public function handle(Request $request, Response $response, array $config)
{
$auth = \Gtm\Auth::getInstance();
$auth->clearIdentity();
$this->redirect('/', $request, $response);
return;
}
/**
* Sign user out and forward user to /login page. If the request is Ajax, then a json response with success = false
* is echoed.
*
* @param $request
* @param $response
* @param $isAjaxRequest
* @return void
*/
protected function forward($request, $response, $isAjaxRequest = false)
{
// sign out the user if logged in
Auth::getInstance()->clearIdentity();
// log the error
Log::info(sprintf('Request(%s) from IP(%s) to URI(%s) is not allowed.', $_SERVER['REQUEST_METHOD'], $request->getClientIp(), $request->getRequestUri()));
// if ajax request, return false in case client side wants to have specific processing of 'success = false'
if ($isAjaxRequest) {
echo json_encode(array('success' => false, 'url' => $request->getRequestUri()));
} else {
// send user to login page
$this->redirect('/login', $request, $response);
}
}
public function handle(Request $request, Response $response, array $config)
{
$auth = Auth::getInstance();
if ($auth->hasIdentity()) {
$this->redirect(UserSettings::create()->getAfterLoginPage($auth->getUserId()), $request, $response);
return;
}
if ($request->isPost()) {
$post = $request->getPost();
$form = new \Access\Forms\Login('loginform', __DIR__ . '/../View/Login.php');
if ($form->isValid($post)) {
$users = new Users();
$username = $form->getValue('username');
$user = $users->fetch('username', $username);
if (!$user) {
$form->setError('username', 'Invalid login');
} else {
if ((int) $user['is_active'] === 0) {
$form->setError('username', 'User account has not been activated');
} else {
if ((int) $user['is_locked'] === 1) {
$form->setError('username', 'This user account has been locked');
} else {
$user = $auth->authenticate($username, $form->getValue('password'));
if ($auth->hasIdentity()) {
$this->redirect(UserSettings::create()->getAfterLoginPage($auth->getUserId()), $request, $response);
return;
} else {
$form->setError('username', 'Login is not successful. Please try again.');
}
}
}
}
}
$response->setBody($form->getHTML($form->getValues(), $form->getErrors()));
return;
}
$view = new View(__DIR__ . '/../View');
$response->setBody($view->render('login'));
}
/**
* Set allowed resources for the user.
*
* @return void
*/
protected function setAllowedResources()
{
$auth = Auth::getInstance();
if ($auth->hasIdentity()) {
$users = new Users();
$user = $users->fetch('id', $auth->getUserId());
if ($user !== false) {
$perms = new Permissions();
$this->resources = $perms->getAllowedResources($user['id']);
}
$this->user = $user;
}
$this->isEstablished = true;
}