コード例 #1
0
ファイル: riverid.php プロジェクト: rukku/SwiftRiver
 /**
  * Logs a user in.
  *
  * @param   string   email
  * @param   string   password
  * @param   boolean  enable autologin
  * @return  boolean
  */
 protected function _login($email, $password, $remember)
 {
     $riverid_api = RiverID_API::instance();
     // Fallback to local auth if user is in the exemption list
     if (in_array($email, Kohana::$config->load('auth.exempt'))) {
         return parent::_login($email, $password, $remember);
     }
     // Check if the email is registered on RiverID
     if ($riverid_api->is_registered($email)) {
         // Success! Proceed to sign in into RiverID
         $login_response = $riverid_api->signin($email, $password);
         if ($login_response and $login_response['status']) {
             // Get the user object that matches the provided email and RiverID
             $user = ORM::factory('user')->where('email', '=', $email)->where('riverid', '=', $login_response['user_id'])->find();
             // User does not exist locally but authenticates via RiverID, create user
             if (!$user->loaded()) {
                 // Check if the email is already registered locally
                 // If so, this will simply append a riverid
                 $user = ORM::factory('user')->where('email', '=', $email)->find();
                 // Only auto register if the site allows it
                 if (!(bool) Model_Setting::get_setting('public_registration_enabled') and !$user->loaded()) {
                     return FALSE;
                 }
                 $user->username = $user->email = $email;
                 $user->riverid = $login_response['user_id'];
                 $user->save();
                 // Allow the user be able to login immediately
                 $login_role = ORM::factory('role', array('name' => 'login'));
                 if (!$user->has('roles', $login_role)) {
                     $user->add('roles', $login_role);
                 }
             }
             // User exists locally and authenticates via RiverID so complete the login
             if ($user->has('roles', ORM::factory('role', array('name' => 'login')))) {
                 if ($remember === TRUE) {
                     // Token data
                     $data = array('user_id' => $user->id, 'expires' => time() + $this->_config['lifetime'], 'user_agent' => sha1(Request::$user_agent));
                     // Create a new autologin token
                     $token = ORM::factory('user_token')->values($data)->create();
                     // Set the autologin cookie
                     Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
                 }
                 // Finish the login
                 $this->complete_login($user);
                 return TRUE;
             }
         }
     }
     return FALSE;
 }
コード例 #2
0
ファイル: login.php プロジェクト: rukku/SwiftRiver
 /**
  * Change email address
  * 
  * @return void
  */
 public function action_changeemail()
 {
     $this->template->content = View::factory('pages/login/landing');
     $this->template->header->meta = '<meta HTTP-EQUIV="REFRESH" content="5; url=' . URL::site() . '">';
     // Force logout
     Auth::instance()->logout();
     $session = Session::instance();
     $old_email = $this->request->param('old_email');
     $new_email = $this->request->param('new_email');
     $token = $this->request->param('token');
     $user = ORM::factory('user', array('email' => $old_email));
     if ($this->riverid_auth) {
         $riverid_api = RiverID_API::instance();
         $resp = $riverid_api->confirm_email($new_email, $token);
         if (!$resp['status']) {
             $errors = array($resp['error']);
         }
     } else {
         $token = Model_Auth_Token::get_token($token, 'change_email');
         if ($token) {
             $data = json_decode($token->data);
             $token->delete();
             if ($new_email != $data->new_email or $old_email != $data->old_email) {
                 // The emails in the request does not match
                 // the emails in the token
                 $errors = array(__('Invalid email'));
             }
         } else {
             $errors = array(__('Error'));
         }
     }
     if (empty($errors)) {
         // Email change was validated, make the change to the user object
         $user->email = $user->username = $new_email;
         $user->save();
         // Auto login
         Auth::instance()->force_login($user);
         $this->template->content->messages = array(__('Email changed successfully.'));
     } else {
         $this->template->content->errors = $errors;
     }
 }
コード例 #3
0
ファイル: user.php プロジェクト: rukku/SwiftRiver
 /**
  * Send a river id password reset request
  *
  */
 private static function password_reset_riverid($email)
 {
     $riverid_api = RiverID_API::instance();
     $mail_body = View::factory('emails/resetpassword')->bind('secret_url', $secret_url);
     $secret_url = url::site('login/reset/' . urlencode($email) . '/%token%', TRUE, TRUE);
     $site_email = Kohana::$config->load('useradmin.email_address');
     $mail_subject = __(':sitename: Password Reset', array(':sitename' => Model_Setting::get_setting('site_name')));
     $response = $riverid_api->request_password($email, $mail_body, $mail_subject, $site_email);
     $ret = array();
     if ($response['status']) {
         $ret['messages'] = array(__('An email has been sent with instructions to complete the password reset process.'));
     } else {
         $ret['errors'] = array($response['error']);
     }
     return $ret;
 }
コード例 #4
0
ファイル: user.php プロジェクト: rukku/SwiftRiver
 private function _update_settings()
 {
     // Validate current password
     $validated = FALSE;
     $current_password = $_POST['current_password'];
     if ($this->riverid_auth) {
         $response = RiverID_API::instance()->signin($this->user->email, $_POST['current_password']);
         $validated = ($response and $response['status']);
     } else {
         $validated = Auth::instance()->hash($current_password) == $this->user->password;
     }
     if (!$validated) {
         $this->errors = __('Current password is incorrect');
         return;
     }
     $messages = array();
     // Password is changing and we are using RiverID authentication
     if (!empty($_POST['password']) or !empty($_POST['password_confirm'])) {
         $post = Model_Auth_User::get_password_validation($_POST);
         if (!$post->check()) {
             $this->errors = $post->errors('user');
             return;
         }
         // Are we using RiverID?
         if ($this->riverid_auth) {
             $resp = RiverID_API::instance()->change_password($this->user->email, $_POST['current_password'], $_POST['password']);
             if (!$resp['status']) {
                 $this->errors = $resp['error'];
                 return;
             }
             // For API calls below, use this new password
             $current_password = $_POST['password'];
             unset($_POST['password'], $_POST['password_confirm']);
         }
     }
     // Email address is changing
     if ($_POST['email'] != $this->user->email) {
         $new_email = $_POST['email'];
         if (!Valid::email($new_email)) {
             $this->errors = __('Invalid email address');
             return;
         }
         if ($this->riverid_auth) {
             // RiverID email change process
             $mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
             $secret_url = url::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/%token%', TRUE, TRUE);
             $site_email = Kohana::$config->load('useradmin.email_address');
             $mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
             $resp = RiverID_API::instance()->change_email($this->user->email, $new_email, $current_password, $mail_body, $mail_subject, $site_email);
             if (!$resp['status']) {
                 $this->errors = $resp['error'];
                 return;
             }
         } else {
             // Make sure the new email address is not yet registered
             $user = ORM::factory('user', array('email' => $new_email));
             if ($user->loaded()) {
                 $this->errors = __('The new email address has already been registered');
                 return;
             }
             $auth_token = Model_Auth_Token::create_token('change_email', array('new_email' => $new_email, 'old_email' => $this->user->email));
             if ($auth_token->loaded()) {
                 // Send an email with a secret token URL
                 $mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
                 $secret_url = URL::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/' . $auth_token->token, TRUE, TRUE);
                 // Send email to the user using the new address
                 $mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
                 Swiftriver_Mail::send($new_email, $mail_subject, $mail_body);
             } else {
                 $this->errors = __('Error');
                 return;
             }
             $messages[] = __("A confirmation email has been sent to :email", array(':email' => $new_email));
         }
         // Don't change email address immediately.
         // Only do so after the tokens sent above are validated
         unset($_POST['email']);
     }
     // END if - email address change
     // Nickname is changing
     if ($_POST['nickname'] != $this->user->account->account_path) {
         $nickname = $_POST['nickname'];
         // Make sure the account path is not already taken
         $account = ORM::factory('account', array('account_path' => $nickname));
         if ($account->loaded()) {
             $this->errors = __('Nickname is already taken');
             return;
         }
         // Update
         $this->user->account->account_path = $nickname;
         $this->user->account->save();
     }
     $this->user->update_user($_POST, array('name', 'password', 'email'));
     $messages[] = __("Account settings were saved successfully.");
     Session::instance()->set("messages", $messages);
     $this->request->redirect(URL::site($this->user->account->account_path . '/settings'));
 }