public function executeLogin()
{
$this->document()->title = t('Login');
$this->setLayout('login');
$this->setView('Login/default');
/** @var CMSBackendAuth $backendAuth */
$backendAuth = CMSBackendAuth::getInstance();
$comeback = $this->get('r');
$comeback = null != $comeback ? urldecode($comeback) : '/';
if ($backendAuth->isCMSBackendAuthenticated()) {
$this->redirect($comeback);
}
$display = $this->post('credential');
if (!$display) {
$display = Factory::getCookie()->read('username');
}
$languages = \Languages::getAllActiveLanguages('lang_code');
$error = array();
if ($this->request()->isPostRequest()) {
//check captcha first
$password = $this->post('password');
$credential = $this->post('credential');
//don't care display name
$chosen_lang = $this->post('language');
Factory::getCookie()->write('language', $chosen_lang);
/*$captcha = $this->post('captcha');*/
Factory::getCookie()->write('username', $credential);
/*if(Math::check($captcha)==false) {
$error[] = t('Sai rồi, tính nhẩm kém quá');
}*/
if (empty($error) && true === ($result = $backendAuth->authenticate($credential, $password))) {
//authenticated, redirect to pre-page
$this->redirect($comeback);
} else {
if (isset($result)) {
switch ($result) {
case CMSBackendAuth::ERROR_USER_NOT_ACCESS_ADMIN:
$error[] = t('Restricted area, no permission');
break;
case CMSBackendAuth::ERROR_CREDENTIAL_INVALID:
$error[] = t('Plz re-enter your email or your password');
break;
case CMSBackendAuth::ERROR_UNKNOWN_IDENTITY:
$error[] = t('Unknown identity');
break;
default:
$error[] = t('Login fail');
}
}
}
}
$this->view()->assign('display', $display);
$this->view()->assign('error', $error);
$this->view()->assign('current_lang', $this->currentLang ? $this->currentLang->getLangCode() : '');
$this->view()->assign('languages', $languages);
return $this->renderComponent();
}
/**
* @param bool $autoGen set auto generate token if not exist
* @return mixed|string
*/
public function getCsrfToken($autoGen = true)
{
$cookie = Factory::getCookie();
$token = $cookie->readSecure('csrf');
if (null == $token && $autoGen) {
$token = $this->_generateCsrfToken();
$cookie->writeSecure('csrf', $token, 7200);
}
return $token;
}
/**
* load languages
*/
private function _loadLanguage()
{
$i18nCfg = ConfigHandler::get('i18n');
if (!$i18nCfg['enable']) {
return null;
}
$current_lang_code = $this->get('lang');
if (!$current_lang_code) {
$current_lang_code = Factory::getCookie()->read('language');
}
if (!$current_lang_code) {
$this->currentLang = \Languages::retrieveByDefault(1);
$current_lang_code = $this->currentLang->getLangCode();
} else {
$this->currentLang = \Languages::retrieveByLangCode($current_lang_code);
}
if ($current_lang_code) {
Factory::getCookie()->write('language', $current_lang_code);
}
//load message
$translator = Translator::getInstance();
$translator->setLocale($current_lang_code);
if ($translator) {
$translator->addLoader('yml', new YamlFileLoader());
if (isset($i18nCfg['resource']) && is_array($i18nCfg['resource'])) {
foreach ($i18nCfg['resource'] as $locale => $files) {
for ($i = 0, $size = sizeof($files); $i < $size; ++$i) {
$fileInfo = new \SplFileInfo($files[$i]);
$filename = $fileInfo->getFilename();
$ext = $fileInfo->getExtension();
if ($ext == 'yml') {
$domain = str_replace('.' . $fileInfo->getExtension(), '', $fileInfo->getFilename());
$translator->addResource('yml', $files[$i], $locale, $domain);
}
}
}
}
}
}
private function _clearCookie()
{
Factory::getCookie()->writeSecure('auth', null, -100000);
}
/**
* Performs the CSRF validation.
* The default implementation will compare the CSRF token obtained
* from a cookie and from a POST field. If they are different, a CSRF attack is detected.
*/
public function validateCsrfToken()
{
if (($this->isPostRequest() || $this->isPutRequest() || $this->isDeleteRequest()) && !$this->isXmlHttpRequest()) {
$cookie = Factory::getCookie();
$token = $this->getCsrfToken(false);
$method = $this->getMethod();
if (!$token) {
return false;
}
$user_token_value = false;
switch ($method) {
case 'POST':
$user_token_value = $this->post($token, 'BOOLEAN', false);
break;
case 'PUT':
$user_token_value = $this->put($token, 'BOOLEAN', false);
break;
case 'DELETE':
$user_token_value = $this->delete($token, 'BOOLEAN', false);
}
return true === $user_token_value;
}
return true;
}
protected function _initLanguages()
{
$this->languages = \Languages::findByPublished(true);
if (sizeof($this->languages) < 2) {
$this->currentLang = $this->languages[0];
return;
}
$currentLangCode = $this->request()->get('lang');
if (!$currentLangCode) {
$currentLangCode = Factory::getCookie()->read('lang');
}
if (!$currentLangCode) {
$this->currentLang = \Languages::findOneByDefault(true);
$currentLangCode = $this->currentLang->getLangCode();
}
Factory::getCookie()->write('lang', $currentLangCode);
if (Factory::getRouter()->getUrl() == '/' && !$this->request()->get('lang')) {
$this->redirect($currentLangCode);
}
if (!$this->currentLang) {
$this->currentLang = \Languages::findOneByLangCode($currentLangCode);
}
$translator = Translator::getInstance();
$translator->setLocale($currentLangCode);
Cms::$currentLang = $this->currentLang;
}
