/** * Signs in the user on the application. * * @param sfGuardUser $user The sfGuardUser id * @param boolean $remember Whether or not to remember the user * @param Doctrine_Connection $con A Doctrine_Connection object */ public function signIn($user, $auth_key = null, $con = null) { // signin $this->setApiUserid($user->getId()); $this->setAuthenticated(true); $this->clearCredentials(); $this->addCredentials($user->getAllPermissionNames()); // save last login $user->setLastLogin(date('Y-m-d H:i:s')); $user->save($con); // Set login messages $message = array(); foreach ($user->getUndisplayedLoginMessages() as $message) { $messages[] = $message->getMessage(); $message->setDisplayed(true); $message->save(); } if (count($message) > 0) { $this->setFlash('login', $messages); } // remember? if ($auth_key) { $this->setApiAuthkey($auth_key); $api_key = sfConfig::get('app_web_app_api_key'); $api = ApiKeyTable::getInstance()->findOneBy('api_key', $api_key); $auth_key = sfGuardUserAuthKeyTable::getInstance()->getMostRecentValidByApiKeyIdAndAuthKey($api->getIncremented(), $auth_key); $expires = strtotime($auth_key->getExpiresAt()); // make key as a cookie $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $auth_key->getAuthKey(), $expires); } }
/** * Signs in the user on the application. * * @param sfGuardUser $user The sfGuardUser id * @param boolean $remember Whether or not to remember the user * @param Doctrine_Connection $con A Doctrine_Connection object */ public function signIn($user, $remember = false, $con = null) { // signin $this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser'); $this->setAuthenticated(true); $this->clearCredentials(); $this->addCredentials($user->getAllPermissionNames()); // save last login $user->setLastLogin(date('Y-m-d H:i:s')); $user->save($con); // remember? if ($remember) { $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600); // remove old keys Doctrine_Core::getTable('sfGuardRememberKey')->createQuery()->delete()->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age))->execute(); // remove other keys from this user Doctrine_Core::getTable('sfGuardRememberKey')->createQuery()->delete()->where('user_id = ?', $user->getId())->execute(); // generate new keys $key = $this->generateRandomKey(); // save key $rk = new sfGuardRememberKey(); $rk->setRememberKey($key); $rk->setUser($user); $rk->setIpAddress($_SERVER['REMOTE_ADDR']); $rk->save($con); // make key as a cookie $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); //My remember cookie MUST depend on the path and in the future it will on the domain as well. //FIXME: WHEN HAVING A DOMAIN TO ADD IT HERE AS WELL!!!! // AND THE CONFIGURATION PARAMETER ON /config/app.yml!!!! $path = sfConfig::get('app_sf_guard_plugin_remember_cookie_path', '/'); sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age, $path); } }
/** * Signs in the user on the application. * * @param sfGuardUser $user The sfGuardUser id * @param boolean $remember Whether or not to remember the user * @param Doctrine_Connection $con A Doctrine_Connection object */ public function signIn($user, $remember = false, $con = null) { // signin $this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser'); $this->setAuthenticated(true); $this->clearCredentials(); $this->addCredentials($user->getAllPermissionNames()); // save last login $user->setLastLogin(date('Y-m-d H:i:s')); $user->save($con); // remember? if ($remember) { $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600); // remove old keys Doctrine::getTable('sfGuardRememberKey')->createQuery()->delete()->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age))->execute(); // remove other keys from this user Doctrine::getTable('sfGuardRememberKey')->createQuery()->delete()->where('user_id = ?', $user->getId())->execute(); // generate new keys $key = $this->generateRandomKey(); // save key $rk = new sfGuardRememberKey(); $rk->setRememberKey($key); $rk->setsfGuardUser($user); $rk->setIpAddress($_SERVER['REMOTE_ADDR']); $rk->save($con); // make key as a cookie $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age); } }
public function executeJoin($request) { $userParams = $request->getParameter('user'); $this->is_invited = false; $this->group = $request->getParameter('group'); if ($this->group && $this->getUser()->isAuthenticated()) { $this->redirect('@groupView?name=' . $this->group); } //if there's an invitation code supplied, it should match an invitation generated by an invite if ($code = $request->getParameter('code')) { $profile = Doctrine_Query::create()->from('sfGuardUserProfile p')->where('p.invitation_code = ?', $code)->fetchOne(); if ($profile) { $this->is_invited = true; } } if (!$this->is_invited) { $profile = new sfGuardUserProfile(); } //if a network name is supplied if ($network_name = $request->getParameter('network')) { if ($network = LsListTable::getNetworkByDisplayName($network_name)) { $profile->home_network_id = $network["id"]; } } $this->user_form = new UserJoinForm($profile); $this->profile = $profile; //if form is posted, validate if ($request->isMethod('post')) { //bind request params to form $captcha = array('recaptcha_challenge_field' => $request->getParameter('recaptcha_challenge_field'), 'recaptcha_response_field' => $request->getParameter('recaptcha_response_field')); $userParams = array_merge($userParams, array('captcha' => $captcha)); $this->user_form->bind($userParams); //if public_name is valid, check that it's unique $errors = $this->user_form->getErrorSchema()->getErrors(); if (!isset($errors['public_name'])) { $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('p.public_name LIKE ?', $userParams['public_name']); if (in_array($userParams['public_name'], sfGuardUserProfileTable::$prohibitedPublicNames) || $q->count()) { $validatorSchema = $this->user_form->getValidatorSchema(); $validatorSchema['public_name']->setMessage('invalid', 'Sorry, the public name you chose is already taken!'); $this->user_form->getErrorSchema()->addError(new sfValidatorError($validatorSchema['public_name'], 'invalid'), 'public_name'); } } //look for user with duplicate email $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('REPLACE(p.email, \'.\', \'\') = REPLACE(?, \'.\', \'\')', $userParams['email']); //if user was invited, the duplicate user shouldn't have the same code //if ($code) //{ // $q->addWhere('p.invitation_code <> ?', $code); //} if ($q->count()) { $request->setError('email', 'There is already a user with that email'); } //proceed if there are no errors if ($this->user_form->isValid() && !$request->hasErrors()) { //if user is invited, consider user confirmed if ($this->is_invited) { $user = $profile->User; $user->is_active = true; $profile->invitation_code = null; $profile->is_visible = true; $profile->is_confirmed = true; } else { $user = new sfGuardUser(); //auto-approve? $user->is_active = sfConfig::get('app_accounts_auto_approve') ? true : false; } $db = Doctrine_Manager::connection(); try { $db->beginTransaction(); //save submitted email as password $user->username = $userParams['email']; $user->algorithm = 'sha1'; $user->setPassword($userParams['password1']); if (!$user->hasPermission('contributor')) { $user->addPermissionByName('contributor'); } if (!$user->hasPermission('editor')) { $user->addPermissionByName('editor'); } $user->save(); //save submitted profile fields $profile->user_id = $user->id; $profile->name_first = $userParams['name_first']; $profile->name_last = $userParams['name_last']; $profile->email = $userParams['email']; $profile->reason = $userParams['reason']; $profile->analyst_reason = $userParams['analyst_reason']; $profile->public_name = $userParams['public_name']; $profile->home_network_id = $userParams['home_network_id']; //if not invited, generate code for email confirmation if (!$this->is_invited) { $code = substr(sha1($profile->email . time()), 0, 20); $profile->confirmation_code = $code; } $profile->save(); //add user to group, if requested if ($this->group) { $db = Doctrine_Manager::connection(); $sql = 'SELECT id FROM sf_guard_group WHERE name = ?'; $stmt = $db->execute($sql, array($this->group)); if ($groupId = $stmt->fetch(PDO::FETCH_COLUMN)) { $ug = new sfGuardUserGroup(); $ug->user_id = $user->id; $ug->group_id = $groupId; $ug->is_owner = 0; $ug->save(); } } //send email to notify administrator of new account creation $mailBody = $this->getPartial('accountcreatenotify', array('user' => $user, 'analyst' => $userParams['analyst_reason'], 'group' => $this->group)); if ($this->is_invited) { $subject = 'LittleSis account invitation accepted by ' . $userParams['name_first'] . ' ' . $userParams['name_last']; } else { $subject = 'LittleSis account ' . ($user->is_active ? 'created' : 'requested') . ' by ' . $userParams['name_first'] . ' ' . $userParams['name_last']; } $mailer = new Swift(new Swift_Connection_NativeMail()); $message = new Swift_Message($subject, $mailBody, 'text/plain'); $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name')); $mailer->send($message, sfConfig::get('app_mail_join_sender_address'), $address); $mailer->disconnect(); //notify user that the account has been created/requested $subject = $user->is_active ? 'Welcome to LittleSis!' : 'Your request to become a LittleSis analyst'; $mailBody = $this->getPartial($user->is_active ? 'accountcreatereceipt' : 'accountrequestreceipt', array('user' => $user, 'password' => $userParams['password1'], 'is_invited' => $this->is_invited)); $mailer = new Swift(new Swift_Connection_NativeMail()); $message = new Swift_Message('Welcome to LittleSis!', $mailBody, 'text/plain'); $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name')); $mailer->send($message, $profile->email, $address); $mailer->disconnect(); //if invited, sign in user and record login time if ($this->is_invited) { // signin user $this->getUser()->setAttribute('user_id', $user->id, 'sfGuardSecurityUser'); $this->getUser()->setAuthenticated(true); $this->getUser()->clearCredentials(); $this->getUser()->addCredentials($user->getAllPermissionNames()); // save last login $user->last_login = date('Y-m-d H:i:s'); $user->save(); } //commit changes $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } //redirect to requested or joined page if ($user->is_active) { $this->redirect('home/joined' . ($this->is_invited ? '?conf=1' : '')); } else { $this->redirect('home/requested'); } } } }