/**
* This method should handle any login logic and report back to the subject
*
* @param array $user holds the user data
* @param array $options array holding options (remember, autoregister, group)
* @return boolean True on success
*/
public function onLoginUser($user, $options = array())
{
jimport('joomla.user.helper');
$xuser = User::getRoot();
// get user from session (might be tmp_user, can't fetch from db)
if ($xuser->get('guest')) {
// joomla user plugin hasn't run or something went very badly
$plugins = Plugin::byType('user');
$xuser_order = false;
$joomla_order = false;
$i = 0;
foreach ($plugins as $plugin) {
if ($plugin->name == 'xusers') {
$xuser_order = $i;
}
if ($plugin->name == 'joomla') {
$joomla_order = $i;
}
$i++;
}
if ($joomla_order === false) {
return new Exception(Lang::txt('E_JOOMLA_USER_PLUGIN_MISCONFIGURED'), 500);
}
if ($xuser_order <= $joomla_order) {
return new Exception(Lang::txt('E_HUBZERO_USER_PLUGIN_MISCONFIGURED'), 500);
}
return new Exception(Lang::txt('E_JOOMLA_USER_PLUGIN_FAILED'), 500);
}
// log login to auth log
Log::auth($xuser->get('id') . ' [' . $xuser->get('username') . '] ' . $_SERVER['REMOTE_ADDR'] . ' login');
// correct apache log data
apache_note('auth', 'login');
// Log attempt to the database
Hubzero\User\User::oneOrFail($xuser->get('id'))->logger()->auth()->save(['username' => $xuser->get('username'), 'status' => 'success']);
// update session tracking with new data
$session = App::get('session');
$session->set('tracker.user_id', $xuser->get('id'));
$session->set('tracker.username', $xuser->get('username'));
if ($session->get('tracker.sid') == '') {
$session->set('tracker.sid', $session->getId());
}
$session->set('tracker.psid', $session->get('tracker.sid'));
if ($session->get('tracker.rsid') == '') {
$session->set('tracker.rsid', $session->getId());
}
if ($session->get('tracker.user_id') != $xuser->get('id') || $session->get('tracker.ssid') == '') {
$session->set('tracker.ssid', $session->getId());
}
if (empty($user['type'])) {
$session->clear('session.authenticator');
} else {
$session->set('session.authenticator', $user['type']);
}
if (isset($options['silent']) && $options['silent']) {
$session->set('session.source', 'cookie');
} else {
$session->set('session.source', 'user');
}
// update tracking data with changes related to login
jimport('joomla.utilities.utility');
$hash = App::hash(App::get('client')->name . ':tracker');
$key = \App::hash('');
$crypt = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
$tracker = array();
$tracker['user_id'] = $session->get('tracker.user_id');
$tracker['username'] = $session->get('tracker.username');
$tracker['sid'] = $session->getId();
$tracker['rsid'] = $session->get('tracker.rsid', $tracker['sid']);
$tracker['ssid'] = $session->get('tracker.ssid', $tracker['sid']);
$cookie = $crypt->encrypt(serialize($tracker));
$lifetime = time() + 365 * 24 * 60 * 60;
// Determine whether cookie should be 'secure' or not
$secure = false;
$forceSsl = \Config::get('force_ssl', false);
if (\App::isAdmin() && $forceSsl >= 1) {
$secure = true;
} else {
if (\App::isSite() && $forceSsl == 2) {
$secure = true;
}
}
setcookie($hash, $cookie, $lifetime, '/', '', $secure, true);
/* Mark registration as incomplete so it gets checked on next page load */
$username = $xuser->get('username');
if (isset($user['auth_link']) && is_object($user['auth_link'])) {
$hzal = $user['auth_link'];
} else {
$hzal = null;
}
if ($xuser->get('tmp_user')) {
$email = $xuser->get('email');
if ($username[0] == '-') {
$username = trim($username, '-');
if ($hzal) {
$xuser->set('username', 'guest;' . $username);
$xuser->set('email', $hzal->email);
}
}
} else {
if ($username[0] == '-') {
$username = trim($username, '-');
if ($hzal) {
$hzal->user_id = $xuser->get('id');
$hzal->update();
}
}
}
if ($hzal) {
$xuser->set('auth_link_id', $hzal->id);
$session->set('linkaccount', true);
}
$session->set('registration.incomplete', true);
// Check if quota exists for the user
$params = Component::params('com_members');
if ($params->get('manage_quotas', false)) {
require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'users_quotas.php';
require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'quotas_classes.php';
$quota = new \Components\Members\Tables\UsersQuotas($this->database);
$quota->load(array('user_id' => $xuser->get('id')));
if (!$quota->id) {
$class = new \Components\Members\Tables\QuotasClasses($this->database);
$class->load(array('alias' => 'default'));
if ($class->id) {
$quota->set('user_id', $xuser->get('id'));
$quota->set('class_id', $class->id);
$quota->set('soft_blocks', $class->soft_blocks);
$quota->set('hard_blocks', $class->hard_blocks);
$quota->set('soft_files', $class->soft_files);
$quota->set('hard_files', $class->hard_files);
$quota->store();
}
} else {
if ($quota->class_id) {
// Here, we're checking to make sure their class matches their actual quota values
$class = new \Components\Members\Tables\QuotasClasses($this->database);
$class->load($quota->class_id);
if ($quota->get('soft_blocks') != $class->get('soft_blocks') || $quota->get('hard_blocks') != $class->get('hard_blocks') || $quota->get('soft_files') != $class->get('soft_files') || $quota->get('hard_files') != $class->get('hard_files')) {
$quota->set('user_id', $xuser->get('id'));
$quota->set('class_id', $class->id);
$quota->set('soft_blocks', $class->soft_blocks);
$quota->set('hard_blocks', $class->hard_blocks);
$quota->set('soft_files', $class->soft_files);
$quota->set('hard_files', $class->hard_files);
$quota->store();
}
}
}
}
return true;
}
