public function action_login() { $this->template->title = 'User » Login'; $this->template->content = $this->action_get_login_form(); $post = Input::post(); if (!empty($post)) { //get the destination path to redirect to upon login $destination = empty($_REQUEST['destination']) ? '/welcome' : $_REQUEST['destination']; $this->template->content->destination = $destination; //add server-side validation $validation = $this->template->content->validation; $validation->add_field('username_or_email', 'Username or Email', 'required'); $validation->add_field('password', 'Password', 'required'); if ($validation->run()) { try { $authenticated_flag = false; if ($this->user && \Access::can('impersonate_any_user', $this->user)) { Warden::logout(); $authenticated_flag = Warden::force_login($validation->validated('username_or_email'), true); } else { $authenticated_flag = Warden::authenticate($validation->validated('username_or_email'), $validation->validated('password'), Input::post('remember_me')); } if ($authenticated_flag) { Response::redirect(Uri::create($destination, array(), array(), false)); } else { Session::set_flash('error', 'Invalid username/email or password entered.'); } } catch (Warden\Failure $failure) { switch ($failure->reason()) { case 'unconfirmed': //user is unconfirmed - let them know they need to confirm and activate their account Session::set_flash('error', $failure->getMessage()); $this->template->content = View::forge('user/unconfirmed'); $this->template->content->user = $failure->get_user(); $this->template->content->user->send_confirmation_instructions(); break; case 'locked': Session::set_flash('error', array('Your account has been locked due to too many consecutive failed login attempts.', 'Check your email for instructions on unlocking your account. Or you can wait a few days and try again.')); break; default: Session::set_flash('error', $failure->getMessage()); } } catch (Exception $ex) { Session::set_flash('error', $ex->getMessage()); } } else { Session::set_flash('error', 'Invalid username/email or password entered.'); } } }