/** * Generates a new random token for unlocking, and stores the time * this token is being generated. * * @return bool */ public function generate_unlock_token() { if ($this->unlock_token === null) { $this->unlock_token = Warden::forge()->generate_token(); } return true; }
/** * Completes a login by assigning the user to the session key. * * @param \Warden\Model_User $user * * @return bool */ protected function complete_login(Model_User $user) { // Create and set new authentication token $user->authentication_token = Warden::forge()->generate_token(); try { if ($this->config['trackable'] === true) { $user->update_tracked_fields(); } else { if ($this->config['lockable']['in_use'] === true) { $strategy = $this->config['lockable']['lock_strategy']; if (!empty($strategy) && $strategy != 'none') { $user->{$strategy} = 0; } } $user->save(false); } \Session::set('authenticity_token', $user->authentication_token); \Session::instance()->rotate(); $this->set_user($user); $this->_run_event('after_authentication'); return true; } catch (\Exception $ex) { logger(\Fuel::L_ERROR, 'Warden authentication failed because an exception was thrown: ' . $ex->getMessage()); return false; } }
/** * Logs a user in. * * @param string $username_or_email * @param string $password * @param bool $remember * * @return bool * * @throws \Warden\Failure If lockable enabled & attempts exceeded */ public function authenticate_user($username_or_email, $password, $remember) { if (($user = \Model_User::authenticate($username_or_email, false, false)) && Warden::has_password($user, $password)) { if ($user->is_confirmation_required()) { throw new Failure('unconfirmed', array(), $user); } elseif ($user->is_access_locked()) { throw new Failure('locked'); } if ($remember === true && $this->config['rememberable']['in_use'] === true) { // Set token data $user->remember_token = Warden::forge()->generate_token(); // Set the remember-me cookie \Cookie::set($this->config['rememberable']['key'], $user->remember_token, $this->config['rememberable']['ttl'], null, null, null, true); } return $this->complete_login($user); } if (!is_null($user) && $this->config['lockable']['in_use'] === true) { $user->update_attempts(1); } // Login failed return false; }