Esempio n. 1
0
 public function handle(Request $request, Response $response, array $config)
 {
     $auth = \Gtm\Auth::getInstance();
     $auth->clearIdentity();
     $this->redirect('/', $request, $response);
     return;
 }
 /**
  * Sign user out and forward user to /login page. If the request is Ajax, then a json response with success = false
  * is echoed.
  * 
  * @param $request
  * @param $response
  * @param $isAjaxRequest
  * @return void
  */
 protected function forward($request, $response, $isAjaxRequest = false)
 {
     // sign out the user if logged in
     Auth::getInstance()->clearIdentity();
     // log the error
     Log::info(sprintf('Request(%s) from IP(%s) to URI(%s) is not allowed.', $_SERVER['REQUEST_METHOD'], $request->getClientIp(), $request->getRequestUri()));
     // if ajax request, return false in case client side wants to have specific processing of 'success = false'
     if ($isAjaxRequest) {
         echo json_encode(array('success' => false, 'url' => $request->getRequestUri()));
     } else {
         // send user to login page
         $this->redirect('/login', $request, $response);
     }
 }
Esempio n. 3
0
 public function handle(Request $request, Response $response, array $config)
 {
     $auth = Auth::getInstance();
     if ($auth->hasIdentity()) {
         $this->redirect(UserSettings::create()->getAfterLoginPage($auth->getUserId()), $request, $response);
         return;
     }
     if ($request->isPost()) {
         $post = $request->getPost();
         $form = new \Access\Forms\Login('loginform', __DIR__ . '/../View/Login.php');
         if ($form->isValid($post)) {
             $users = new Users();
             $username = $form->getValue('username');
             $user = $users->fetch('username', $username);
             if (!$user) {
                 $form->setError('username', 'Invalid login');
             } else {
                 if ((int) $user['is_active'] === 0) {
                     $form->setError('username', 'User account has not been activated');
                 } else {
                     if ((int) $user['is_locked'] === 1) {
                         $form->setError('username', 'This user account has been locked');
                     } else {
                         $user = $auth->authenticate($username, $form->getValue('password'));
                         if ($auth->hasIdentity()) {
                             $this->redirect(UserSettings::create()->getAfterLoginPage($auth->getUserId()), $request, $response);
                             return;
                         } else {
                             $form->setError('username', 'Login is not successful. Please try again.');
                         }
                     }
                 }
             }
         }
         $response->setBody($form->getHTML($form->getValues(), $form->getErrors()));
         return;
     }
     $view = new View(__DIR__ . '/../View');
     $response->setBody($view->render('login'));
 }
Esempio n. 4
0
 /**
  * Set allowed resources for the user.
  * 
  * @return void
  */
 protected function setAllowedResources()
 {
     $auth = Auth::getInstance();
     if ($auth->hasIdentity()) {
         $users = new Users();
         $user = $users->fetch('id', $auth->getUserId());
         if ($user !== false) {
             $perms = new Permissions();
             $this->resources = $perms->getAllowedResources($user['id']);
         }
         $this->user = $user;
     }
     $this->isEstablished = true;
 }