/** * Perform an authentication check on this request * * @param MvcEvent $e */ public function checkAuthentication(MvcEvent $e) { $request = $this->getRequest($e); // make sure we have a request object $controller_map = $request->getControllerMap(); // make sure we have a controller map $restricted = $controller_map->isRestricted(); $requires_login = $controller_map->requiresLogin(); // get user from session $user = $request->getUser(); // this action requires authentication if ($restricted || $requires_login) { $redirect_to_login = false; // this action requires a logged-in user, but user is not logged-in if ($requires_login && !$user->isAuthenticated()) { $redirect_to_login = true; } elseif ($restricted && !$user->isAuthenticated() && !$user->isInLocalIpRange()) { $redirect_to_login = true; } // redirect to login page if ($redirect_to_login == true) { $params = array('controller' => 'authenticate', 'action' => 'login', 'return' => $this->request->server()->get('REQUEST_URI')); $url = $request->url_for($params); $response = new HttpResponse(); $response->headers()->addHeaderLine('Location', $url); $response->setStatusCode(302); return $response; } } }
public function checkAuthentication(MvcEvent $e) { $request = $this->getRequest($e); // make sure we have a request object $controller_map = $request->getControllerMap(); // make sure we have a controller map $restricted = $controller_map->isRestricted(); $requires_login = $controller_map->requiresLogin(); // get user from session $user = $request->getUser(); ##### xerxes 1 transition hack @todo remove this if ($user->isLocal() || $user->isGuest()) { foreach ($_COOKIE as $key => $value) { if (strstr($key, 'xerxessession')) { if ($user->username != $value) { $username = Parser::removeRight($user->username, '@'); $request->setSessionData("username", $username . '@' . $value); $user = $request->getUser(); } break; } } } ###### end hack // this action requires authentication if ($restricted || $requires_login) { $redirect_to_login = false; // this action requires a logged-in user, but user is not logged-in if ($requires_login && !$user->isAuthenticated()) { $redirect_to_login = true; } elseif ($restricted && !$user->isAuthenticated() && !$user->isInLocalIpRange()) { $redirect_to_login = true; } // redirect to login page if ($redirect_to_login == true) { $params = array('controller' => 'authenticate', 'action' => 'login', 'return' => $this->request->server()->get('REQUEST_URI')); $url = $request->url_for($params); $response = new HttpResponse(); $response->headers()->addHeaderLine('Location', $url); $response->setStatusCode(302); return $response; } } }