public function __beforeAction() { // User authentication $user_model = new User_Model(); User_Model::$auth_status = User_Model::AUTH_STATUS_NOT_LOGGED; // Authentication by post if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; try { if (!preg_match('#^[a-z0-9-]+$#', $username)) { throw new Exception('Invalid username'); } if ($user_model->authenticate($username, $password)) { User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED; // Write session and cookie to remember sign-in Cookie::write('login', Encryption::encode($username . ':' . $password), 60 * 24 * 3600); Session::write('username', $username); } else { throw new Exception('Bad username or password'); } } catch (Exception $e) { User_Model::$auth_status = User_Model::AUTH_STATUS_BAD_USERNAME_OR_PASSWORD; Cookie::delete('login'); Session::delete('username'); } } else { // Authentication by session if (($username = Session::read('username')) !== null) { try { $user_model->loadUser($username); User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED; } catch (Exception $e) { Session::delete('username'); Cookie::delete('login'); } // Authentication by cookies } else { if (($login = Cookie::read('login')) !== null) { try { if (isset($login) && ($login = Encryption::decode($login))) { $login = explode(':', $login); $username = $login[0]; if (!preg_match('#^[a-z0-9-]+$#', $username)) { throw new Exception('Invalid username'); } array_splice($login, 0, 1); $password = implode(':', $login); if ($user_model->authenticate($username, $password)) { User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED; // Write session to remember sign-in Session::write('username', $username); } else { throw new Exception('Bad username or password'); } } else { throw new Exception('Invalid user cookie'); } } catch (Exception $e) { Cookie::delete('login'); } } } } }
/** * Verifica se o usuário está autenticado. * * @return boolean Verdadeiro caso o usuário esteja autenticado */ public function loggedIn() { if (is_null($this->loggedIn)) { $user = Cookie::read("user_id"); $password = Cookie::read("password"); if (!is_null($user) && !is_null($password)) { $user = $this->identify(array($this->fields["id"] => $user, $this->fields["password"] => $password)); $this->loggedIn = !empty($user); } else { $this->loggedIn = false; } } return $this->loggedIn; }
function current_timezone() { return Cookie::read('anchor-install-timezone', 0) * 3600; }