/**
  * Signs in the user on the application.
  *
  * @param sfGuardUser $user The sfGuardUser id
  * @param boolean $remember Whether or not to remember the user
  * @param Doctrine_Connection $con A Doctrine_Connection object
  */
 public function signIn($user, $auth_key = null, $con = null)
 {
     // signin
     $this->setApiUserid($user->getId());
     $this->setAuthenticated(true);
     $this->clearCredentials();
     $this->addCredentials($user->getAllPermissionNames());
     // save last login
     $user->setLastLogin(date('Y-m-d H:i:s'));
     $user->save($con);
     // Set login messages
     $message = array();
     foreach ($user->getUndisplayedLoginMessages() as $message) {
         $messages[] = $message->getMessage();
         $message->setDisplayed(true);
         $message->save();
     }
     if (count($message) > 0) {
         $this->setFlash('login', $messages);
     }
     // remember?
     if ($auth_key) {
         $this->setApiAuthkey($auth_key);
         $api_key = sfConfig::get('app_web_app_api_key');
         $api = ApiKeyTable::getInstance()->findOneBy('api_key', $api_key);
         $auth_key = sfGuardUserAuthKeyTable::getInstance()->getMostRecentValidByApiKeyIdAndAuthKey($api->getIncremented(), $auth_key);
         $expires = strtotime($auth_key->getExpiresAt());
         // make key as a cookie
         $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
         sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $auth_key->getAuthKey(), $expires);
     }
 }
 /**
  * Signs in the user on the application.
  *
  * @param sfGuardUser $user The sfGuardUser id
  * @param boolean $remember Whether or not to remember the user
  * @param Doctrine_Connection $con A Doctrine_Connection object
  */
 public function signIn($user, $remember = false, $con = null)
 {
     // signin
     $this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser');
     $this->setAuthenticated(true);
     $this->clearCredentials();
     $this->addCredentials($user->getAllPermissionNames());
     // save last login
     $user->setLastLogin(date('Y-m-d H:i:s'));
     $user->save($con);
     // remember?
     if ($remember) {
         $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600);
         // remove old keys
         Doctrine_Core::getTable('sfGuardRememberKey')->createQuery()->delete()->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age))->execute();
         // remove other keys from this user
         Doctrine_Core::getTable('sfGuardRememberKey')->createQuery()->delete()->where('user_id = ?', $user->getId())->execute();
         // generate new keys
         $key = $this->generateRandomKey();
         // save key
         $rk = new sfGuardRememberKey();
         $rk->setRememberKey($key);
         $rk->setUser($user);
         $rk->setIpAddress($_SERVER['REMOTE_ADDR']);
         $rk->save($con);
         // make key as a cookie
         $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
         //My remember cookie MUST depend on the path and in the future it will on the domain as well.
         //FIXME: WHEN HAVING A DOMAIN TO ADD IT HERE AS WELL!!!!
         //       AND THE CONFIGURATION PARAMETER ON /config/app.yml!!!!
         $path = sfConfig::get('app_sf_guard_plugin_remember_cookie_path', '/');
         sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age, $path);
     }
 }
 /**
  * Signs in the user on the application.
  *
  * @param sfGuardUser $user The sfGuardUser id
  * @param boolean $remember Whether or not to remember the user
  * @param Doctrine_Connection $con A Doctrine_Connection object
  */
 public function signIn($user, $remember = false, $con = null)
 {
     // signin
     $this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser');
     $this->setAuthenticated(true);
     $this->clearCredentials();
     $this->addCredentials($user->getAllPermissionNames());
     // save last login
     $user->setLastLogin(date('Y-m-d H:i:s'));
     $user->save($con);
     // remember?
     if ($remember) {
         $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600);
         // remove old keys
         Doctrine::getTable('sfGuardRememberKey')->createQuery()->delete()->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age))->execute();
         // remove other keys from this user
         Doctrine::getTable('sfGuardRememberKey')->createQuery()->delete()->where('user_id = ?', $user->getId())->execute();
         // generate new keys
         $key = $this->generateRandomKey();
         // save key
         $rk = new sfGuardRememberKey();
         $rk->setRememberKey($key);
         $rk->setsfGuardUser($user);
         $rk->setIpAddress($_SERVER['REMOTE_ADDR']);
         $rk->save($con);
         // make key as a cookie
         $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
         sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age);
     }
 }
Esempio n. 4
0
 public function executeJoin($request)
 {
     $userParams = $request->getParameter('user');
     $this->is_invited = false;
     $this->group = $request->getParameter('group');
     if ($this->group && $this->getUser()->isAuthenticated()) {
         $this->redirect('@groupView?name=' . $this->group);
     }
     //if there's an invitation code supplied, it should match an invitation generated by an invite
     if ($code = $request->getParameter('code')) {
         $profile = Doctrine_Query::create()->from('sfGuardUserProfile p')->where('p.invitation_code = ?', $code)->fetchOne();
         if ($profile) {
             $this->is_invited = true;
         }
     }
     if (!$this->is_invited) {
         $profile = new sfGuardUserProfile();
     }
     //if a network name is supplied
     if ($network_name = $request->getParameter('network')) {
         if ($network = LsListTable::getNetworkByDisplayName($network_name)) {
             $profile->home_network_id = $network["id"];
         }
     }
     $this->user_form = new UserJoinForm($profile);
     $this->profile = $profile;
     //if form is posted, validate
     if ($request->isMethod('post')) {
         //bind request params to form
         $captcha = array('recaptcha_challenge_field' => $request->getParameter('recaptcha_challenge_field'), 'recaptcha_response_field' => $request->getParameter('recaptcha_response_field'));
         $userParams = array_merge($userParams, array('captcha' => $captcha));
         $this->user_form->bind($userParams);
         //if public_name is valid, check that it's unique
         $errors = $this->user_form->getErrorSchema()->getErrors();
         if (!isset($errors['public_name'])) {
             $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('p.public_name LIKE ?', $userParams['public_name']);
             if (in_array($userParams['public_name'], sfGuardUserProfileTable::$prohibitedPublicNames) || $q->count()) {
                 $validatorSchema = $this->user_form->getValidatorSchema();
                 $validatorSchema['public_name']->setMessage('invalid', 'Sorry, the public name you chose is already taken!');
                 $this->user_form->getErrorSchema()->addError(new sfValidatorError($validatorSchema['public_name'], 'invalid'), 'public_name');
             }
         }
         //look for user with duplicate email
         $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('REPLACE(p.email, \'.\', \'\') = REPLACE(?, \'.\', \'\')', $userParams['email']);
         //if user was invited, the duplicate user shouldn't have the same code
         //if ($code)
         //{
         //  $q->addWhere('p.invitation_code <> ?', $code);
         //}
         if ($q->count()) {
             $request->setError('email', 'There is already a user with that email');
         }
         //proceed if there are no errors
         if ($this->user_form->isValid() && !$request->hasErrors()) {
             //if user is invited, consider user confirmed
             if ($this->is_invited) {
                 $user = $profile->User;
                 $user->is_active = true;
                 $profile->invitation_code = null;
                 $profile->is_visible = true;
                 $profile->is_confirmed = true;
             } else {
                 $user = new sfGuardUser();
                 //auto-approve?
                 $user->is_active = sfConfig::get('app_accounts_auto_approve') ? true : false;
             }
             $db = Doctrine_Manager::connection();
             try {
                 $db->beginTransaction();
                 //save submitted email as password
                 $user->username = $userParams['email'];
                 $user->algorithm = 'sha1';
                 $user->setPassword($userParams['password1']);
                 if (!$user->hasPermission('contributor')) {
                     $user->addPermissionByName('contributor');
                 }
                 if (!$user->hasPermission('editor')) {
                     $user->addPermissionByName('editor');
                 }
                 $user->save();
                 //save submitted profile fields
                 $profile->user_id = $user->id;
                 $profile->name_first = $userParams['name_first'];
                 $profile->name_last = $userParams['name_last'];
                 $profile->email = $userParams['email'];
                 $profile->reason = $userParams['reason'];
                 $profile->analyst_reason = $userParams['analyst_reason'];
                 $profile->public_name = $userParams['public_name'];
                 $profile->home_network_id = $userParams['home_network_id'];
                 //if not invited, generate code for email confirmation
                 if (!$this->is_invited) {
                     $code = substr(sha1($profile->email . time()), 0, 20);
                     $profile->confirmation_code = $code;
                 }
                 $profile->save();
                 //add user to group, if requested
                 if ($this->group) {
                     $db = Doctrine_Manager::connection();
                     $sql = 'SELECT id FROM sf_guard_group WHERE name = ?';
                     $stmt = $db->execute($sql, array($this->group));
                     if ($groupId = $stmt->fetch(PDO::FETCH_COLUMN)) {
                         $ug = new sfGuardUserGroup();
                         $ug->user_id = $user->id;
                         $ug->group_id = $groupId;
                         $ug->is_owner = 0;
                         $ug->save();
                     }
                 }
                 //send email to notify administrator of new account creation
                 $mailBody = $this->getPartial('accountcreatenotify', array('user' => $user, 'analyst' => $userParams['analyst_reason'], 'group' => $this->group));
                 if ($this->is_invited) {
                     $subject = 'LittleSis account invitation accepted by ' . $userParams['name_first'] . ' ' . $userParams['name_last'];
                 } else {
                     $subject = 'LittleSis account ' . ($user->is_active ? 'created' : 'requested') . ' by ' . $userParams['name_first'] . ' ' . $userParams['name_last'];
                 }
                 $mailer = new Swift(new Swift_Connection_NativeMail());
                 $message = new Swift_Message($subject, $mailBody, 'text/plain');
                 $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name'));
                 $mailer->send($message, sfConfig::get('app_mail_join_sender_address'), $address);
                 $mailer->disconnect();
                 //notify user that the account has been created/requested
                 $subject = $user->is_active ? 'Welcome to LittleSis!' : 'Your request to become a LittleSis analyst';
                 $mailBody = $this->getPartial($user->is_active ? 'accountcreatereceipt' : 'accountrequestreceipt', array('user' => $user, 'password' => $userParams['password1'], 'is_invited' => $this->is_invited));
                 $mailer = new Swift(new Swift_Connection_NativeMail());
                 $message = new Swift_Message('Welcome to LittleSis!', $mailBody, 'text/plain');
                 $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name'));
                 $mailer->send($message, $profile->email, $address);
                 $mailer->disconnect();
                 //if invited, sign in user and record login time
                 if ($this->is_invited) {
                     // signin user
                     $this->getUser()->setAttribute('user_id', $user->id, 'sfGuardSecurityUser');
                     $this->getUser()->setAuthenticated(true);
                     $this->getUser()->clearCredentials();
                     $this->getUser()->addCredentials($user->getAllPermissionNames());
                     // save last login
                     $user->last_login = date('Y-m-d H:i:s');
                     $user->save();
                 }
                 //commit changes
                 $db->commit();
             } catch (Exception $e) {
                 $db->rollback();
                 throw $e;
             }
             //redirect to requested or joined page
             if ($user->is_active) {
                 $this->redirect('home/joined' . ($this->is_invited ? '?conf=1' : ''));
             } else {
                 $this->redirect('home/requested');
             }
         }
     }
 }