
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] && $_SERVER['HTTP_REFERER'] != jUrl::getCurrentUrl(false, true)) {
$this->_tpl->assign('url_return', $_SERVER['HTTP_REFERER']);
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD') {
$this->_tpl->assign('url_return', jUrl::getCurrentUrl(false, true));
}
}
}
}
}
}
/**
*
*/
function out()
{
jAuth::logout();
$conf = $GLOBALS['gJCoord']->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.after_logout');
}
$url_return = $this->param('auth_url_return');
if (!$conf['enable_after_logout_override'] || $url_return == null || $url_return == jUrl::getCurrentUrl()) {
// we don't want to return to the current page if authentification is missing for this page
$url_return = jUrl::get($conf['after_logout'], array('auth_url_return' => $url_return));
}
$rep = $this->getResponse('redirectUrl');
$rep->url = $url_return;
return $rep;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
if (isset($this->config['persistant_enable']) && $this->config['persistant_enable'] && !jAuth::isConnected()) {
if (isset($this->config['persistant_cookie_name']) && isset($this->config['persistant_crypt_key'])) {
$cookieName = $this->config['persistant_cookie_name'];
if (isset($_COOKIE[$cookieName]['auth']) && strlen($_COOKIE[$cookieName]['auth']) > 0) {
$decrypted = jCrypt::decrypt($_COOKIE[$cookieName]['auth'], $this->config['persistant_crypt_key']);
$decrypted = @unserialize($decrypted);
if ($decrypted && is_array($decrypted)) {
list($login, $password) = $decrypted;
jAuth::login($login, $password);
}
}
if (isset($_COOKIE[$cookieName]['login'])) {
// destroy deprecated cookies
setcookie($cookieName . '[login]', '', time() - 3600, $this->config['persistant_cookie_path']);
setcookie($cookieName . '[passwd]', '', time() - 3600, $this->config['persistant_cookie_path']);
}
} else {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
}
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
$authok = false;
if ($needAuth) {
if ($notLogged) {
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
if (!$badip) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
} else {
$authok = true;
}
} else {
$authok = true;
}
return $selector;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
jAuth::checkCookieToken();
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
if ($needAuth && $notLogged) {
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} elseif (jApp::coord()->request->isAjax() && !$badip) {
if (isset($this->config['on_ajax_error_action']) && $this->config['on_ajax_error_action']) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_ajax_error_action']);
} else {
throw new jException($this->config['error_message']);
}
} elseif (!$badip) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
return $selector;
}
