/** * Verify user after activation mail link opened * @param string $ua_verification_code user's activation verification token */ public function getVerify($ua_verification_code) { $this->app->log->debug(get_class($this) . '->getVerify()'); $user_name = Encryption::decrypt($this->app->request->get("user_name")); if (isset($user_name) && isset($ua_verification_code)) { $success = RegistrationModel::verifyNewUser($user_name, $ua_verification_code); if ($success) { // TODO: valutare se inviare mail di benvenuto all'utente } $this->app->render($this->app->config('app.templates.path') . '/login/verify.twig', array('feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages())); } else { $this->app->redirect($this->app->config('app.baseurl') . '/login'); } }
/** * performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently) * TODO add throttling here ? * * @param $cookie string The cookie "remember_me" * * @return bool success state */ public static function loginWithCookie($cookie) { // do we have a cookie ? if (!$cookie) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // before list(), check it can be split into 3 strings. if (count(explode(':', $cookie)) !== 3) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // check cookie's contents, check if cookie contents belong together or token is empty list($user_name, $token, $hash) = explode(':', $cookie); // decrypt user user_name $user_name = Encryption::decrypt($user_name); if ($hash !== hash('sha256', $user_name . ':' . $token) or empty($token) or empty($user_name)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // get data of user that has this id and this token $user = UserModel::getUserDataByUserNameAndToken($user_name, $token); // if user with that id and exactly that cookie token exists in database if ($user) { // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true self::setSuccessfulLoginIntoSession($user->getUsername(), $user->getEmail(), $user->getAccounttype(), $user->getProvidertype()); // save timestamp of this login in the database line of that user self::saveTimestampOfLoginOfUser($user->getUsername()); // NOTE: we don't set another remember_me-cookie here as the current cookie should always // be invalid after a certain amount of time, so the user has to login with username/password // again from time to time. This is good and safe ! ;) Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL')); return true; } else { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } }
/** * Verify the verification token of that user (to show the user the password editing view or not) * @param string $user_name username * @param string $verification_code password reset verification token */ public function getVerifyPasswordReset($verification_code) { $this->app->log->debug(get_class($this) . '->getVerifyPasswordReset()'); // check if this the provided verification code fits the user's verification code $user_name = Encryption::decrypt($this->app->request->get("user_name")); if (PasswordResetModel::verifyPasswordReset($user_name, $verification_code)) { $this->app->render($this->app->config('app.templates.path') . '/login/password-reset.twig', array('user_name' => $user_name, 'user_password_reset_hash' => $verification_code, 'feedback_positive' => $this->getFeedbackPositiveMessages(), 'feedback_negative' => $this->getFeedbackNegativeMessages())); } else { $this->redirectToLogin(); } }