public function __invoke(Request $req, Response $res, callable $next)
{
$res = $next($req, $res);
$identity = $this->authService->getIdentity();
if (!$identity) {
return $res;
}
try {
$user = R::findOne('user', 'mail = ?', [$identity->mail]);
if (!$user) {
$user = R::dispense('user');
$user->uid = $identity->uid;
$user->mail = $identity->mail;
$user->display_name = $identity->displayName;
$user->office_name = $identity->officeName;
$user->authentication_source = $identity->authenticationSource;
$user->password = '';
$user->created = time();
$user->role = 'school';
$this->logger->info(sprintf('User %s imported from sso.sch.gr to database', $identity->mail));
}
$user->last_login = time();
$user_id = R::store($user);
$identityClass = get_class($identity);
$newIdentity = new $identityClass($user_id, $user->uid, $user->mail, $user->display_name, $user->office_name, $user->authentication_source);
$this->authService->getStorage()->write($newIdentity);
} catch (\Exception $e) {
$this->authService->clearIdentity();
$this->flash->addMessage('danger', 'A problem occured storing user in database. <a href="%s" title="SSO logout">SSO Logout</a>');
$this->logger->error('Problem inserting user form CAS in database', $identity->toArray());
$this->logger->debug('Exception', [$e->getMessage(), $e->getTraceAsString()]);
return $res->withRedirect($this->userErrorRedirectUrl);
}
return $res;
}
public function createService(ServiceLocatorInterface $serviceLocator)
{
$adapter = $serviceLocator->get('auth-adapter');
$auth = new AuthenticationService();
$auth->setAdapter($adapter);
return $auth;
}
public function authenticate($username, $password)
{
$callback = function ($password, $hash) {
$bcrypt = new Bcrypt();
return $bcrypt->verify($hash, $password);
};
$authenticationService = new AuthenticationService();
$callbackCheckAdapter = new CallbackCheckAdapter($this->dbAdapter, "users", 'username', 'password', $callback);
$callbackCheckAdapter->setIdentity($username)->setCredential($password);
$authenticationService->setAdapter($callbackCheckAdapter);
$authResult = $authenticationService->authenticate();
if ($authResult->isValid()) {
$userObject = $callbackCheckAdapter->getResultRowObject();
$authenticationService->getStorage()->write($userObject);
if ($userObject->status == 0) {
$authenticationService->clearIdentity();
$this->setCode(-5);
return false;
} else {
return true;
}
} else {
$this->setCode($authResult->getCode());
return false;
}
}
public function logoutAction()
{
$auth = new AuthenticationService();
$auth->setStorage(new SessionStorage("geframa_admin"));
$auth->clearIdentity();
return $this->redirect()->toRoute('geframa_login');
}
/**
* Logout user
*
* @return \Zend\Http\Response
*/
public function logoutAction()
{
$auth = new AuthenticationService();
$auth->setStorage(new SessionStorage('BookstoreAdmin'));
$auth->clearIdentity();
return $this->redirect()->toRoute('bookstore-admin-auth');
}
public function logoutAction()
{
$auth = new AuthenticationService();
$auth->setStorage(new SessionStorage('SONUser'));
$auth->clearIdentity();
return $this->redirect()->toRoute('sonuser-auth');
}
/**
* @return string 用户名字符串
* 如果没有登录,返回null
*/
public static function get_auth()
{
$auth = new AuthenticationService();
$tmp = $auth->getStorage()->read();
return $tmp;
//返回一个类,有username和schoolID和userID和type这四个在userservice里面get——auth函数里write数据库中的两列。
}
/**
* Retrieve the current admin
*
* @return UserModel|boolean
*/
public function __invoke()
{
if ($this->auth->hasIdentity()) {
return $this->auth->getIdentity();
}
return false;
}
public function logoutAction()
{
if ($this->identity()) {
$this->authenticationService->clearIdentity();
}
return $this->redirect()->toRoute('home');
}
public function validaAuth($e)
{
$auth = new AuthenticationService();
$auth->setStorage(new SessionStorage("SONUSer"));
$controller = $e->getTarget();
$matchedRoute = $controller->getEvent()->getRouteMatch()->getMatchedRouteName();
}
public function addAction()
{
$viewModel = new ViewModel();
$form = $this->getServiceLocator()->get("Process\\Form\\ReceiveInventoryForm");
$viewModel->setVariable('form', $form);
$request = $this->getRequest();
if ($request->isPost()) {
$receiveInventory = new ReceiveInventory();
$form->setInputFilter($receiveInventory->getInputFilter());
$data = $request->getPost()->toArray();
$form->setData($data);
if ($form->isValid()) {
$fileService = $this->getServiceLocator()->get('Admin\\Service\\FileService');
$fileService->setDestination($this->config['component']['receive_inventory']['file_path']);
$fileService->setSize($this->config['file_characteristics']['file']['size']);
$fileService->setExtension($this->config['file_characteristics']['file']['extension']);
$invoiceFile = $fileService->copy($this->params()->fromFiles('invoice_file'));
$data['invoice_file'] = $invoiceFile ? $invoiceFile : "";
$authenticationService = new AuthenticationService();
$user = $authenticationService->getStorage()->read()->id;
$receiveInventory->setUser($user);
$receiveInventory->exchangeArray($data);
$receiveInventoryId = $this->getReceiveInventoryTable()->save($receiveInventory);
$container = new Container('receive_inventory');
$container->id = $receiveInventoryId;
$container->user = $user;
return $this->redirect()->toRoute('process/receive_inventory/add/details');
}
}
$viewModel->setVariable('config', $this->config);
return $viewModel;
}
/**
* {@inheritDoc}
*/
public function getIdentityRoles()
{
$definedRoles = $this->bjyConfig['role_providers']['BjyAuthorize\\Provider\\Role\\Config']['user']['children'];
$roleKey = $this->config['identity_providers']['ldap_role_key'];
if (!$this->authService->hasIdentity()) {
return array($this->getDefaultRole());
}
$rawObj = $this->authService->getIdentity()->getRoles();
// $data = @unserialize($rawObj);
// if ($data === false) {
// return array($this->getDefaultRole());
// }
// $user = unserialize($rawObj);
$user = $rawObj;
if (is_null($user) || !is_array($user)) {
return array($this->getDefaultRole());
}
$roles = array('user');
// foreach ($user[$roleKey] as $role) {
foreach ($user as $role) {
if (isset($definedRoles[$role])) {
$roles[] = $role;
}
}
return $roles;
}
public function indexAction()
{
/* $temp = $this->forward()->dispatch('Application/Controller/Album', array('action' => 'index'));
echo '<pre>'; print_r($temp); echo '<pre>';die; */
$auth = new AuthenticationService();
if (!$auth->hasIdentity()) {
return $this->redirect()->toRoute('home');
}
$select = new Select();
$search = @$_REQUEST['search'];
if (!empty($search)) {
$select->where->like('name', '%' . $search . '%');
}
$order_by = $this->params()->fromRoute('order_by') ? $this->params()->fromRoute('order_by') : 'id';
$order = $this->params()->fromRoute('order') ? $this->params()->fromRoute('order') : Select::ORDER_ASCENDING;
$page = $this->params()->fromRoute('page') ? (int) $this->params()->fromRoute('page') : 1;
$category = $this->getCategoryTable()->fetchAllCategory($select->order($order_by . ' ' . $order), $search);
$itemPerPage = 2;
$category->current();
$paginator = new Paginator(new PaginatorIterator($category));
$paginator->setCurrentPageNumber($page);
$paginator->setItemCountPerPage($itemPerPage);
$paginator->setPageRange(10);
return new ViewModel(array('order_by' => $order_by, 'order' => $order, 'page' => $page, 'paginator' => $paginator));
}
public function checkAcl(MvcEvent $e)
{
//guardamos el nombre de la ruta o recurso a permitir o denegar
$route = $e->getRouteMatch()->getMatchedRouteName();
//Instanciamos el servicio de autenticacion
$auth = new AuthenticationService();
$identi = $auth->getStorage()->read();
// Establecemos nuestro rol
// $userRole = 'admin';
// Si el usuario esta identificado le asignaremos el rol admin y si no el rol visitante.
if ($identi != false && $identi != null) {
$userRole = $identi->role;
} else {
$userRole = 'visitante';
}
/*
Esto se puede mejorar fácilmente, si tenemos un campo rol en la BD cuando el usuario
se identifique en la sesión se guardarán todos los datos del mismo, de modo que
$userRole=$identi->role;
*/
//Comprobamos si no está permitido para ese rol esa ruta
if (!$e->getViewModel()->acl->isAllowed($userRole, $route)) {
//Devolvemos un error 404
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $e->getRequest()->getBaseUrl() . '/404');
$response->setStatusCode(404);
}
}
public function __invoke(MvcEvent $event)
{
if ($event->getRequest() instanceof ConsoleRequest) {
return;
}
$match = $event->getRouteMatch();
// No route match, this is a 404
if (!$match instanceof RouteMatch) {
return;
}
/** @var Application $app */
$app = $event->getParam('application');
$config = $app->getConfig();
$disableForAuthorizedCallback = $config['authorized-redirect-to-route'];
$redirectTo = $disableForAuthorizedCallback($match, $this->authService);
if ($this->authService->hasIdentity() && !empty($redirectTo)) {
$response = $this->redirectTo($event, $redirectTo);
return $response;
}
$checkCallback = $config['need-authorization-callback'];
// if true = authorization needed
if (!$checkCallback($match, $this->authService)) {
return;
}
// User is authenticated
if ($this->authService->hasIdentity()) {
return;
}
$response = $this->redirectTo($event, $config['not-authorized-redirect-to-route']);
return $response;
}
public function __construct(AuthenticationService $authService)
{
parent::__construct('login');
$this->filter = new InputFilter();
$email = new Element\Email('email');
$email->setAttribute('required', true);
$email->setAttribute('placeholder', 'Email Address');
$this->add($email);
$emailFilter = new Input('email');
$emailFilter->setRequired(true);
$this->filter->add($emailFilter);
$password = new Element\Password('password');
$password->setAttribute('required', true);
$password->setAttribute('placeholder', 'Password');
$this->add($password);
$passwordFilter = new Input('password');
$passwordFilter->setRequired(true);
$passwordFilter->getValidatorChain()->attach(new AuthValidator\Authentication(array('message' => 'Invalid email address or password', 'service' => $authService, 'adapter' => $authService->getAdapter(), 'identity' => 'email', 'credential' => 'password')));
$this->filter->add($passwordFilter);
$buttons = new Form('buttons');
$buttons->setOption('twb-layout', 'inline');
$buttons->setAttribute('class', 'form-group');
$submit = new Element\Submit('submit');
$submit->setAttribute('class', 'btn-primary pull-right');
$submit->setOption('glyphicon', 'log-in');
$submit->setLabel('Log In');
$buttons->add($submit);
$forgot = new Element\Submit('forgot');
$forgot->setAttribute('formnovalidate', true);
$forgot->setAttribute('class', 'btn-warning pull-right');
$forgot->setOption('glyphicon', 'question-sign');
$forgot->setLabel('Forgot Password');
$buttons->add($forgot);
$this->add($buttons);
}
public function authenticate(array $credentials)
{
$username = $credentials['username'];
$password = $credentials['password'];
$dbAdapter = $this->serviceManager->get('Zend\\Db\\Adapter\\Adapter');
$dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'users', 'username', 'password', 'MD5(?)');
$dbTableAuthAdapter->setIdentity($username);
$dbTableAuthAdapter->setCredential($password);
$authService = new AuthenticationService();
$authService->setAdapter($dbTableAuthAdapter);
//$authService->setStorage($this->getServiceManager()->get('IdAuth\Storage'));
$authResult = $authService->authenticate();
$result = new ProviderResult();
$result->setAuthCode($authResult->getCode());
$result->setMessages($authResult->getMessages());
$result->setValid($authResult->isValid());
$result->setName('IdAuth\\Providers\\DbTable');
$config = $this->serviceManager->get('Config');
$options = $config['idAuth']['providerOptions']['DbTable'];
$result->setOptions($options);
if ($authResult->isValid()) {
$result->setIdentity($this->queryIdentity($username));
}
return $result;
}
public function logoutAction()
{
$auth = new AuthenticationService();
//$auth->setStorage(new SessionStorage("ACPLOUser"));
$auth->clearIdentity();
return $this->redirect()->toRoute('acplouser-auth');
}
public function dispatch(MvcEvent $event)
{
$request = $event->getRequest();
if ($request instanceof ConsoleRequest) {
return true;
}
$auth = new AuthenticationService();
//ALREADY LOGGED IN
// user has auth,
if ($auth->hasIdentity()) {
return true;
//NOT LOGGED IN
//
} else {
/** @var $request \Zend\Http\PhpEnvironment\Request */
$cookies = $request->getCookie();
/** @var $cookies \Zend\Http\Header\Cookie */
$userService = $this->getServiceLocator()->get('Stjornvisi\\Service\\User');
/** @var $user \Stjornvisi\Service\User */
if ($cookies && $cookies->offsetExists('backpfeifengesicht')) {
if (($user = $userService->getByHash($cookies->offsetGet('backpfeifengesicht'))) != false) {
$authAdapter = $this->getServiceLocator()->get('Stjornvisi\\Auth\\Adapter');
$authAdapter->setIdentifier($user->id);
$result = $auth->authenticate($authAdapter);
$result->isValid();
}
}
}
}
public function createService(ServiceLocatorInterface $serviceLocator)
{
$authAdapter = $serviceLocator->get("TSCore\\Auth\\Adapter");
$auth = new AuthenticationService();
$auth->setAdapter($authAdapter);
return $auth;
}
public function logoutAction()
{
$auth = new AuthenticationService();
$auth->setStorage(new SessionStorage("auth_enquete"));
$auth->clearIdentity();
$this->redirect()->toRoute("auth");
}
public function indexAction()
{
$form = new LoginForm();
$error = false;
$request = $this->getRequest();
if ($request->isPost()) {
$form->setData($request->getPost());
if ($form->isValid()) {
$data = $request->getPost()->toArray();
}
$auth = new AuthenticationService();
$sessionStorage = new SessionStorage("Application");
$auth->setStorage($sessionStorage);
$authAdapter = $this->getServiceLocator()->get('Application\\Auth\\DoctrineAdapter');
$authAdapter->setUsername($data['email'])->setPassword($data['password']);
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$sessionStorage->write($auth->getIdentity()['user'], null);
return $this->redirect()->toRoute("Application", array('controller' => 'IndexController', 'action' => 'index'));
} else {
$error = true;
}
}
return new ViewModel(array('form' => $form, 'error' => $error));
}
public function getServiceConfig()
{
return array('factories' => array('Zend\\Db\\Adapter\\Adapter' => 'Zend\\Db\\Adapter\\AdapterServiceFactory', 'SanAuth\\Model\\MyAuthStorage' => function ($sm) {
return new \SanAuth\Model\MyAuthStorage('zf_tutorial');
}, 'AuthService' => function ($sm) {
$dbTableAuthAdapter = $sm->get('TableAuthService');
$authService = new AuthenticationService();
$authService->setStorage(new \Zend\Authentication\Storage\Session('Auth'));
// $authService->setStorage($sm->get('SanAuth\Model\MyAuthStorage')); //
$authService->setAdapter($dbTableAuthAdapter);
return $authService;
}, 'AuthService2' => function ($sm) {
$dbTableAuthAdapter = $sm->get('TableAuth2Service');
$authService = new AuthenticationService();
$authService->setStorage(new \Zend\Authentication\Storage\Session('Auth'));
// $authService->setStorage($sm->get('SanAuth\Model\MyAuthStorage')); //
$authService->setAdapter($dbTableAuthAdapter);
return $authService;
}, 'TableAuthService' => function ($sm) {
$dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter');
$dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'ta_cliente', 'va_email', 'va_contrasena', 'SHA1(?)');
//
return $dbTableAuthAdapter;
}, 'TableAuth2Service' => function ($sm) {
$dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter');
$dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'ta_cliente', 'va_email', 'va_contrasena_facebook', 'SHA1(?)');
//
return $dbTableAuthAdapter;
}));
}
public function membreAction()
{
$return = null;
$identifiantMembre = (int) $this->params()->fromRoute('id', 0);
$auth = new AuthenticationService();
$logged = null;
if ($auth->hasIdentity()) {
$session = new Container('user');
$logged = $session->offsetGet('id');
}
$like = array();
$images = $this->getImageTable()->fetchAllById($identifiantMembre);
if ($logged != null) {
foreach ($images as $image) {
$isLike = $this->getLikeTable()->fetchCorrespondance($logged, $image->id);
foreach ($isLike as $isLikeTest) {
if ($isLikeTest->id != null) {
array_push($like, 'FALSE');
} else {
array_push($like, 'TRUE');
}
}
}
}
return new ViewModel(array('images' => $this->getImageTable()->fetchAllById($identifiantMembre), 'user' => $this->getUserTable()->getUser($identifiantMembre), 'like' => $like));
}
/**
* @param Request $request
* @param Response $response
* @param callable $next
* @return \Psr\Http\Message\MessageInterface|HtmlResponse
* @throws Exception
*/
public function __invoke(Request $request, Response $response, callable $next)
{
//$form = new LoginForm('Login', []);
//$form->get('submit')->setValue('Login');
if ($request->getMethod() == 'POST') {
$auth = new AuthenticationService();
$query = $request->getParsedBody();
$authAdapter = new AuthAdapter($query['login'], $query['password'], $this->authConfig);
$result = $auth->authenticate($authAdapter);
if (!$result->isValid()) {
//$response->getBody()->write("Not valid authentication\n");
//return $response->withStatus(403)->withHeader("Content-type", 'text/html');
throw new Exception("Not valid authentication\n", 403);
} else {
if ($request->getUri()->getPath() === '/auth') {
$render = $this->template->render('app::homepage');
$query = $request->getParsedBody();
$query['view']['render'] = $render;
$query['view']['code'] = 200;
$request = $request->withParsedBody($query);
}
return $next($request, $response);
}
} else {
$render = $this->template->render('app::login', ['error' => null]);
$query = $request->getParsedBody();
$query['view']['render'] = $render;
$query['view']['code'] = 200;
$request = $request->withParsedBody($query);
return $next($request, $response);
}
}
/**
* Get the user value to set on a Loggable field
*
* @param object $meta
* @param string $field
*
* @return mixed
*/
public function getUserValue($meta, $field)
{
if (empty($this->user) || !$this->user instanceof User) {
$this->user = $this->authService->getIdentity();
}
return $this->user;
}
public function logoutAction()
{
Utility::insertHistory('logout');
$auth = new AuthenticationService();
$auth->clearIdentity();
$this->redirect()->toRoute('admin/child', array('controller' => 'login'));
}
/**
* @var AuthenticationService
*/
public function __construct(AuthenticationService $authService, array $config)
{
$roles = array();
$this->authService = $authService;
$this->config = $config;
$roleKey = $this->config['identity_providers']['ldap_role_key'];
if ($this->authService->hasIdentity()) {
$rawObj = $this->authService->getIdentity()->getRawLdapObj();
$data = @unserialize($rawObj);
if ($data !== false) {
$user = unserialize($rawObj);
if (!is_null($user) || is_array($user)) {
$roles = array('user');
foreach ($user[$roleKey] as $role) {
//if (isset($definedRoles[$role]))
$roles[] = $role;
}
}
}
}
if (!is_array($roles)) {
throw new InvalidArgumentException('ZfcUserLdapRbacIdentityProvider only accepts strings or arrays');
}
$this->roles = $roles;
}
public function validAuthAcl($e)
{
$storage = new SessionStorage();
$auth = new AuthenticationService();
$auth->setStorage($storage);
//pega controller e action
$controller = $e->getTarget();
$em = $controller->getServiceLocator()->get('Doctrine\\ORM\\EntityManager');
$matchedRoute = $controller->getEvent()->getRouteMatch()->getMatchedRouteName();
$matchedController = $controller->getEvent()->getRouteMatch()->getParam('controller');
$matchedAction = $controller->getEvent()->getRouteMatch()->getParam('action', 'index');
//user logado
if ($auth->hasIdentity()) {
$arrayUser = $auth->getIdentity();
$repository = $em->getRepository("Zf2User\\Entity\\User");
$user = $repository->findOneById($arrayUser->getId());
$role = $user->getRole()->getName();
} elseif (!$auth->hasIdentity()) {
$role = 'Visit';
}
//acl
$acl = $controller->getServiceLocator()->get("Zf2Acl\\Permissions\\Acl");
if (!$acl->isAllowed($role, $matchedController, $matchedAction)) {
$e->getResponse()->setStatusCode(Response::STATUS_CODE_404);
$e->stopPropagation();
}
}
public function getServiceConfig()
{
return array('factories' => array('Admin\\Model\\AdminTable' => function ($sm) {
$tableGateway = $sm->get('AdminTableGateway');
$table = new AdminTable($tableGateway);
return $table;
}, 'AdminTableGateway' => function ($sm) {
$dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter');
$resultSetPrototype = new ResultSet();
$resultSetPrototype->setArrayObjectPrototype(new Admin());
return new TableGateway('admin', $dbAdapter, null, $resultSetPrototype);
}, 'Admin\\Model\\PlayerTable' => function ($sm) {
$tableGateway = $sm->get('PlayerTableGateway');
$table = new PlayerTable($tableGateway);
return $table;
}, 'PlayerTableGateway' => function ($sm) {
$dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter');
$resultSetPrototype = new ResultSet();
$resultSetPrototype->setArrayObjectPrototype(new Player());
return new TableGateway('player', $dbAdapter, null, $resultSetPrototype);
}, 'Admin\\Model\\MyAuthStorage' => function ($sm) {
return new \Admin\Model\MyAuthStorage('adminstore');
}, 'AuthService' => function ($sm) {
//My assumption, you've alredy set dbAdapter
//and has users table with columns : user_name and pass_word
//that password hashed with md5
$dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter');
$dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'admin', 'email', 'password', 'MD5(?)');
$authService = new AuthenticationService();
$authService->setAdapter($dbTableAuthAdapter);
$authService->setStorage($sm->get('Admin\\Model\\MyAuthStorage'));
return $authService;
}));
}
