/** * Set user as a current if they are valid * * @param PFUser $user * @throws User_StatusDeletedException * @throws User_StatusSuspendedException * @throws User_StatusInvalidException * @throws User_StatusPendingException * @throws User_PasswordExpiredException */ public function validateAndSetCurrentUser(PFUser $user) { $status_manager = new User_UserStatusManager(); $status_manager->checkStatus($user); $this->password_expiration_checker->checkPasswordLifetime($user); $this->user_manager->setCurrentUser($user); }
/** * Check URL is valid and redirect to the right host/url if needed. * * Force SSL mode if required except if request comes from localhost, or for api scripts * * Limit responsability of each method for sake of simplicity. For instance: * getRedirectionURL will not check all the server name or script name details * (localhost, api, etc). It only cares about generating the right URL. * * @param Array $server * * @return void */ public function assertValidUrl($server) { if (!$this->isException($server)) { $this->verifyProtocol($server); $this->verifyHost($server); $this->verifyRequest($server); $chunks = $this->getUrlChunks(); if (isset($chunks)) { $location = $this->getRedirectionURL($server); $this->header($location); } $user = $this->getCurrentUser(); $url = $this->getUrl(); try { if (!$user->isAnonymous()) { $password_expiration_checker = new User_PasswordExpirationChecker(); $password_expiration_checker->checkPasswordLifetime($user); } $group_id = isset($GLOBALS['group_id']) ? $GLOBALS['group_id'] : $url->getGroupIdFromUrl($server['REQUEST_URI']); if ($group_id) { $project = $this->getProjectManager()->getProject($group_id); $this->userCanAccessProject($user, $project); } else { $this->checkRestrictedAccess($server); } return true; } catch (Project_AccessRestrictedException $exception) { $this->displayRestrictedUserError($url); } catch (Project_AccessPrivateException $exception) { $this->displayPrivateProjectError($url); } catch (Project_AccessProjectNotFoundException $exception) { $this->exitError($GLOBALS['Language']->getText('include_html', 'g_not_exist'), $exception->getMessage()); } catch (Project_AccessDeletedException $exception) { $this->exitError($GLOBALS['Language']->getText('include_session', 'insufficient_g_access'), $exception->getMessage()); } catch (User_PasswordExpiredException $exception) { if (!$this->isPageAllowedWhenPasswordExpired($server)) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $GLOBALS['Language']->getText('include_account', 'change_pwd_err')); $GLOBALS['Response']->redirect('/account/change_pw.php?user_id' . $user->getId()); } } } }
/** * Login the user * * @deprected * @param $name string The login name submitted by the user * @param $pwd string The password submitted by the user * @param $allowpending boolean True if pending users are allowed (for verify.php). Default is false * @return PFUser Registered user or anonymous if the authentication failed */ function login($name, $pwd, $allowpending = false) { try { $password_expiration_checker = new User_PasswordExpirationChecker(); $password_handler = PasswordHandlerFactory::getPasswordHandler(); $login_manager = new User_LoginManager(EventManager::instance(), $this, $password_expiration_checker, $password_handler); $status_manager = new User_UserStatusManager(); $user = $login_manager->authenticate($name, $pwd); if ($allowpending) { $status_manager->checkStatusOnVerifyPage($user); } else { $status_manager->checkStatus($user); } $this->openWebSession($user); $password_expiration_checker->checkPasswordLifetime($user); $password_expiration_checker->warnUserAboutPasswordExpiration($user); $this->warnUserAboutAuthenticationAttempts($user); return $this->setCurrentUser($user); } catch (User_InvalidPasswordWithUserException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); $accessInfo = $this->getUserAccessInfo($exception->getUser()); $this->getDao()->storeLoginFailure($name, $_SERVER['REQUEST_TIME']); } catch (User_InvalidPasswordException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); } catch (User_PasswordExpiredException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); $GLOBALS['Response']->redirect('/account/change_pw.php?user_id=' . $exception->getUser()->getId()); } catch (User_StatusInvalidException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); } catch (SessionNotCreatedException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); } catch (User_LoginException $exception) { $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage()); } return $this->setCurrentUser($this->createAnonymousUser()); }