public function indexAction()
{
Kwf_Auth::getInstance()->clearIdentity();
Kwf_User_Autologin::clearCookies();
Kwf_Session::destroy();
Kwf_Util_Redirect::redirect($this->_getParam('redirect'));
}
public static function processCookies()
{
if (isset($_COOKIE['feAutologin']) && !Kwf_Auth::getInstance()->getStorage()->read()) {
Kwf_Util_Https::ensureHttps();
$feAutologin = explode('.', $_COOKIE['feAutologin']);
if (count($feAutologin) == 2) {
$adapter = new Kwf_Auth_Adapter_PasswordAuth();
$adapter->setIdentity($feAutologin[0]);
$adapter->setCredential($feAutologin[1]);
$adapter->setUseCookieToken(true);
$auth = Kwf_Auth::getInstance();
$auth->clearIdentity();
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
self::clearCookies();
}
}
} else {
if (isset($_COOKIE['hasFeAutologin']) && !Kwf_Auth::getInstance()->getStorage()->read()) {
//feAutologin cookie is set with https-only (for security reasons)
//hasFeAutologin is seth without https-only
Kwf_Util_Https::ensureHttps();
}
}
}
private function _getAuthenticateResult($identity, $credential)
{
$adapter = new Kwf_Auth_Adapter_PasswordAuth();
$adapter->setIdentity($identity);
$adapter->setCredential($credential);
$auth = Kwf_Auth::getInstance();
$auth->clearIdentity();
return $auth->authenticate($adapter);
}
protected function _afterSave(Kwf_Model_Row_Interface $row)
{
parent::_afterSave($row);
$user = Kwf_Registry::get('userModel')->getAuthedUser();
$user->deleted = 1;
$user->save();
Kwf_Auth::getInstance()->clearIdentity();
Kwf_User_Autologin::clearCookies();
Kwf_Session::destroy();
}
public static function processCookies()
{
if (isset($_COOKIE['feAutologin']) && !Kwf_Auth::getInstance()->getStorage()->read()) {
$feAutologin = explode('.', $_COOKIE['feAutologin']);
if (count($feAutologin) == 2) {
$adapter = new Kwf_Auth_Adapter_PasswordAuth();
$adapter->setIdentity($feAutologin[0]);
$adapter->setCredential($feAutologin[1]);
$adapter->setUseCookieToken(true);
$auth = Kwf_Auth::getInstance();
$auth->clearIdentity();
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
self::clearCookies();
}
}
}
}
public function changeUserAction()
{
if (!$this->_getParam('email')) {
throw new Kwf_Exception_Client("email is required");
}
$select = self::_getSelect();
$select->whereEquals('email', $this->_getParam('email'));
$user = $this->_model->getRow($select);
if (!$user) {
throw new Kwf_Exception_AccessDenied();
}
$storage = Kwf_Auth::getInstance()->getStorage();
$loginData = $storage->read();
if (!isset($loginData['changeUserId'])) {
$loginData['changeUserId'] = $loginData['userId'];
}
$loginData['userId'] = $user->id;
$storage->write($loginData);
header('Location: /');
exit;
}
public static function getInstance()
{
if (null === self::$_instance) {
self::$_instance = new self();
// automatisches einloggen
$autologin = Zend_Registry::get('config')->autologin;
if ($autologin && Kwf_Setup::hasDb()) {
$storage = self::$_instance->getStorage();
$loginData = $storage->read();
if (!isset($loginData['userId']) || !$loginData['userId']) {
$userModel = Zend_Registry::get('userModel');
$r = $userModel->getRow($userModel->select()->whereEquals('email', $autologin));
if (!$r) {
$msg = "Autologin email '{$autologin}' does not exists";
throw new Kwf_Exception("autologin failed: {$msg}");
}
$loginData['userId'] = $r->id;
$storage->write($loginData);
}
}
}
return self::$_instance;
}
private function _login($username = null, $password = null)
{
if (is_null($username)) {
$username = $this->getRequest()->getParam('username');
}
if (is_null($password)) {
$password = $this->getRequest()->getParam('password');
}
$adapter = $this->_createAuthAdapter();
if (!$adapter instanceof Kwf_Auth_Adapter_PasswordAuth) {
throw new Kwf_Controller_Exception('_createAuthAdapter didn\'t return instance of Kwf_Auth_Adapter_PasswordAuth');
}
$auth = Kwf_Auth::getInstance();
$adapter->setIdentity($username);
$adapter->setCredential($password);
return $auth->authenticate($adapter);
}
protected function _afterSave($row)
{
$row = $this->_getParam('row');
$adapter = new Kwf_Auth_Adapter_PasswordAuth();
$auth = Kwf_Auth::getInstance();
$adapter->setIdentity($row->email);
$adapter->setCredential($row->password);
$result = $auth->authenticate($adapter);
if ($result->isValid()) {
$redirectUrl = '/' . ltrim($this->getRequest()->getPathInfo(), '/');
if ($this->_getParam('redirect') && substr($this->_getParam('redirect'), 0, 1) == '/') {
$redirectUrl = $this->_getParam('redirect');
}
$this->redirect($redirectUrl);
} else {
$errors = $this->getRequest()->getParam('formErrors');
foreach ($result->getMessages() as $msg) {
$errors[] = array('message' => $msg);
}
$this->getRequest()->setParam('formErrors', $errors);
$this->_showForm();
}
}
/**
* Check if user is logged in (faster than directly calling user model)
*
* Only asks user model (expensive) when there is something stored in the session
*
* @return boolean if user is logged in
*/
public static function hasAuthedUser()
{
static $benchmarkEnabled;
if (!isset($benchmarkEnabled)) {
$benchmarkEnabled = Kwf_Benchmark::isEnabled();
}
if ($benchmarkEnabled) {
$t = microtime(true);
}
if (!Zend_Session::isStarted() && !Zend_Session::sessionExists() && !Kwf_Config::getValue('autologin')) {
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: no session', microtime(true) - $t);
}
return false;
}
if (!Kwf_Auth::getInstance()->getStorage()->read()) {
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: storage empty', microtime(true) - $t);
}
return false;
}
$m = Kwf_Registry::get('userModel');
if (!$m) {
return false;
}
$ret = $m->hasAuthedUser();
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: asked model', microtime(true) - $t);
}
return $ret;
}
public function __construct($config = array())
{
$config['proxyModel'] = new Kwf_Model_FnF(array('columns' => array('id', 'name', 'email'), 'primaryKey' => 'id', 'data' => array(array('id' => 1, 'name' => 'User 1', 'email' => '*****@*****.**'))));
Kwf_Auth::getInstance()->getStorage()->write(array('userId' => 1));
parent::__construct($config);
}
public function changeUser($user)
{
$storage = Kwf_Auth::getInstance()->getStorage();
$loginData = $storage->read();
if (!isset($loginData['changeUserId'])) {
$loginData['changeUserId'] = $loginData['userId'];
}
$loginData['userId'] = $user->id;
$storage->write($loginData);
}
