/** * Re-routes traffic appropriately. * * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { parent::preDispatch($request); $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); // Perform authentication switch ($module) { case 'cms-admin': $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_admin')); if (!$auth->hasIdentity()) { $request->setControllerName('index'); $request->setActionName('login'); } break; case 'connect': $params = Zend_Registry::get('params'); $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_connect')); // Set the session expiry timeout time $sessionTimeOutSeconds = $params->connect->loginexpiry->sessionTimeOutSeconds; $session = new Zend_Session_Namespace('hl_connect'); $session->setExpirationSeconds($sessionTimeOutSeconds); if (!$auth->hasIdentity() && $action != 'lost-login' && $action != 'reset-password') { $request->setControllerName('index'); $request->setActionName('login'); } else { if ($auth->hasIdentity()) { // Ignore logout - for when redirecting back to login, and own account expiration/deactivated actions. if (!in_array($action, array('logout', 'account-deactivated', 'account-expired'))) { // Perform account validation checks and display an error message in // the event of... // - the account is deactivated // - the account expiry time from the last login has passed $user_status = $auth->getStorage()->read()->status; $user_lastlogindate = $auth->getStorage()->read()->lastlogindate; $userlevel = $auth->getStorage()->read()->level; $agentschemenumber = $auth->getStorage()->read()->agentschemeno; $fsastatusabbr = $auth->getStorage()->read()->fsastatusabbr; $agentAccountStatus = $auth->getStorage()->read()->agentAccountStatus; if ($agentAccountStatus == Model_Core_Agent_Status::ON_HOLD) { $request->setControllerName('index'); $request->setActionName('agent-fsa-nostatus'); } else { if ($user_status == 'deactivated') { // Deactivated, forward to new action to deal with deactivated users $request->setControllerName('index'); $request->setActionName('account-deactivated'); // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } else { if ($fsastatusabbr == null || $fsastatusabbr == '') { // Check FSA status. If the user is of level 3, display a message about their status // Otherwise display a generic error if ($userlevel == Model_Core_Agent_UserRole::MASTER) { $request->setControllerName('index'); $request->setActionName('agent-fsa-nostatus'); } else { $request->setControllerName('index'); $request->setActionName('account-deactivated'); } // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } else { if ($user_lastlogindate != '0000-00-00') { // Check account expiry $expiry = 0; if (@isset($params->connect->loginexpiry->time)) { $expiry = $params->connect->loginexpiry->time; } // Add x worth days as per configuration and convert the unix // timestamp to mysql date format for easy comparison below. $unixTimeStamp = strtotime("+{$expiry} day", strtotime($user_lastlogindate)); $permissableDate = date("Y-m-d", $unixTimeStamp); // If the current date is greater than the last login period // + x days, the account has not been used for x days and so // has expired if (date("Y-m-d") > $permissableDate) { //The user account is expired. Update the User entity to //reflect this. $userManager = new Manager_Core_Agent_User(); $user = $userManager->getUser($auth->getStorage()->read()->agentid); $user->status = Model_Core_Agent_UserStatus::DEACTIVATED; $userManager->setUser($user); // forward to new action to deal with expired user accounts $request->setControllerName('index'); $request->setActionName('account-expired'); // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } } } } } // Update the existing last login time in the database and the session data to the current date $agentid = $auth->getStorage()->read()->agentid; $currentdate = new Zend_Date(); $agentuser = new Datasource_Core_Agent_UserAccounts(); $agentuser->setLastLoginDate($currentdate, $agentid); $storage = $auth->getStorage(); $data = $storage->read(); $data->lastlogindate = $currentdate->get(Zend_Date::YEAR . '-' . Zend_Date::MONTH . '-' . Zend_Date::DAY); $storage->write($data); } } } break; case 'agent-admin-suite': $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_admin')); if (!$auth->hasIdentity()) { $request->setControllerName('index'); $request->setActionName('login'); } break; case 'landlords-referencing': // TODO: This is fairly dirty - it's excluding pages that we want to use in the CMS. // Could do with restructuring referencing at some point so the application process // isn't in the way for CMS pages if ($action != 'products' && $action != 'rent-guarantee-products') { $this->_referencingPreDespatch($request); } break; default: // Set default expiration seconds for homelet customer portal access $params = Zend_Registry::get('params'); $sessionTimeOutSeconds = $params->myhomelet->loginexpiry->sessionTimeOutSeconds; $session = new Zend_Session_Namespace('homelet_customer'); $session->setExpirationSeconds($sessionTimeOutSeconds); } $front = Zend_Controller_Front::getInstance(); // Check to see if this request is actually dispatchable if (!$this->_actionExists($request)) { // Is this a connect request? $module = $request->getModuleName(); if ($module == 'connect') { $request->setControllerName('index'); $request->setActionName('view-static-page'); } else { // Not a Connect request, into the CMS we go! $request->setModuleName('cms'); $request->setControllerName('index'); $request->setActionName('view-page'); } } // Set a custom layout route $layoutPath = APPLICATION_PATH . '/modules/' . $request->getModuleName() . '/layouts/scripts/'; Zend_Layout::getMvcInstance()->setLayoutPath($layoutPath); }
public function attemptLogin($loginForm) { $request = $this->getRequest(); $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_connect')); // We have post data from the login form - so attempt a login if ($loginForm->isValid($request->getPost())) { // The forms passed validation so we now need to check the identity of the user $adapter = $this->_getAuthAdapter($loginForm->getValues()); $result = $auth->authenticate($adapter); if (!$result->isValid()) { // Invalid credentials $loginForm->setDescription('Invalid credentials provided'); return false; } else { // Valid credentials - store the details we need from the database and move the user to the index page $storage = $auth->getStorage(); $resultRowObject = $adapter->getResultRowObject(array('agentid', 'username', 'realname', 'level', 'agentschemeno', 'STATUS', 'LASTLOGINDATE')); // Rewrite LASTLOGINDATE to lastlogindate $resultRowObject->lastlogindate = $resultRowObject->LASTLOGINDATE; unset($resultRowObject->LASTLOGINDATE); // Get correct status name from ID $agentuser = new Datasource_Core_Agent_UserAccounts(); $user = $agentuser->getUser($resultRowObject->agentid); $userstatus = new Model_Core_Agent_UserStatus(); $resultRowObject->status = strtolower($userstatus->toString($user->status)); unset($resultRowObject->STATUS); $agentManager = new Manager_Core_Agent(); try { $resultRowObject->fsastatusabbr = $agentManager->getFsaStatusCode($resultRowObject->agentschemeno); $agent = $agentManager->getAgent($resultRowObject->agentschemeno); $resultRowObject->agentAccountStatus = $agent->status; } catch (Exception $e) { // FSA Server is down so we can't currently log agent in $auth->clearIdentity(); return false; } // 'level' is not mapped in the DB to the correct framework // constants, do so now. // TODO: Fix this so it's not having to mess with // translating raw legacy DB values switch ($resultRowObject->level) { case 1: $resultRowObject->level = Model_Core_Agent_UserRole::BASIC; break; case 3: $resultRowObject->level = Model_Core_Agent_UserRole::MASTER; break; } // Detect if agent exists in IRIS // If the agent has decommission_in_hrt_at set in newagents then this means agent exists in IRIS $resultRowObject->isInIris = false; if ($agent->decommissionInHrtAt) { $resultRowObject->isInIris = true; } // If this is an IRIS agent, try to authenticate them if ($resultRowObject->isInIris) { /** @var \Iris\Authentication\Authentication $irisAuthentication */ $irisAuthentication = \Zend_Registry::get('iris_container')->get('iris.authentication'); $authenticationParams = $loginForm->getValues(); $authenticateAgent = $irisAuthentication->authenticateAgent($authenticationParams['agentschemeno'], $authenticationParams['username'], $authenticationParams['password']); if (false === $authenticateAgent) { $auth->clearIdentity(); $loginForm->setDescription('Failed to login to referencing system'); return false; } $resultRowObject->agentBranchUuid = $authenticateAgent->getAgentBranchUuid(); $resultRowObject->canPerformReferencing = true; if ($agent->hasProductAvailabilityMapping) { // Determine if this agent can use referencing /** @var \Guzzle\Common\Collection $products */ $products = \Zend_Registry::get('iris_container')->get('iris.product')->getProducts(1, 1); // If the product count is greater than zero then the agent can perform referencing $resultRowObject->canPerformReferencing = $products->count() > 0; } } $resultRowObject->agentsRateID = $agent->agentsRateID; $storage->write($resultRowObject); return true; } } }