/** * Config the auth object * * @param \Phire\Table\UserTypes $type * @param string $username * @param array $options * @return \Phire\Auth\Auth */ public function config($type, $username = null, $options = array()) { // Set the password encryption and salt $this->setEncryption((int) $type->password_encryption); $this->setEncryptionOptions($options); // Set attempt limit $this->setAttemptLimit((int) $type->allowed_attempts); // Set allowed IPs if (!empty($type->ip_allowed)) { $allowed = explode(',', $type->ip_allowed); $this->setAllowedIps($allowed); $this->setAllowedSubnets($allowed); } // Set blocked IPs if (!empty($type->ip_blocked)) { $blocked = explode(',', $type->ip_blocked); $this->setBlockedIps($blocked); $this->setBlockedSubnets($blocked); } // Set failed attempts if (null !== $username) { $user = Table\Users::findBy(array('username' => $username)); if (isset($user->id)) { $this->setAttempts((int) $user->failed_attempts); } } return $this; }
/** * Set the field values * * @param array $values * @return Unsubscribe */ public function setFieldValues(array $values = null) { parent::setFieldValues($values); if ($_POST && null !== $this->email) { $member = Table\Users::findBy(['email' => $this->email]); if (!isset($member->id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email does not exist.')); } else { if (null !== $member->role_id) { $sess = \Pop\Web\Session::getInstance(); $requireLogin = true; $role = Table\Roles::findById($member->role_id); if (isset($role->id) && null !== $role->permissions) { $permissions = unserialize($role->permissions); if (isset($permissions['deny'])) { foreach ($permissions['deny'] as $deny) { if ($deny['resource'] == 'member-login') { $requireLogin = false; } } } } if ($requireLogin) { if (!isset($sess->member) || isset($sess->member) && $sess->member->id != $member->id) { $memberAdmin = new \Phire\Members\Model\MembersAdmin(); $memberAdmin->getByRoleId($member->role_id); $memberUri = isset($memberAdmin->uri) ? $memberAdmin->uri : APP_URI; $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'You must <a href="' . BASE_PATH . $memberUri . '/login">log in</a> to unsubscribe.')); } } } } } return $this; }
/** * Set the field values * * @param array $values * @return UserEmail */ public function setFieldValues(array $values = null) { parent::setFieldValues($values); if ($_POST && null !== $this->email) { // Check for dupe email $user = null; $email = null; if (null !== $this->email) { $user = Table\Users::findBy(['username' => $this->email]); if (isset($user->id) && $this->id != $user->id) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email already exists.')); } else { $email = Table\Users::findBy(['email' => $this->email]); if (isset($email->id) && $this->id != $email->id) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email1, 'That email already exists.')); } } } // If existing user if ((int) $_POST['id'] > 0) { if (!empty($this->password1)) { $this->getElement('password2')->setRequired(true)->addValidator(new Validator\Equal($this->password1, 'The passwords do not match.')); } // Else, if new user, check email and password matches } else { $this->getElement('password2')->setRequired(true)->addValidator(new Validator\Equal($this->password1, 'The passwords do not match.')); } } return $this; }
/** * Set the field values * * @param array $values * @param array $filters * @param \Phire\Auth\Auth $auth * @param \Phire\Table\UserTypes $type * @param \Phire\Model\User $user * @return \Pop\Form\Form */ public function setFieldValues(array $values = null, $filters = null, $auth = null, $type = null, $user = null) { parent::setFieldValues($values, $filters); if ($_POST) { // Authenticate and get the auth result $auth->authenticate($this->username, $this->password); $result = $auth->getAuthResult($type, $this->username); if (null !== $result) { $user->login($this->username, $type, false); if ($auth->getResult() == \Pop\Auth\Auth::PASSWORD_INCORRECT) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, $result)); } else { $this->getElement('username')->addValidator(new Validator\NotEqual($this->username, $result)); } } // Check the user's allowed sites if (strtolower($type->type) != 'user') { $u = Table\Users::findBy(array('username' => $this->username)); if (isset($u->id)) { $siteIds = unserialize($u->site_ids); $site = Table\Sites::findBy(array('document_root' => $_SERVER['DOCUMENT_ROOT'])); $siteId = isset($site->id) ? $site->id : '0'; if (!in_array($siteId, $siteIds)) { $this->getElement('username')->addValidator(new Validator\NotEqual($this->username, $this->i18n->__('That user is not allowed on this site.'))); } } } } return $this; }
/** * Set the field values * * @param array $values * @param array $filters * @return \Pop\Form\Form */ public function setFieldValues(array $values = null, $filters = null) { parent::setFieldValues($values, $filters); if ($_POST) { if (Validator\Email::factory()->evaluate($this->email)) { $user = Table\Users::findBy(array('email' => $this->email)); if (!isset($user->id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, $this->i18n->__('That email does not exist.'))); } } } return $this; }
/** * Add action method * * @return void */ public function add() { $roleId = $this->getRoleId(); $username = ''; $email = null; $role = new Model\Role(); $role->getById($roleId); $this->console->write(); $dupeUser = Table\Users::findBy(['username' => $username]); while ($username == '' || isset($dupeUser->id)) { if (isset($dupeUser->id)) { $this->console->write($this->console->colorize('That username already exists.', Console::BOLD_RED)); $username = ''; } if ($role->email_as_username) { while (!(new Email())->evaluate($username)) { $username = $this->console->prompt($this->console->getIndent() . 'Enter Email: '); } $email = $username; } else { while ($username == '') { $username = $this->console->prompt($this->console->getIndent() . 'Enter Username: '******''; while (!(new Email())->evaluate($email)) { $email = $this->console->prompt($this->console->getIndent() . 'Enter Email: '); } } } $dupeUser = Table\Users::findBy(['username' => $username]); } $password = ''; while ($password == '') { $password = $this->console->prompt($this->console->getIndent() . 'Enter Password: '******''; while (strtolower($active) != 'y' && strtolower($active) != 'n') { $active = $this->console->prompt($this->console->getIndent() . 'Active? (Y/N): '); } $verified = ''; while (strtolower($verified) != 'y' && strtolower($verified) != 'n') { $verified = $this->console->prompt($this->console->getIndent() . 'Verified? (Y/N): '); } $fields = ['role_id' => $roleId, 'username' => $username, 'password1' => $password, 'email' => $email, 'active' => strtolower($active) == 'y' ? 1 : 0, 'verified' => strtolower($verified) == 'y' ? 1 : 0]; $user = new Model\User(); $user->save($fields); $this->console->write(); $this->console->write($this->console->colorize('User Added!', Console::BOLD_GREEN)); }
/** * Set the field values * * @param array $values * @return Forgot */ public function setFieldValues(array $values = null) { parent::setFieldValues($values); if ($_POST && null !== $this->email) { $user = Table\Users::findBy(['email' => $this->email]); if (!isset($user->id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email does not exist.')); } else { $role = new Model\Role(); if (!$role->canSendReminder($user->role_id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That request cannot be processed.')); } } } return $this; }
/** * Set the field values * * @param array $values * @return RegisterEmail */ public function setFieldValues(array $values = null) { parent::setFieldValues($values); if ($_POST && null !== $this->email) { // Check for dupe email if (null !== $this->email) { $user = Table\Users::findBy(['username' => $this->email]); if (isset($user->id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That username is not allowed.')); } else { $email = Table\Users::findBy(['email' => $this->email]); if (isset($email->id)) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email is not allowed.')); } } } // Check password matches $this->getElement('password2')->addValidator(new Validator\Equal($this->password1, 'The passwords do not match.')); } return $this; }
/** * Set the field values * * @param array $values * @return Profile */ public function setFieldValues(array $values = null) { parent::setFieldValues($values); if ($_POST && null !== $this->username) { // Check for dupe username $user = null; if (null !== $this->username) { $user = Table\Users::findBy(['username' => $this->username]); if (isset($user->id) && $this->id != $user->id) { $this->getElement('username')->addValidator(new Validator\NotEqual($this->username, 'That username is not allowed.')); } } // Check for dupe email $email = Table\Users::findBy(['email' => $this->email]); if (isset($email->id) && $this->id != $email->id) { $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email is not allowed.')); } // Check password matches if (!empty($this->password1)) { $this->getElement('password2')->setRequired(true)->addValidator(new Validator\Equal($this->password1, 'The passwords do not match.')); } } return $this; }
/** * Send password reminder to user * * @param string $email * @param \Pop\Config $config * @return void */ public function sendReminder($email, $config) { $encOptions = $config->encryptionOptions->asArray(); $user = Table\Users::findBy(array('email' => $email)); if (isset($user->id)) { $type = Table\UserTypes::findById($user->type_id); if ($type->password_encryption == Auth\Auth::ENCRYPT_NONE) { $newPassword = $this->password; $newEncPassword = $newPassword; $msg = $this->i18n->__('Your username and password is:'); } else { $newPassword = (string) String::random(8, String::ALPHANUM); $newEncPassword = self::encryptPassword($newPassword, $type->password_encryption, $encOptions); $msg = $this->i18n->__('Your password has been reset for security reasons. Your username and new password is:'); } // Save new password $user->password = $newEncPassword; $user->save(); // Get base path and domain $basePath = strtolower($type->type) != 'user' ? BASE_PATH . '/' . strtolower($type->type) : BASE_PATH . APP_URI; $domain = str_replace('www.', '', $_SERVER['HTTP_HOST']); // Set recipient $rcpt = array('name' => $user->username, 'email' => $user->email, 'username' => $user->username, 'password' => $newPassword, 'login' => 'http://' . $_SERVER['HTTP_HOST'] . $basePath . '/login', 'domain' => $domain, 'message' => $msg); if (file_exists($_SERVER['DOCUMENT_ROOT'] . BASE_PATH . CONTENT_PATH . '/extensions/themes/phire/mail/forgot.txt')) { $mailTmpl = file_get_contents($_SERVER['DOCUMENT_ROOT'] . BASE_PATH . CONTENT_PATH . '/extensions/themes/phire/mail/forgot.txt'); } else { $mailTmpl = file_get_contents(__DIR__ . '/../../../view/phire/mail/forgot.txt'); } $mailTmpl = str_replace(array('Dear', 'Here is your password for', 'You can login at:', 'Thank You'), array($this->i18n->__('Dear'), $this->i18n->__('Here is your password for'), $this->i18n->__('You can login at:'), $this->i18n->__('Thank You')), $mailTmpl); // Send reminder $mail = new Mail($domain . ' - ' . $this->i18n->__('Password Reset'), $rcpt); $mail->from(Table\Config::findById('reply_email')->value); $mail->setText($mailTmpl); $mail->send(); } }
/** * Unsubscribe a user from the application * * @param array $fields * @return void */ public function unsubscribe(array $fields) { $user = Table\Users::findBy(['email' => $fields['email']]); if (isset($user->id)) { $this->data['id'] = $user->id; $this->sendUnsubscribe($user); $user->delete(); } }
/** * Set the field values * * @param array $values * @param array $filters * @param \Pop\Config $config * @return \Pop\Form\Form */ public function setFieldValues(array $values = null, $filters = null, $config = null) { parent::setFieldValues($values, $filters); if ($this->id != 0) { if (null !== $this->getElement('email2')) { $this->getElement('email2')->setRequired(false); } if (null !== $this->getElement('password1') && null === $this->reset_pwd) { $this->getElement('password1')->setRequired(false); $this->getElement('password2')->setRequired(false); } } // Add validators for checking dupe usernames // and matching the emails and passwords if ($_POST && isset($_POST['id'])) { if (isset($this->fields['username'])) { $username = $this->username; $usernameField = 'username'; } else { $username = $this->email1; $usernameField = 'email1'; } $user = Table\Users::findBy(array('username' => $username)); if (isset($user->id) && $this->id != $user->id) { $this->getElement($usernameField)->addValidator(new Validator\NotEqual($username, $this->i18n->__('That user already exists.'))); } $email = Table\Users::findBy(array('email' => $this->email1)); if (isset($email->id) && $this->id != $email->id) { $this->getElement('email1')->addValidator(new Validator\NotEqual($this->email1, $this->i18n->__('That email already exists.'))); } if (null !== $this->getElement('email2')) { $this->getElement('email2')->addValidator(new Validator\Equal($this->email1, $this->i18n->__('The emails do not match.'))); } // If the password fields are set, check them for a match if (isset($this->password2)) { $this->getElement('password2')->addValidator(new Validator\Equal($this->password1, $this->i18n->__('The passwords do not match.'))); } if ($this->reset_pwd) { $user = Table\Users::findById($this->id); if (isset($user->id)) { $curPassword = $user->password; $type = Table\UserTypes::findById($user->type_id); if (isset($type->id)) { $encOptions = $config->encryptionOptions->asArray(); $auth = new \Pop\Auth\Adapter\Table('Phire\\Table\\Users'); $result = $auth->authenticate($this->username, $this->password2, $type->password_encryption, $encOptions); if ($result != \Pop\Auth\Auth::PASSWORD_INCORRECT) { $this->getElement('password2')->addValidator(new Validator\Equal($curPassword, $this->i18n->__('The new password cannot be the same.'))); } } } } } $this->checkFiles(); return $this; }
/** * Login and track session * * @param AbstractController $controller * @param Application $application * @return void */ public static function login(AbstractController $controller, Application $application) { $sess = $application->getService('session'); $userUri = APP_URI; $key = 'user'; if (isset($sess->member) && $application->isRegistered('phire-members')) { $key = 'member'; $memberAdmin = new \Phire\Members\Model\MembersAdmin(); $memberAdmin->getByRoleId($sess->member->role_id); if (isset($memberAdmin->uri)) { $userUri = $memberAdmin->uri; } } $path = BASE_PATH . $userUri; if ($path == '') { $path = '/'; } $cookie = Cookie::getInstance(['path' => $path]); $cookie->delete('phire_session_timeout'); $cookie->delete('phire_session_path'); // If login, validate and start new session if ($controller->request()->isPost() && substr($controller->request()->getRequestUri(), -6) == '/login') { // If the user successfully logged in if (isset($sess[$key])) { $config = Table\UserSessionConfig::findById($sess[$key]->role_id); $data = Table\UserSessionData::findById($sess[$key]->id); if (isset($config->role_id)) { if (!self::validate($config, $sess[$key], $data)) { if (isset($data->user_id)) { $data->failed_attempts++; $data->save(); } else { $data = new Table\UserSessionData(['user_id' => $sess[$key]->id, 'logins' => null, 'failed_attempts' => 1]); $data->save(); } if (isset($config->role_id) && (int) $config->log_type > 0 && null !== $config->log_emails) { self::log($config, $sess[$key], false); } $sess->kill(); Response::redirect(BASE_PATH . $userUri . '/login?failed=' . $data->failed_attempts); exit; } else { if (isset($data->user_id)) { $limit = (int) $application->module('phire-sessions')['login_limit']; $logins = unserialize($data->logins); if ($limit > 0 && count($logins) >= $limit) { reset($logins); unset($logins[key($logins)]); } $logins[time()] = ['ua' => $_SERVER['HTTP_USER_AGENT'], 'ip' => $_SERVER['REMOTE_ADDR']]; $data->total_logins++; $data->failed_attempts = 0; $data->logins = serialize($logins); $data->save(); } else { $data = new Table\UserSessionData(['user_id' => $sess[$key]->id, 'logins' => serialize([time() => ['ua' => $_SERVER['HTTP_USER_AGENT'], 'ip' => $_SERVER['REMOTE_ADDR']]]), 'total_logins' => 1, 'failed_attempts' => 0]); $data->save(); } } $expire = (int) $config->session_expiration > 0 ? (int) $config->session_expiration : null; $timeout = (int) $config->timeout_warning; } else { $expire = null; $timeout = false; } $lastLogin = null; $lastIp = null; // Check for the last login $data = Table\UserSessionData::findById($sess[$key]->id); if (isset($data->user_id)) { $logins = null !== $data->logins ? unserialize($data->logins) : []; if (count($logins) > 1) { $keys = array_keys($logins); $timestamp = isset($keys[count($keys) - 2]) ? $keys[count($keys) - 2] : null; if (null !== $timestamp && isset($logins[$timestamp])) { $lastLogin = $timestamp; $lastIp = $logins[$timestamp]['ip']; } } } // Clear old sessions $clear = (int) $application->module('phire-sessions')['clear_sessions']; if ($clear > 0) { $clear = time() - $clear; $sql = Table\UserSessions::sql(); $sql->delete()->where(['start <= :start']); Table\UserSessions::execute((string) $sql, ['start' => $clear]); } $session = new Table\UserSessions(['user_id' => $sess[$key]->id, 'ip' => $_SERVER['REMOTE_ADDR'], 'ua' => $_SERVER['HTTP_USER_AGENT'], 'start' => time()]); $session->save(); $sess[$key]->session = new \ArrayObject(['id' => $session->id, 'start' => $session->start, 'last' => $session->start, 'expire' => $expire, 'timeout' => $timeout, 'last_login' => $lastLogin, 'last_ip' => $lastIp], \ArrayObject::ARRAY_AS_PROPS); if (isset($config->role_id) && (int) $config->log_type > 0 && null !== $config->log_emails) { self::log($config, $sess[$key], true); } // Else, if the user login failed } else { if (null !== $controller->view()->form && $controller->view()->form !== false && null !== $controller->view()->form->username) { $user = \Phire\Table\Users::findBy(['username' => $controller->view()->form->username]); $config = Table\UserSessionConfig::findById($user->role_id); if (isset($user->id)) { $data = Table\UserSessionData::findById($user->id); if (isset($data->user_id)) { $data->failed_attempts++; $data->save(); } else { $data = new Table\UserSessionData(['user_id' => $user->id, 'logins' => null, 'failed_attempts' => 1]); $data->save(); } if (isset($config->role_id) && (int) $config->log_type > 0 && null !== $config->log_emails) { self::log($config, $user, false); } } } } // Check existing session } else { if (isset($sess[$key]) && isset($sess[$key]->session)) { if (!isset(Table\UserSessions::findById((int) $sess[$key]->session->id)->id) || null !== $sess[$key]->session->expire && time() - $sess[$key]->session->last >= $sess[$key]->session->expire) { $session = Table\UserSessions::findById((int) $sess[$key]->session->id); if (isset($session->id)) { $session->delete(); } $sess->kill(); Response::redirect(BASE_PATH . $userUri . '/login?expired=1'); exit; } else { if ($sess[$key]->session->timeout && null !== $sess[$key]->session->expire) { $cookie->set('phire_session_timeout', $sess[$key]->session->expire - 30); $cookie->set('phire_session_path', BASE_PATH . $userUri); } $sess[$key]->session->last = time(); } } } }