public function execute(Request $request, Response $response, callable $next = null) { $body = $request->getParsedBody(); $adapter = new CredentialTreatmentAdapter($this->boot()->db); $adapter->setTableName('entity_subject')->setIdentityColumn('login')->setCredentialColumn('password')->setIdentity($body['login'])->setCredential($body['password']); $result = $this->boot()->auth->authenticate($adapter); if ($result->isValid()) { $data = $adapter->getResultRowObject(null, 'password'); $this->boot()->auth->getStorage()->write($data); } return $response->withHeader('Location', "/"); }
public function processAction() { // here come the data from LoginForm(admin/index) if (!$this->request->isPost()) { return $this->redirect()->toRoute(NULL, array('controller' => 'Auth', 'action' => 'auth')); } $post = $this->getRequest()->getPost(); // $dbAdapter = $this->getServiceLocator()->get('Zend\\Db\\Adapter\\Adapter'); // $config = $this->getServiceLocator()->get('Config'); // $salt = $config['salt']; // $authAdapter = new CredentialTreatmentAdapter($dbAdapter, 'users', 'user_email', 'user_password', "MD5(?) AND user_role = 'admin'"); // $authAdapter->setIdentity($post->user_email)->setCredential($post->user_password); // $auth = new AuthenticationService(); $result = $auth->authenticate($authAdapter); // switch ($result->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: // $this->flashMessenger()->setNamespace('not_admin')->addMessage('wrong email/pasword'); // return $this->redirect()->toRoute(NULL, array('controller' => 'Auth', 'action' => 'auth')); // break; case Result::FAILURE_CREDENTIAL_INVALID: // $this->flashMessenger()->setNamespace('not_admin')->addMessage('admin-only allowed'); // return $this->redirect()->toRoute(NULL, array('controller' => 'Auth', 'action' => 'auth')); // break; case Result::SUCCESS: $storage = $auth->getStorage(); $storage->write($authAdapter->getResultRowObject(null, 'user_password')); $session = new Container('admin'); $time = 900; if ($post->rememberMe) { $session->remember = $time; } $session->user_email = $post->user_email; return $this->redirect()->toRoute('index', array('controller' => 'Index', 'action' => 'index')); break; default: // break; } }
/** * Faz a autenticação dos usuários * * @param array $params * @return array */ public function authenticate($params) { if (!isset($params['username']) || !isset($params['password'])) { throw new \Exception("Parâmetros inválidos"); } $password = md5($params['password']); $auth = new AuthenticationService(); $authAdapter = new AuthAdapter($this->dbAdapter); $authAdapter->setTableName('user')->setIdentityColumn('username')->setCredentialColumn('password')->setIdentity($params['username'])->setCredential($password); $result = $auth->authenticate($authAdapter); if (!$result->isValid()) { throw new \Exception("Login ou senha inválidos"); } //salva o user na sessão $session = $this->getServiceManager()->get('Session'); $session->offsetSet('user', $authAdapter->getResultRowObject()); return true; }
public function loginAction() { if ($this->userModuleOptions->getDisabledLogin()) { echo "禁止登陆"; exit("indexuser"); //$b=$aaa['user']; } $options = $this->getRequest()->getPost(); $adapter = $this->getServiceLocator()->get('Zend\\Db\\Adapter\\Adapter'); $authAdapter = new CredentialTreatmentAdapter($adapter, 'user', 'email', 'password'); $authAdapter->setIdentity($options->get('email')); $authAdapter->setCredential($options->get('password')); $authService = new AuthenticationService(new Session('email'), $authAdapter); /*$authService = $this->getServiceLocator()->get('my_auth_service'); $authService->setStorage(new Session('username')); $authService->setAdapter($authAdapter);*/ $result = $authService->authenticate(); if ($result->isValid()) { // $storage=new ArrayStorage(iterator_to_array($options)); // $manager=new SessionManager(); // $manager->setStorage($storage); $userData = $this->getServiceLocator()->get('User\\Table\\UserTable')->getUser($options->get('email')); $sessionContainer = new Container(); $sessionContainer->offsetSet("user", ["username" => $userData->username, "email" => $options->get('email')]); $this->layout()->setVariable("username", $userData->username); //how to asign? if ($user = $authService->getIdentity()) { $this->redirect()->toRoute('forum', ['controller' => 'index', 'action' => 'index']); } else { echo 'Not logged in'; } // exit("suceess"); } else { exit("die"); } }
/** * Authenticate user * * @param string $login Login * @param string $password Password * * @return boolean */ public function authenticate($login, $password) { $authAdapter = new Adapter\DbTable\CredentialTreatmentAdapter($this->getAdapter()); $authAdapter->setTableName($this->name); $authAdapter->setIdentityColumn('login'); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment('? AND active = TRUE'); $authAdapter->setIdentity($login); $authAdapter->setCredential(sha1($password)); $auth = new AuthenticationService(new Storage\Session(self::BACKEND_AUTH_NAMESPACE)); $result = $auth->authenticate($authAdapter); $this->events()->trigger(__CLASS__, 'before.auth', $this); if ($result->isValid()) { $data = $authAdapter->getResultRowObject(null, 'password'); $this->setData((array) $data); $this->setOrigData(); $auth->getStorage()->write($this); $this->events()->trigger(__CLASS__, 'after.auth', $this); return true; } $this->events()->trigger(__CLASS__, 'after.auth.failed', $this, array('login' => $login)); return false; }
/** * @param string $username * @param string $password * @return boolean */ public function authenticate($username, $password) { /* @var $sl \Zend\ServiceManager\ServiceManager */ $sl = $this->getServiceLocator(); $authAdapter = new CredentialTreatmentAdapter($sl->get('dbAdapter'), 'users', 'username', 'password', 'MD5(CONCAT(salt,?))'); $authAdapter->setIdentity($username); $authAdapter->setCredential($password); /* @var $result \Zend\Authentication\Result */ $result = $this->getAuthService()->authenticate($authAdapter); if ($result->getCode() == \Zend\Authentication\Result::SUCCESS) { /* @var $userMapper \User\Model\UserMapper */ $userMapper = $sl->get('User\\Model\\UserMapper'); /* @var $user \User\Model\User */ $user = $userMapper->get(null, $username); $this->getAuthService()->getStorage()->write($user->getId()); return true; } return false; }
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response) { // 路由之后才能获取这三个值 $module = strtolower($request->getModuleName()); $controller = strtolower($request->getControllerName()); $action = strtolower($request->getActionName()); $default = Registry::get("session"); // 可以传入Zend\Authentication\Storage\Session对象,实际关联一个SESSION容器 $auth = new AuthenticationService(); $storage = $auth->getStorage(); Registry::set('auth', $storage); if ($auth->hasIdentity()) { $storageData = $storage->read(); $access_time = 0; if (!empty($storageData->access_time)) { $access_time = (int) $storageData->access_time; } // 已经半小时没有活动了 实际SESSION可能并没有清除 if (time() - $access_time > 1800) { $auth->clearIdentity(); $response->clearBody()->setRedirect("/auth/login"); exit; } else { $storageData->access_time = time(); $storage->write($storageData); } if ($controller === "auth") { if ($action === "logout") { $auth->clearIdentity(); $response->clearBody()->setRedirect("/auth/login"); exit; } if ($action === "login") { $response->clearBody()->setRedirect("/"); exit; } } } else { if ($request->isPost()) { // 验证token if (!isset($_POST['securityToken']) || $_POST['securityToken'] !== $default->offsetGet('securityToken')) { //$response->clearBody()->setRedirect("/auth/login"); //exit; } // 需要验证的数据 $email = trim($_POST['email']); $password = trim($_POST['password']); if (empty($email) || empty($password)) { $default->offsetSet("freshMessage", "邮件地址或密码不能为空"); $response->clearBody()->setRedirect("/auth/login"); exit; } // 匹配邮件地址 和 密码 $user = new Table\UserModel(); $userRow = $user->getUserByEmail($email); if (!empty($userRow)) { // 查看是否已经被禁用 if ((int) $userRow['active'] < 1) { $default->offsetSet("freshMessage", "账户已经禁用."); $response->clearBody()->setRedirect("/auth/login"); exit; } $hashPassword = trim($userRow['password']); $salt = Ifeeline\Password::getPasswordSaltByHash($hashPassword); $nowPassword = Ifeeline\Password::getPasswordHash($salt, $password); if ($nowPassword !== $hashPassword) { $default->offsetSet("freshMessage", "密码不正确"); $response->clearBody()->setRedirect("/auth/login"); exit; } } else { $default->offsetSet("freshMessage", "邮件地址不存在"); $response->clearBody()->setRedirect("/auth/login"); exit; } // 实际上,以上的密码比较已经结束 这里使用它的会话持久化功能 $dbAdapter = Registry::get('db'); $authAdapter = new CredentialTreatmentAdapter($dbAdapter); $authAdapter->setTableName('user')->setIdentityColumn('email')->setCredentialColumn('password'); // 这里应该使用自定义的密码哈希算法,然后再传递进行比较 $authAdapter->setIdentity($email)->setCredential($nowPassword); $result = $auth->authenticate($authAdapter); // 这个IF应该永不会进入 if (!$result->isValid()) { switch ($result->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: //break; //break; case Result::FAILURE_CREDENTIAL_INVALID: //break; //case Result::SUCCESS: // break; //break; //case Result::SUCCESS: // break; default: //$result->getMessages() $default->offsetSet("freshMessage", "用户名或密码不正确."); break; } $response->clearBody()->setRedirect("/auth/login"); exit; } else { $row = $authAdapter->getResultRowObject(null, array('password')); // 账户被禁用(这不会执行) if ((int) $row->active < 1) { // 清楚认证信息 $auth->clearIdentity(); $default->offsetSet("freshMessage", "用户名已经被禁用."); $response->clearBody()->setRedirect("/auth/login"); exit; } else { $row->access_time = time(); $storage = $auth->getStorage(); $storage->write($row); // 成功登录 $response->clearBody()->setRedirect("/"); exit; } } } else { if ($controller !== "auth" || $controller === "auth" && $action !== "login") { $response->clearBody()->setRedirect("/auth/login"); exit; } } } }