public function authenticateAction()
{
$authAttempts = new Users_Model_AuthAttempts();
$attempt = $authAttempts->get();
$form = new Users_Form_Login(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed());
$formData = $this->_request->getPost();
$form->populate($formData);
if (!$form->isValid($formData)) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
$this->_redirectToNormalConnection('');
}
$users = new Users_Model_Users();
$result = $users->authenticate($this->_request->getPost('username'), $this->_config->yubikey->enabled && $this->_config->yubikey->force ? $this->_request->getPost('yubikey') : $this->_request->getPost('password'), false, $this->view);
if ($result) {
$user = $users->getUser();
if ($attempt) {
$attempt = $authAttempts->delete();
}
if ($user->role != Users_Model_User::ROLE_ADMIN && $this->underMaintenance) {
Zend_Auth::getInstance()->clearIdentity();
return $this->_redirectForMaintenance(true);
}
} else {
if (!$attempt) {
$authAttempts->create();
} else {
$attempt->addFailure();
$attempt->save();
}
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
}
$this->_redirectToNormalConnection('');
}
public function proceedAction()
{
// double check upgrade is necessary in case someone access this action directly
if (!$this->_needsUpgrade()) {
$this->_redirect('');
return;
}
$form = new Install_Form_UpgradeLogin();
$formData = $this->_request->getPost();
$form->populate($formData);
if (!$form->isValid($formData)) {
$appSession = Zend_Registry::get('appSession');
$appSession->loginForm = $form;
$this->_forward('index');
return;
}
$users = new Users_Model_Users();
list($super, $mayor, $minor) = explode('.', $this->_getDbVersion());
$greaterThan2 = $super >= 2;
$result = $users->authenticate($this->_request->getPost('username'), $this->_request->getPost('password'), false, $this->view, !$greaterThan2);
if (!$result) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
$this->_redirect('index');
return;
}
$user = $users->getUser();
if ($user->role != Users_Model_User::ROLE_ADMIN) {
Zend_Auth::getInstance()->clearIdentity();
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
$this->_redirect('index');
return;
}
$this->_runUpgrades(true);
$upgradedVersion = $this->_runUpgrades(false);
$this->_helper->FlashMessenger->addMessage($this->view->translate('Upgrade was successful. You are now on version %s', $upgradedVersion));
$missingConfigs = $this->_checkMissingConfigDirectives();
if ($missingConfigs) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('WARNING: there are some new configuration settings. To override their default values (as set in config.default.php) add them to your config.php file. The new settings correspond to the following directives: %s.', implode(', ', $missingConfigs)));
}
// we need to logout user in case the user table changed
Zend_Auth::getInstance()->clearIdentity();
Zend_Session::forgetMe();
$this->_redirect('/');
}
public function authenticateAction()
{
$server = $this->_getOpenIdProvider();
$request = $server->decodeRequest();
$authAttempts = new Users_Model_AuthAttempts();
$attempt = $authAttempts->get();
$form = new Form_OpenidLogin(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed());
$formData = $this->_request->getPost();
$form->populate($formData);
if (!$form->isValid($formData)) {
$formErrors = $form->getErrors();
// gotta resort to pass errors as params because we don't use the session here
if (@$formErrors['captcha']) {
$this->_forward('login', null, null, array('invalidCaptcha' => true));
} else {
$this->_forward('login');
}
return;
}
$users = new Users_Model_Users();
$result = $users->authenticate($request->idSelect() ? $form->getValue('openIdIdentity') : $request->identity, $this->_config->yubikey->enabled && $this->_config->yubikey->force ? $form->getValue('yubikey') : $form->getValue('password'), true, $this->view);
if ($result) {
if ($attempt) {
$attempt->delete();
}
$sites = new Model_Sites();
$trustRoot = $this->_getTrustRoot($request);
if ($sites->isTrusted($users->getUser(), $trustRoot)) {
$this->_forward('proceed', null, null, array('allow' => true));
} elseif ($sites->isNeverTrusted($users->getUser(), $trustRoot)) {
$this->_forward('proceed', null, null, array('deny' => true));
} else {
$this->_forward('trust');
}
} else {
if (!$attempt) {
$authAttempts->create();
} else {
$attempt->addFailure();
$attempt->save();
}
$this->_forward('login', null, null, array('invalidLogin' => true));
}
}
