</a></li>
<?php
}
?>
</ul>
</div>
<div id="account_tabs_panes">
<div id="tab_profile_pane" style="<?php
if ($selected_tab != 'profile') {
?>
display: none;<?php
}
?>
">
<?php
if (\thebuggenie\core\framework\Settings::isUsingExternalAuthenticationBackend()) {
?>
<?php
echo tbg_parse_text(\thebuggenie\core\framework\Settings::get('changedetails_message'), false, null, array('embedded' => true));
?>
<?php
} else {
?>
<form accept-charset="<?php
echo \thebuggenie\core\framework\Context::getI18n()->getCharset();
?>
" action="<?php
echo make_url('account_save_information');
?>
" onsubmit="TBG.Main.Profile.updateInformation('<?php
echo make_url('account_save_information');
/**
* Returns the logged in user, or default user if not logged in
*
* @param \thebuggenie\core\framework\Request $request
* @param \thebuggenie\core\framework\Action $action
*
* @return \thebuggenie\core\entities\User
*/
public static function loginCheck(framework\Request $request, framework\Action $action)
{
try {
$authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction());
$user = null;
$external = false;
switch ($authentication_method) {
case framework\Action::AUTHENTICATION_METHOD_ELEVATED:
case framework\Action::AUTHENTICATION_METHOD_CORE:
$username = $request['tbg3_username'];
$password = $request['tbg3_password'];
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = $request['tbg3_elevated_password'];
}
$raw = true;
// If no username and password specified, check if we have a session that exists already
if ($username === null && $password === null) {
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$username = framework\Context::getRequest()->getCookie('tbg3_username');
$password = framework\Context::getRequest()->getCookie('tbg3_password');
$user = self::getB2DBTable()->getByUsername($username);
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password');
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
} else {
if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) {
framework\Context::setUser($user);
framework\Context::getRouting()->setCurrentRouteName('elevated_login_page');
throw new framework\exceptions\ElevatedLoginException('reenter');
}
}
} else {
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
}
}
if (!$user instanceof User) {
framework\Context::logout();
throw new \Exception('No such login');
}
}
}
// If we have authentication details, validate them
if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
$external = true;
framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$user = $mod->verifyLogin($username, $password);
} else {
$user = $mod->doLogin($username, $password);
}
if (!$user instanceof User) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
}
} catch (\Exception $e) {
throw $e;
}
} elseif (framework\Settings::isUsingExternalAuthenticationBackend()) {
$external = true;
framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
$user = $mod->doAutoLogin();
if ($user == false) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
} else {
if ($user == true) {
$user = null;
}
}
} catch (\Exception $e) {
throw $e;
}
} elseif ($username !== null && $password !== null && !$user instanceof User) {
$external = false;
framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO);
$user = self::getB2DBTable()->getByUsername($username);
if ($user instanceof User && !$user->hasPassword($password)) {
$user = null;
}
if (!$user instanceof User) {
framework\Context::logout();
}
}
break;
case framework\Action::AUTHENTICATION_METHOD_DUMMY:
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
break;
case framework\Action::AUTHENTICATION_METHOD_CLI:
$user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername());
break;
case framework\Action::AUTHENTICATION_METHOD_RSS_KEY:
$user = self::getB2DBTable()->getByRssKey($request['rsskey']);
break;
case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
$user = self::getB2DBTable()->getByUsername($request['api_username']);
if (!$user->authenticateApplicationPassword($request['api_token'])) {
$user = null;
}
break;
}
if ($user === null && !framework\Settings::isLoginRequired()) {
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
}
if ($user instanceof User) {
if (!$user->isActivated()) {
throw new \Exception('This account has not been activated yet');
} elseif (!$user->isEnabled()) {
throw new \Exception('This account has been suspended');
} elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) {
if (!framework\Settings::isRegistrationAllowed()) {
throw new \Exception('This account does not have access to this scope');
}
}
if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) {
$password = $user->getHashPassword();
if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) {
if ($request->getParameter('tbg3_rememberme')) {
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
} else {
framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
}
}
}
} elseif (framework\Settings::isLoginRequired()) {
throw new \Exception('Login required');
} else {
throw new \Exception('No such login');
}
} catch (\Exception $e) {
throw $e;
}
return $user;
}
/**
* Log out the current user (does not work when auth method is set to http)
*/
public static function logout()
{
if (Settings::isUsingExternalAuthenticationBackend()) {
$mod = self::getModule(Settings::getAuthenticationBackend());
$mod->logout();
}
Event::createNew('core', 'pre_logout')->trigger();
self::getResponse()->deleteCookie('tbg3_username');
self::getResponse()->deleteCookie('tbg3_password');
self::getResponse()->deleteCookie('tbg3_elevated_password');
self::getResponse()->deleteCookie('tbg3_persona_session');
self::getResponse()->deleteCookie('THEBUGGENIE');
session_regenerate_id(true);
Event::createNew('core', 'post_logout')->trigger();
}
