public function afterLogin($event, $loginUser) { if (!$loginUser->id) { return; } $storage = Login::getAuthStorage(); if (Login::getLoginMode() == Login::LOGIN_MODE_TOKEN) { $apikey = new Apikey(); $userId = $loginUser->id; $token = $apikey->findFirst("userId = {$userId}"); if (!$token) { $token = $apikey->generateToken($userId); } $storage->setId($token->apikey); $storage->set(Login::AUTH_KEY_TOKEN, $token); } $defaultRoles = $loginUser->getRoles(); $roles = $loginUser->roles; $authRoles = array(); if ($roles) { foreach ($roles as $role) { $authRoles[] = $role->roleKey; } } $authRoles = array_unique(array_merge($defaultRoles, $authRoles)); $storage->set(Login::AUTH_KEY_ROLES, $authRoles); }
/** * System login * 1. Check user exsits * 2. Clear user login failde counter * 3. Update user last login time * 4. Save user info to Session * * @return Login */ public function login() { $this->getDI()->getEventsManager()->fire('user:beforeLogin', $this); if (!$this->id) { throw new Exception\InvalidArgumentException('ERR_USER_NO_ID_INPUT'); } $userinfo = array(); if ($this->id) { $userinfo = self::findFirst("id = '{$this->id}'"); } if (!$userinfo) { throw new Exception\ResourceNotFoundException('ERR_USER_NOT_EXIST'); } if ($userinfo->status != 'active') { throw new Exception\UnauthorizedException('ERR_USER_NOT_ACTIVED'); } $userinfo->failedLogins = 0; $userinfo->loginAt = time(); $userinfo->save(); $authIdentity = $this->saveUserToStorage($userinfo); if (Login::getLoginMode() == Login::LOGIN_MODE_SESSION) { $this->getDI()->getCookies()->set(Login::LOGIN_COOKIE_KEY, $userinfo->id); } $this->getDI()->getEventsManager()->fire('user:afterLogin', $userinfo); return $userinfo; }
/** * System login * 1. Check user exsits * 2. Clear user login failde counter * 3. Update user last login time * 4. Save user info to Session * * @return Login */ public function login() { $this->getDI()->getEventsManager()->fire('user:beforeLogin', $this); if (!$this->id) { throw new Exception\InvalidArgumentException('ERR_USER_NO_ID_INPUT'); } $userinfo = array(); if ($this->id) { $userinfo = self::findFirst("id = '{$this->id}'"); } if (!$userinfo) { throw new Exception\UnauthorizedException('ERR_USER_NOT_EXIST'); } if ($userinfo->status != 'active') { throw new Exception\UnauthorizedException('ERR_USER_NOT_ACTIVED'); } $userinfo->failedLogins = 0; $userinfo->loginAt = time(); $userinfo->save(); if (Login::getLoginMode() == Login::LOGIN_MODE_SESSION) { $sso_ticket = $this->getDI()->getSession()->getId() . '^' . $userinfo->id; Login::getAuthStorage()->setId($sso_ticket); $this->saveUserToStorage($userinfo); $config = $this->getDI()->getConfig(); $ssoDomain = $config->session->sso_domain; $sso_ticket_name = $config->session->sso_ticket_name; /** @var \Phalcon\Http\Response\Cookies $cookies */ $cookies = $this->getDI()->getCookies()->set(Login::LOGIN_COOKIE_KEY, $userinfo->id); $cookie = $cookies->get(Login::LOGIN_COOKIE_KEY); $cookie->setHttpOnly(false); /** @var \Phalcon\HTTP\ResponseInterface $response */ $response = $this->getDI()->getResponse(); $response->setHeader('P3P', 'CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'); if ($ssoDomain) { $cookies->set($sso_ticket_name, $sso_ticket, 0, '/', null, $ssoDomain, true); //Set PHPSESSIONID domain $cookie = $cookies->get(Login::LOGIN_COOKIE_KEY); $cookie->setDomain($ssoDomain); $cookies->get(Login::AUTH_KEY_LOGIN)->setDomain($ssoDomain); } } else { $this->saveUserToStorage($userinfo); } $this->getDI()->getEventsManager()->fire('user:afterLogin', $userinfo); return $userinfo; }