/**
* @param $auth
*/
public static function initAuthenticationFromCookie(\Piwik\Auth $auth, $activateCookieAuth)
{
if (self::isModuleIsAPI() && !$activateCookieAuth) {
return;
}
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$authCookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
$defaultLogin = '******';
$defaultTokenAuth = 'anonymous';
if ($authCookie->isCookieFound()) {
$defaultLogin = $authCookie->get('login');
$defaultTokenAuth = $authCookie->get('token_auth');
}
$auth->setLogin($defaultLogin);
$auth->setTokenAuth($defaultTokenAuth);
$storage = new Storage($defaultLogin);
if (!$storage->isActive()) {
return;
}
$secret = $storage->getSecret();
$cookieSecret = $authCookie->get('auth_code');
if ($cookieSecret == SessionInitializer::getHashTokenAuth($defaultLogin, $secret)) {
$googleAuth = new PHPGangsta\GoogleAuthenticator();
$auth->setAuthCode($googleAuth->getCode($secret));
$auth->validateAuthCode();
}
}
/**
* @param $auth
*/
public static function initAuthenticationFromCookie(\Piwik\Auth $auth, $activateCookieAuth)
{
if (self::isModuleIsAPI() && !$activateCookieAuth) {
return;
}
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$authCookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
$defaultLogin = '******';
$defaultTokenAuth = 'anonymous';
if ($authCookie->isCookieFound()) {
$defaultLogin = $authCookie->get('login');
$defaultTokenAuth = $authCookie->get('token_auth');
}
$auth->setLogin($defaultLogin);
$auth->setTokenAuth($defaultTokenAuth);
}
/**
* Initializes the authentication object.
* Listens to Request.initAuthenticationObject hook.
*/
function initAuthenticationObject($allowCookieAuthentication = false)
{
$auth = new Auth();
\Piwik\Registry::set('auth', $auth);
$action = Piwik::getAction();
if (Piwik::getModule() === 'API' && (empty($action) || $action == 'index') && $allowCookieAuthentication !== true) {
return;
}
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$authCookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
$defaultLogin = '******';
$defaultTokenAuth = 'anonymous';
if ($authCookie->isCookieFound()) {
$defaultLogin = $authCookie->get('login');
$defaultTokenAuth = $authCookie->get('token_auth');
}
$auth->setLogin($defaultLogin);
$auth->setTokenAuth($defaultTokenAuth);
}
/**
* Clear session information
*
* @param none
* @return void
*/
public static function clearSession()
{
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$cookie = new Cookie($authCookieName);
$cookie->delete();
Session::expireSessionCookie();
}
/**
* Set the language for the session
*
* @param string $languageCode ISO language code
* @return bool
*/
public static function setLanguageForSession($languageCode)
{
if (!API::getInstance()->isLanguageAvailable($languageCode)) {
return false;
}
$cookieName = Config::getInstance()->General['language_cookie_name'];
$cookie = new Cookie($cookieName, 0);
$cookie->set('language', $languageCode);
$cookie->save();
return true;
}
/**
* Authenticates the user and initializes the session.
*/
public function initSession($login, $md5Password, $rememberMe)
{
$tokenAuth = API::getInstance()->getTokenAuth($login, $md5Password);
$this->setLogin($login);
$this->setTokenAuth($tokenAuth);
$authResult = $this->authenticate();
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = $rememberMe ? time() + Config::getInstance()->General['login_cookie_expire'] : 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$cookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
if (!$authResult->wasAuthenticationSuccessful()) {
$cookie->delete();
throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect'));
}
$cookie->set('login', $login);
$cookie->set('token_auth', $this->getHashTokenAuth($login, $authResult->getTokenAuth()));
$cookie->setSecure(ProxyHttp::isHttps());
$cookie->setHttpOnly(true);
$cookie->save();
@Session::regenerateId();
// remove password reset entry if it exists
Login::removePasswordResetInfo($login);
}
private static function initAuthenticationFromCookie(\Piwik\Auth $auth, $activateCookieAuth)
{
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$authCookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
if ($authCookie->isCookieFound()) {
$login = $authCookie->get('login');
$tokenAuth = $authCookie->get('token_auth');
\Piwik\Log::debug("Login [" . $login . "] from browser token");
$auth->setLogin($login);
$auth->setTokenAuth($tokenAuth);
return true;
} else {
return false;
}
}
