/**
* Returns the logged in user, or default user if not logged in
*
* @param \thebuggenie\core\framework\Request $request
* @param \thebuggenie\core\framework\Action $action
*
* @return \thebuggenie\core\entities\User
*/
public static function loginCheck(framework\Request $request, framework\Action $action)
{
try {
$authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction());
$user = null;
$external = false;
switch ($authentication_method) {
case framework\Action::AUTHENTICATION_METHOD_ELEVATED:
case framework\Action::AUTHENTICATION_METHOD_CORE:
$username = $request['tbg3_username'];
$password = $request['tbg3_password'];
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = $request['tbg3_elevated_password'];
}
$raw = true;
// If no username and password specified, check if we have a session that exists already
if ($username === null && $password === null) {
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$username = framework\Context::getRequest()->getCookie('tbg3_username');
$password = framework\Context::getRequest()->getCookie('tbg3_password');
$user = self::getB2DBTable()->getByUsername($username);
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password');
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
} else {
if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) {
framework\Context::setUser($user);
framework\Context::getRouting()->setCurrentRouteName('elevated_login_page');
throw new framework\exceptions\ElevatedLoginException('reenter');
}
}
} else {
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
}
}
if (!$user instanceof User) {
framework\Context::logout();
throw new \Exception('No such login');
}
}
}
// If we have authentication details, validate them
if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
$external = true;
framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$user = $mod->verifyLogin($username, $password);
} else {
$user = $mod->doLogin($username, $password);
}
if (!$user instanceof User) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
}
} catch (\Exception $e) {
throw $e;
}
} elseif (framework\Settings::isUsingExternalAuthenticationBackend()) {
$external = true;
framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
$user = $mod->doAutoLogin();
if ($user == false) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
} else {
if ($user == true) {
$user = null;
}
}
} catch (\Exception $e) {
throw $e;
}
} elseif ($username !== null && $password !== null && !$user instanceof User) {
$external = false;
framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO);
$user = self::getB2DBTable()->getByUsername($username);
if ($user instanceof User && !$user->hasPassword($password)) {
$user = null;
}
if (!$user instanceof User) {
framework\Context::logout();
}
}
break;
case framework\Action::AUTHENTICATION_METHOD_DUMMY:
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
break;
case framework\Action::AUTHENTICATION_METHOD_CLI:
$user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername());
break;
case framework\Action::AUTHENTICATION_METHOD_RSS_KEY:
$user = self::getB2DBTable()->getByRssKey($request['rsskey']);
break;
case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
$user = self::getB2DBTable()->getByUsername($request['api_username']);
if (!$user->authenticateApplicationPassword($request['api_token'])) {
$user = null;
}
break;
}
if ($user === null && !framework\Settings::isLoginRequired()) {
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
}
if ($user instanceof User) {
if (!$user->isActivated()) {
throw new \Exception('This account has not been activated yet');
} elseif (!$user->isEnabled()) {
throw new \Exception('This account has been suspended');
} elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) {
if (!framework\Settings::isRegistrationAllowed()) {
throw new \Exception('This account does not have access to this scope');
}
}
if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) {
$password = $user->getHashPassword();
if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) {
if ($request->getParameter('tbg3_rememberme')) {
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
} else {
framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
}
}
}
} elseif (framework\Settings::isLoginRequired()) {
throw new \Exception('Login required');
} else {
throw new \Exception('No such login');
}
} catch (\Exception $e) {
throw $e;
}
return $user;
}
<?php
}
?>
</div>
<?php
}
?>
</div>
<?php
if (\thebuggenie\core\framework\Settings::isOpenIDavailable()) {
?>
<?php
include_component('main/openidbuttons');
}
\thebuggenie\core\framework\Event::createNew('core', 'login_form_pane')->trigger(array_merge(array('selected_tab' => $selected_tab), $options));
if (\thebuggenie\core\framework\Settings::isRegistrationAllowed()) {
?>
<div style="text-align: center;" id="registration-button-container" class="logindiv login_button_container registration_button_container active">
<fieldset style="border: 0; border-top: 1px dotted rgba(0, 0, 0, 0.3); padding: 5px 100px; width: 100px; margin: 5px auto 0 auto;">
<legend style="text-align: center; width: 100%; background-color: transparent;"><?php
echo __('%login or %signup', array('%login' => '', '%signup' => ''));
?>
</legend>
</fieldset>
<a href="javascript:void(0);" id="create-account-button" onclick="$('register').addClassName('active');$('registration-button-container').removeClassName('active');$('regular_login_container').removeClassName('active');$('openid_container').removeClassName('active');"><?php
echo __('Create an account');
?>
</a>
</div>
<?php
include_component('main/loginregister', compact('registrationintro'));
