/** * * * @param bool $UserID * @throws Exception * @throws Gdn_UserException */ public function sso($UserID = false) { $this->permission('Garden.Users.Edit'); $ProviderModel = new Gdn_AuthenticationProviderModel(); $Form = new Gdn_Form(); if ($this->Request->isAuthenticatedPostBack()) { // Make sure everything has been posted. $Form->validateRule('ClientID', 'ValidateRequired'); $Form->validateRule('UniqueID', 'ValidateRequired'); if (!validateRequired($Form->getFormValue('Username')) && !validateRequired($Form->getFormValue('Email'))) { $Form->addError('Username or Email is required.'); } $Provider = $ProviderModel->getProviderByKey($Form->getFormValue('ClientID')); if (!$Provider) { $Form->addError(sprintf('%1$s "%2$s" not found.', t('Provider'), $Form->getFormValue('ClientID'))); } if ($Form->errorCount() > 0) { throw new Gdn_UserException($Form->errorString()); } // Grab the user. $User = false; if ($Email = $Form->getFormValue('Email')) { $User = Gdn::userModel()->GetByEmail($Email); } if (!$User && ($Username = $Form->getFormValue('Username'))) { $User = Gdn::userModel()->GetByUsername($Username); } if (!$User) { throw new Gdn_UserException(sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode()))), 404); } // Validate the user's password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->getFormValue('Password', null); if ($Password !== null && !$PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User))) { throw new Gdn_UserException(t('Invalid password.'), 401); } // Okay. We've gotten this far. Let's save the authentication. $User = (array) $User; Gdn::userModel()->saveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->getFormValue('ClientID'), 'UniqueID' => $Form->getFormValue('UniqueID'))); $Row = Gdn::userModel()->getAuthentication($Form->getFormValue('UniqueID'), $Form->getFormValue('ClientID')); if ($Row) { $this->setData('Result', $Row); } else { throw new Gdn_UserException(t('There was an error saving the data.')); } } else { $User = Gdn::userModel()->getID($UserID); if (!$User) { throw notFoundException('User'); } $Result = Gdn::sql()->select('ua.ProviderKey', '', 'ClientID')->select('ua.ForeignUserKey', '', 'UniqueID')->select('ua.UserID')->select('p.Name')->select('p.AuthenticationSchemeAlias', '', 'Type')->from('UserAuthentication ua')->join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->where('UserID', $UserID)->get()->resultArray(); $this->setData('Result', $Result); } $this->render('Blank', 'Utility', 'Dashboard'); }
/** * Request password reset. * * @access public * @since 2.0.0 */ public function PasswordRequest() { Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode())); if ($this->Form->IsPostBack() === TRUE) { $this->Form->ValidateRule('Email', 'ValidateRequired'); if ($this->Form->ErrorCount() == 0) { try { $Email = $this->Form->GetFormValue('Email'); if (!$this->UserModel->PasswordRequest($Email)) { $this->Form->SetValidationResults($this->UserModel->ValidationResults()); } } catch (Exception $ex) { $this->Form->AddError($ex->getMessage()); } if ($this->Form->ErrorCount() == 0) { $this->Form->AddError('Success!'); $this->View = 'passwordrequestsent'; } } else { if ($this->Form->ErrorCount() == 0) { $this->Form->AddError("Couldn't find an account associated with that email/username."); } } } $this->Render(); }
if (!defined('APPLICATION')) { exit; } ?> <div> <?php // Make sure to force this form to post to the correct place in case the view is // rendered within another view (ie. /dashboard/entry/index/): echo $this->Form->open(array('Action' => $this->data('FormUrl', url('/entry/signin')), 'id' => 'Form_User_SignIn')); echo $this->Form->errors(); ?> <ul> <li> <?php echo $this->Form->label(UserModel::SigninLabelCode(), 'Email'); echo $this->Form->textBox('Email', array('autofocus' => 'autofocus', 'autocorrect' => 'off', 'autocapitalize' => 'off', 'Wrap' => TRUE)); ?> </li> <li> <?php echo $this->Form->label('Password', 'Password'); echo $this->Form->Input('Password', 'password', array('class' => 'InputBox Password')); echo anchor(t('Forgot?'), '/entry/passwordrequest', 'ForgotPassword'); ?> </li> <li class="Buttons"> <?php echo $this->Form->button('Sign In', array('class' => 'Button Primary')); echo $this->Form->CheckBox('RememberMe', t('Keep me signed in'), array('value' => '1', 'id' => 'SignInRememberMe')); ?>
/** * Signin process that multiple authentication methods. * * @access public * @since 2.0.0 * @author Tim Gunter * * @param string $Method * @param array $Arg1 * @return string Rendered XHTML template. */ public function signIn($Method = false, $Arg1 = false) { if (!$this->Request->isPostBack()) { $this->checkOverride('SignIn', $this->target()); } Gdn::session()->ensureTransientKey(); $this->addJsFile('entry.js'); $this->setData('Title', t('Sign In')); $this->Form->addHidden('Target', $this->target()); $this->Form->addHidden('ClientHour', date('Y-m-d H:00')); // Use the server's current hour as a default. // Additional signin methods are set up with plugins. $Methods = array(); $this->setData('Methods', $Methods); $this->setData('FormUrl', url('entry/signin')); $this->fireEvent('SignIn'); if ($this->Form->isPostBack()) { $this->Form->validateRule('Email', 'ValidateRequired', sprintf(t('%s is required.'), t(UserModel::signinLabelCode()))); $this->Form->validateRule('Password', 'ValidateRequired'); if (!$this->Request->isAuthenticatedPostBack() && !c('Garden.Embed.Allow')) { $this->Form->addError('Please try again.'); } // Check the user. if ($this->Form->errorCount() == 0) { $Email = $this->Form->getFormValue('Email'); $User = Gdn::userModel()->GetByEmail($Email); if (!$User) { $User = Gdn::userModel()->GetByUsername($Email); } if (!$User) { $this->Form->addError('@' . sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode())))); Logger::event('signin_failure', Logger::INFO, '{signin} failed to sign in. User not found.', array('signin' => $Email)); } else { // Check the password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->getFormValue('Password'); try { $PasswordChecked = $PasswordHash->checkPassword($Password, val('Password', $User), val('HashMethod', $User)); // Rate limiting Gdn::userModel()->rateLimit($User, $PasswordChecked); if ($PasswordChecked) { // Update weak passwords $HashMethod = val('HashMethod', $User); if ($PasswordHash->Weak || $HashMethod && strcasecmp($HashMethod, 'Vanilla') != 0) { $Pw = $PasswordHash->hashPassword($Password); Gdn::userModel()->setField(val('UserID', $User), array('Password' => $Pw, 'HashMethod' => 'Vanilla')); } Gdn::session()->start(val('UserID', $User), true, (bool) $this->Form->getFormValue('RememberMe')); if (!Gdn::session()->checkPermission('Garden.SignIn.Allow')) { $this->Form->addError('ErrorPermission'); Gdn::session()->end(); } else { $ClientHour = $this->Form->getFormValue('ClientHour'); $HourOffset = Gdn::session()->User->HourOffset; if (is_numeric($ClientHour) && $ClientHour >= 0 && $ClientHour < 24) { $HourOffset = $ClientHour - date('G', time()); } if ($HourOffset != Gdn::session()->User->HourOffset) { Gdn::userModel()->setProperty(Gdn::session()->UserID, 'HourOffset', $HourOffset); } Gdn::userModel()->fireEvent('AfterSignIn'); $this->_setRedirect(); } } else { $this->Form->addError('Invalid password.'); Logger::event('signin_failure', Logger::WARNING, '{username} failed to sign in. Invalid password.', array('InsertName' => $User->Name)); } } catch (Gdn_UserException $Ex) { $this->Form->addError($Ex); } } } } else { if ($Target = $this->Request->get('Target')) { $this->Form->addHidden('Target', $Target); } $this->Form->setValue('RememberMe', true); } return $this->render(); }
/** * Request password reset. * * @access public * @since 2.0.0 */ public function PasswordRequest() { Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode())); if ($this->Form->IsPostBack() === TRUE) { $this->Form->ValidateRule('Email', 'ValidateRequired'); if ($this->Form->ErrorCount() == 0) { try { $Email = $this->Form->GetFormValue('Email'); if (!$this->UserModel->PasswordRequest($Email)) { $this->Form->SetValidationResults($this->UserModel->ValidationResults()); Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $Email)); } } catch (Exception $ex) { $this->Form->AddError($ex->getMessage()); } if ($this->Form->ErrorCount() == 0) { $this->Form->AddError('Success!'); $this->View = 'passwordrequestsent'; Logger::event('password_reset_request', Logger::INFO, '{Input} has been sent a password reset email.', array('Input' => $Email)); } } else { if ($this->Form->ErrorCount() == 0) { $this->Form->AddError("Couldn't find an account associated with that email/username."); Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $this->Form->GetValue('Email'))); } } } $this->Render(); }