/** * Automatically logs users in who have a valid rememberme cookie * * @param $filterChain */ public function execute($filterChain) { if ($this->getContext()->getUser()->isAuthenticated()) { return $filterChain->execute(); } if ($this->isFirstCall()) { if ($userId = CustomAuth::isRememberMeCookieValid()) { $userToLogin = PcUserPeer::retrieveByPk($userId); CustomAuth::login($this->getContext()->getUser(), $userToLogin, true, true); } } $filterChain->execute(); }
/** * Executes index action * * @param sfRequest $request A request object */ public function executeLogin(sfWebRequest $request) { // In theory, an authenticated user shouldn't request this action. // But there could be a problem with the forum integration: a user could be logged in // on Plancake but logged out on the forum so it is better to be easy and don't // uncomment the following PcUtils::redirectLoggedInUser($this->getUser(), $this); $this->form = new LoginForm(array('return-url' => $request->getParameter('return-url'))); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('login')); if ($this->form->isValid()) { $fields = $request->getParameter('login'); if ($user = PcUserPeer::isCorrectAuthentication($fields['email'], $fields['password'])) { // WOW : correct authentication... // ...but we still need to check whether the user is awaiting activation if ($user->getAwaitingActivation()) { PcWatchdog::alert('Still awaiting activation', 'For the user ' . $user->getId()); $this->forward('customAuth', 'stillAwaitingActivation'); } if ($user->getBlocked()) { $this->forward('customAuth', 'accountBlocked'); } $loginSuccess = CustomAuth::login($this->getUser(), $user, isset($fields['rememberme'])); if ($loginSuccess) { if (isset($fields['return-url']) && strlen($fields['return-url']) > 0) { $this->redirect($fields['return-url']); } else { PcUtils::redirectToApp($this); } } else { $this->getUser()->setFlash('login_wrong_auth', __('WEBSITE_LOGIN_ACCOUNT_LOCKED_ERROR')); } } else { $registrationLink = sfContext::getInstance()->getController()->genUrl('@registration'); $passwordForgottenLink = sfContext::getInstance()->getController()->genUrl('@forgotten-password'); if (!PcUserPeer::emailExist($fields['email'])) { $this->getUser()->setFlash('login_wrong_auth', sprintf(__('WEBSITE_LOGIN_EMAIL_NOT_REGISTERED_ERROR'), $registrationLink)); } else { if ($isAttack = CustomAuth::checkAgainstBruteForceAttack($fields['email'])) { $this->getUser()->setFlash('login_wrong_auth', __('WEBSITE_LOGIN_ACCOUNT_LOCKED_ERROR')); } else { $this->getUser()->setFlash('login_wrong_auth', sprintf(__('WEBSITE_LOGIN_DETAILS_ERROR'), $passwordForgottenLink)); } } } } } }
* Licensed under the AGPL version 3 license. * * * Danyuki Software Limited is registered in England and Wales (Company No. 07554549) * ************************************************************************************** * Plancake is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU Affero General Public License for more details. * * * * You should have received a copy of the GNU Affero General Public License * * along with this program. If not, see <http://www.gnu.org/licenses/>. * * * **************************************************************************************/ require_once dirname(__FILE__) . '/../../config/ProjectConfiguration.class.php'; $configuration = ProjectConfiguration::getApplicationConfiguration('account', 'prod', false); $context = sfContext::createInstance($configuration); $consumer = new PlancakeOpenIdConsumer(PlancakeOpenIdConsumer::PROVIDER_GOOGLE, 'http://www.plancake.com/openIdEndpoints/googleReceiveLogin.php', PlancakeOpenIdConsumer::MODE_LOGIN); $consumer->receive($data); $email = $data['http://axschema.org/contact/email'][0]; if (PcUserPeer::emailExist($email)) { $userToLogin = PcUserPeer::retrieveByEmailAddress($email); CustomAuth::login($context->getUser(), $userToLogin, false, false); if (PcUtils::isMobileBrowser()) { $redirectUrl = 'https://' . sfConfig::get('app_site_url') . "/account.php/mobile"; } else { $redirectUrl = 'http://' . sfConfig::get('app_site_url') . "/account.php"; } } else { $encodedEmail = urlencode($email); $redirectUrl = 'http://' . sfConfig::get('app_site_url') . "/openIdWrongLogin?input_email={$encodedEmail}"; } header("Location: {$redirectUrl}");