Esempio n. 1
0
 /**
  * Authenticate user and initializes the session.
  * Listens to Login.initSession hook.
  *
  * @param Core_Event_Notification $notification
  */
 function initSession($notification)
 {
     $info = $notification->getNotificationObject();
     $login = $info['login'];
     $password = $info['password'];
     $rememberMe = $info['rememberMe'];
     $tokenAuth = Module_UserManagement_API::getInstance()->getTokenAuth($login, $password);
     $auth = Zend_Registry::get('auth');
     $auth->setLogin($login);
     $auth->setTokenAuth($tokenAuth);
     $authResult = $auth->authenticate();
     $authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
     $authCookieExpiry = $rememberMe ? time() + Zend_Registry::get('config')->General->login_cookie_expire : 0;
     $authCookiePath = Zend_Registry::get('config')->General->login_cookie_path;
     $cookie = new Core_Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
     if (!$authResult->isValid()) {
         $cookie->delete();
         throw new Exception('Login_LoginPasswordNotCorrect');
     }
     $cookie->set('login', $login);
     $cookie->set('token_auth', $auth->getHashTokenAuth($login, $authResult->getTokenAuth()));
     $cookie->setSecure(Core_Common::isHttps());
     $cookie->setHttpOnly(true);
     $cookie->save();
     Zend_Session::regenerateId();
 }
Esempio n. 2
0
 /**
  * Clear the session information
  */
 public static function clearSession()
 {
     $authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
     $cookie = new Core_Cookie($authCookieName);
     $cookie->delete();
     Zend_Session::expireSessionCookie();
     Zend_Session::regenerateId();
 }