protected function superAdminLogin() { $item = $this->params()->fromPost(); $form = new Form\SuperAdminLoginForm(); $viewVariables = array('form' => $form, 'item' => $item); if (!$this->getRequest()->isPost()) { return $viewVariables; } $form->bind($item); if (!$form->isValid()) { return $viewVariables; } $auth = new Auth('Config', 'Session', 'Auth_Admin'); $authResult = $auth->authenticate(array('username' => $item['loginName'], 'password' => $item['inputPassword'])); if ($authResult->isValid()) { $config = $this->getServiceLocator()->get('config'); $auth->saveLoginUser(array('id' => $config['superadmin']['id'], 'userName' => $item['loginName'], 'isSuperAdmin' => true)); $callback = $this->params()->fromPost('callback'); $callback = $callback ? $callback : '/admin/core/dashboard'; $this->redirect()->toUrl($callback); return array(); } switch ($authResult->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: $this->flashMessenger()->addMessage('user-name-failed'); break; case Result::FAILURE_CREDENTIAL_INVALID: $this->flashMessenger()->addMessage('password-failed'); break; default: } return $viewVariables; }
public function restPutLogin() { $this->layout('layout/adminblank'); $item = $this->params()->fromPost(); $callback = $this->params()->fromPost('callback'); $callback = $callback ? $callback : '/admin/core/dashboard'; $viewVariables = array(); if (!$this->getRequest()->isPost()) { return $viewVariables; } $form = new \User\Form\AdminLoginForm(); $form->bind($item); if ($form->isValid()) { $item = $form->getData(); if ($item['isSuperAdmin']) { $auth = new Auth('Config', 'Session', 'Auth_Admin'); $authResult = $auth->authenticate(array('username' => $item['loginName'], 'password' => $item['inputPassword'])); $config = Api::_()->getConfig(); if ($authResult->isValid()) { $auth->saveLoginUser(array('id' => $config['superadmin']['id'], 'userName' => $item['loginName'], 'isSuperAdmin' => true)); return $this->redirect()->toUrl($callback); } } else { $loginModel = Api::_()->getModel('User\\Model\\Login'); $authResult = $loginModel->loginByPassword($item['loginName'], $item['inputPassword']); if ($authResult->isValid()) { $user = Auth::getLoginUser('Auth_Admin'); if (!isset($user['Roles']) || !in_array('Admin', $user['Roles'])) { $this->getResponse()->setStatusCode(401); $this->flashMessenger()->addMessage('permission-not-enough'); return $this->redirect()->toUrl('/admin/'); } return $this->redirect()->toUrl($callback); } } switch ($authResult->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: $this->flashMessenger()->addMessage('user-name-failed'); break; case Result::FAILURE_CREDENTIAL_INVALID: $this->flashMessenger()->addMessage('password-failed'); break; default: } } else { $item = $form->getData(); } return array('form' => $form, 'item' => $item); }