/**
* Verify user after activation mail link opened
* @param string $ua_verification_code user's activation verification token
*/
public function getVerify($ua_verification_code)
{
$this->app->log->debug(get_class($this) . '->getVerify()');
$user_name = Encryption::decrypt($this->app->request->get("user_name"));
if (isset($user_name) && isset($ua_verification_code)) {
$success = RegistrationModel::verifyNewUser($user_name, $ua_verification_code);
if ($success) {
// TODO: valutare se inviare mail di benvenuto all'utente
}
$this->app->render($this->app->config('app.templates.path') . '/login/verify.twig', array('feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages()));
} else {
$this->app->redirect($this->app->config('app.baseurl') . '/login');
}
}
/**
* performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently)
* TODO add throttling here ?
*
* @param $cookie string The cookie "remember_me"
*
* @return bool success state
*/
public static function loginWithCookie($cookie)
{
// do we have a cookie ?
if (!$cookie) {
Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID'));
return false;
}
// before list(), check it can be split into 3 strings.
if (count(explode(':', $cookie)) !== 3) {
Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID'));
return false;
}
// check cookie's contents, check if cookie contents belong together or token is empty
list($user_name, $token, $hash) = explode(':', $cookie);
// decrypt user user_name
$user_name = Encryption::decrypt($user_name);
if ($hash !== hash('sha256', $user_name . ':' . $token) or empty($token) or empty($user_name)) {
Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID'));
return false;
}
// get data of user that has this id and this token
$user = UserModel::getUserDataByUserNameAndToken($user_name, $token);
// if user with that id and exactly that cookie token exists in database
if ($user) {
// successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true
self::setSuccessfulLoginIntoSession($user->getUsername(), $user->getEmail(), $user->getAccounttype(), $user->getProvidertype());
// save timestamp of this login in the database line of that user
self::saveTimestampOfLoginOfUser($user->getUsername());
// NOTE: we don't set another remember_me-cookie here as the current cookie should always
// be invalid after a certain amount of time, so the user has to login with username/password
// again from time to time. This is good and safe ! ;)
Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL'));
return true;
} else {
Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID'));
return false;
}
}
/**
* Verify the verification token of that user (to show the user the password editing view or not)
* @param string $user_name username
* @param string $verification_code password reset verification token
*/
public function getVerifyPasswordReset($verification_code)
{
$this->app->log->debug(get_class($this) . '->getVerifyPasswordReset()');
// check if this the provided verification code fits the user's verification code
$user_name = Encryption::decrypt($this->app->request->get("user_name"));
if (PasswordResetModel::verifyPasswordReset($user_name, $verification_code)) {
$this->app->render($this->app->config('app.templates.path') . '/login/password-reset.twig', array('user_name' => $user_name, 'user_password_reset_hash' => $verification_code, 'feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages()));
} else {
$this->redirectToLogin();
}
}
