Esempio n. 1
0
 /**
  * Try to login user in admin
  *
  * @param  string $username
  * @param  string $password
  * @param  Mage_Core_Controller_Request_Http $request
  * @return Mage_Admin_Model_User|null
  */
 public function login($username, $password, $request = null)
 {
     if (empty($username) || empty($password)) {
         return;
     }
     $user = Mage::getModel('admin/user')->login($username, $password);
     if ($user->getId() && $user->getIsActive() != '1') {
         if ($request && !$request->getParam('messageSent')) {
             Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Your Account has been deactivated.'));
             $request->setParam('messageSent', true);
         }
     } elseif (!Mage::getModel('admin/user')->hasAssigned2Role($user->getId())) {
         if ($request && !$request->getParam('messageSent')) {
             Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Access Denied.'));
             $request->setParam('messageSent', true);
         }
     } else {
         if ($user->getId()) {
             $session = Mage::getSingleton('admin/session');
             $session->setIsFirstVisit(true);
             $session->setUser($user);
             $session->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
             if ($request) {
                 header('Location: ' . $request->getRequestUri());
                 exit;
             }
         } else {
             if ($request && !$request->getParam('messageSent')) {
                 Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Invalid Username or Password.'));
                 $request->setParam('messageSent', true);
             }
         }
     }
     return $user;
 }
Esempio n. 2
0
 /**
  * Custom REQUEST_URI logic
  *
  * @param Mage_Core_Controller_Request_Http $request
  * @return string|null
  */
 protected function _getRequestUri($request = null)
 {
     if (Mage::getSingleton('adminhtml/url')->useSecretKey()) {
         return Mage::getSingleton('adminhtml/url')->getUrl('*/*/*', array('_current' => true));
     } elseif ($request) {
         return $request->getRequestUri();
     } else {
         return null;
     }
 }
Esempio n. 3
0
 /**
  * Validate signature
  *
  * @throws Mage_Oauth_Exception
  */
 protected function _validateSignature()
 {
     $util = new Zend_Oauth_Http_Utility();
     $calculatedSign = $util->sign(array_merge($this->_params, $this->_protocolParams), $this->_protocolParams['oauth_signature_method'], $this->_consumer->getSecret(), $this->_token->getSecret(), $this->_request->getMethod(), $this->_request->getScheme() . '://' . $this->_request->getHttpHost() . $this->_request->getRequestUri());
     if ($calculatedSign != $this->_protocolParams['oauth_signature']) {
         $this->_throwException('', self::ERR_SIGNATURE_INVALID);
     }
 }
Esempio n. 4
0
 /**
  * @param Mage_Core_Controller_Request_Http $request
  * @return string
  */
 public function buildKey(Mage_Core_Controller_Request_Http $request)
 {
     $requestUri = $request->getRequestUri();
     return md5($requestUri);
 }