Esempio n. 1
0
<?php

//
use josegonzalez\Dotenv\Loader as Dotenv;
require '../vendor/autoload.php';
startSession();
loadDotEnv(__DIR__);
$authFactory = new \Aura\Auth\AuthFactory($_COOKIE);
$auth = $authFactory->newInstance();
//
//
$pdo = \defaultTodoPdo();
$cols = array('username', 'password', 'email', 'fullname', 'website');
$from = 'users';
$where = 'active = 1';
$hash = new \Aura\Auth\Verifier\PasswordVerifier(PASSWORD_DEFAULT);
$pdoAdapter = $authFactory->newPdoAdapter($pdo, $hash, $cols, $from, $where);
//
$loginService = $authFactory->newLoginService($pdoAdapter);
try {
    if (isset($_POST['username']) && isset($_POST['password'])) {
        $loginService->login($auth, array('username' => $_POST['username'], 'password' => $_POST['password']));
        $auth->setUserName($_POST['username']);
    }
} catch (\Aura\Auth\Exception\UsernameMissing $e) {
    echo "The 'username' field is missing or empty.";
} catch (\Aura\Auth\Exception\PasswordMissing $e) {
    echo "The 'password' field is missing or empty.";
} catch (\Aura\Auth\Exception\UsernameNotFound $e) {
    echo "The username you entered was not found.";
} catch (\Aura\Auth\Exception\MultipleMatches $e) {
Esempio n. 2
0
<?php

require '../vendor/autoload.php';
startSession();
loadDotEnv(__DIR__);
$authFactory = new Aura\Auth\AuthFactory($_COOKIE);
$auth = $authFactory->newInstance();
//
$logoutService = $authFactory->newLogoutService(null);
$logoutService->logout($auth);
if ($auth->isAnon()) {
    echo "You are now logged out.";
} else {
    echo "Something went wrong; you are still logged in.";
}
echo $auth->getStatus();
Esempio n. 3
0
 /**
  * Check if the access request is authorized by a user. A request must either contain session data from 
  * a previous login or contain a HTTP Basic authorization info, which is then used to
  * perform a login against the users table in the database. 
  * @return true if authorized else false
  */
 protected function is_authorized()
 {
     $app = $this->app;
     $req = $app->request;
     $session_factory = new \BicBucStriim\SessionFactory();
     $session = $session_factory->newInstance($_COOKIE);
     $session->setCookieParams(array('path' => $app->request->getRootUri() . '/'));
     $auth_factory = new \Aura\Auth\AuthFactory($_COOKIE, $session);
     $app->auth = $auth_factory->newInstance();
     $hash = new \Aura\Auth\Verifier\PasswordVerifier(PASSWORD_BCRYPT);
     $cols = array('username', 'password', 'id', 'email', 'role', 'languages', 'tags');
     $pdo_adapter = $auth_factory->newPdoAdapter($app->bbs->mydb, $hash, $cols, 'user');
     $app->login_service = $auth_factory->newLoginService($pdo_adapter);
     $app->logout_service = $auth_factory->newLogoutService($pdo_adapter);
     $resume_service = $auth_factory->newResumeService($pdo_adapter);
     try {
         $resume_service->resume($app->auth);
     } catch (ErrorException $e) {
         $app->getLog()->warn('login error: bad cookie data ' . var_export(get_class($e), true));
     }
     $app->getLog()->debug("after resume: " . $app->auth->getStatus());
     if ($app->auth->isValid()) {
         // already logged in -- check for bad cookie contents
         $ud = $app->auth->getUserData();
         if (is_array($ud) && array_key_exists('role', $ud) && array_key_exists('id', $ud)) {
             // contents seems ok
             return true;
         } else {
             $app->getLog()->warn("bad cookie contents: killing session");
             // bad cookie contents, kill it
             $session->destroy();
             return false;
         }
     } else {
         // not logged in - check for login info
         $auth = $this->checkPhpAuth($req);
         if (is_null($auth)) {
             $auth = $this->checkHttpAuth($req);
         }
         $app->getLog()->debug('login auth: ' . var_export($auth, true));
         // if auth info found check the database
         if (is_null($auth)) {
             return false;
         } else {
             try {
                 $app->login_service->login($app->auth, array('username' => $auth[0], 'password' => $auth[1]));
                 $app->getLog()->debug('login status: ' . var_export($app->auth->getStatus(), true));
             } catch (Auth\Exception $e) {
                 $app->getLog()->debug('login error: ' . var_export(get_class($e), true));
             }
             return $app->auth->isValid();
         }
     }
 }
Esempio n. 4
0
 /**
  * Check if the access request is authorized by a user. A request must either contain session data from 
  * a previous login or contain a HTTP Basic authorization info, which is then used to
  * perform a login against the users table in the database. 
  * @return true if authorized else false
  */
 protected function is_authorized()
 {
     $app = $this->app;
     $req = $app->request;
     $session_factory = new \BicBucStriim\SessionFactory();
     $session = $session_factory->newInstance($_COOKIE);
     $session->setCookieParams(array('path' => $app->request->getRootUri() . '/'));
     $auth_factory = new \Aura\Auth\AuthFactory($_COOKIE, $session);
     $app->auth = $auth_factory->newInstance();
     $hash = new \Aura\Auth\Verifier\PasswordVerifier(PASSWORD_BCRYPT);
     $cols = array('username', 'password', 'id', 'email', 'role', 'languages', 'tags');
     $pdo_adapter = $auth_factory->newPdoAdapter($app->bbs->mydb, $hash, $cols, 'user');
     $app->login_service = $auth_factory->newLoginService($pdo_adapter);
     $app->logout_service = $auth_factory->newLogoutService($pdo_adapter);
     $resume_service = $auth_factory->newResumeService($pdo_adapter);
     $resume_service->resume($app->auth);
     $app->getLog()->debug("after resume: " . $app->auth->getStatus());
     if ($app->auth->isValid()) {
         // already logged in
         return true;
     } else {
         // not logged in - check for login info
         $auth = $this->checkPhpAuth($req);
         if (is_null($auth)) {
             $auth = $this->checkHttpAuth($req);
         }
         //$app->getLog()->debug('login auth: '.var_export($auth,true));
         // if auth info found check the database
         if (is_null($auth)) {
             return false;
         } else {
             $li = $app->login_service->login($app->auth, array('username' => $auth[0], 'password' => $auth[1]));
             // $app->getLog()->debug('login answer: '.var_export($li,true));
             return $li;
         }
     }
 }