function session_login($user, $openidData) { if (!$user) { $user = Model::factory('User')->create(); } if (!$user->identity) { $user->identity = $openidData['identity']; } if (!$user->openidConnectSub && isset($openidData['sub'])) { $user->openidConnectSub = $openidData['sub']; } if (!$user->nick && isset($openidData['nickname'])) { $user->nick = $openidData['nickname']; } if (isset($openidData['fullname'])) { $user->name = $openidData['fullname']; } if (isset($openidData['email'])) { $user->email = $openidData['email']; } $user->password = null; // no longer necessary after the first OpenID login $user->save(); session_setVariable('user', $user); $cookie = Model::factory('Cookie')->create(); $cookie->userId = $user->id; $cookie->cookieString = util_randomCapitalLetterString(12); $cookie->save(); setcookie("prefs[lll]", $cookie->cookieString, time() + ONE_MONTH_IN_SECONDS, '/'); log_userLog('Logged in, IP=' . $_SERVER['REMOTE_ADDR']); util_redirect(util_getWwwRoot()); }
$data['identity'] = $provider; if (isset($data['name'])) { $data['fullname'] = $data['name']; } $user = User::get_by_identity_openidConnectSub($provider, $data['sub']); if (!$user && $oidc->getPlainOpenid()) { // This may be the first time the user logs in after the migration from // OpenID 2.0 to OpenID Connect. $user = User::get_by_identity($oidc->getPlainOpenid()); if ($user) { $user->identity = null; // session_login will overwrite it } } if ($user) { session_login($user, $data); } else { // First time logging in, must claim an existing account or create a new one // TODO this duplicates code in revenireOpenid.php $user = isset($data['email']) ? User::get_by_email($data['email']) : null; $loginType = $user ? 0 : (isset($data['fullname']) ? 1 : (isset($data['nickname']) ? 2 : 3)); // Store the identity in a temporary file. Don't print it in the form, because then it can be faked on the next page. $randString = util_randomCapitalLetterString(20); FileCache::put($randString, $data); SmartyWrap::assign('page_title', 'Autentificare cu OpenID'); SmartyWrap::assign('suggestHiddenSearchForm', true); SmartyWrap::assign('data', $data); SmartyWrap::assign('randString', $randString); SmartyWrap::assign('loginType', $loginType); SmartyWrap::display('auth/chooseIdentity.ihtml'); }
function authenticate($clientId, $secret) { $this->fetchWellKnownConfig(); if (!$clientId || !$secret) { throw new OpenIDException('Autentificare eșuată.'); } $url = $this->wellKnownConfig['authorization_endpoint']; $nonce = util_randomCapitalLetterString(32); $state = util_randomCapitalLetterString(32); session_setVariable('openid_connect_nonce', $nonce); session_setVariable('openid_connect_state', $state); session_setVariable('openid_connect_provider', $this->provider); session_setVariable('openid_connect_client', $clientId); session_setVariable('openid_connect_secret', $secret); $params = array('client_id' => $clientId, 'openid.realm' => util_getFullServerUrl(), 'nonce' => $nonce, 'redirect_uri' => $this->getReturnTo(), 'response_type' => 'code', 'scope' => 'openid email', 'state' => $state); $url .= '?' . http_build_query($params, null, '&'); util_redirect($url); }
SmartyWrap::assign('identity', $identity); SmartyWrap::assign('email', $email); SmartyWrap::assign('page_title', 'Parolă uitată'); SmartyWrap::assign('suggestHiddenSearchForm', true); if ($submitButton) { if (!$email) { FlashMessage::add('Trebuie să introduceți o adresă de e-mail.'); SmartyWrap::display('auth/parola-uitata.ihtml'); } else { $user = User::get_by_email($email); if ($user) { log_userLog("Password recovery requested for {$email} from " . $_SERVER['REMOTE_ADDR']); // Create the token $pt = Model::factory('PasswordToken')->create(); $pt->userId = $user->id; $pt->token = util_randomCapitalLetterString(20); $pt->save(); // Send email SmartyWrap::assign('homePage', util_getFullServerUrl()); SmartyWrap::assign('token', $pt->token); $body = SmartyWrap::fetch('email/resetPassword.ihtml'); $ourEmail = Config::get('global.contact'); $headers = array("From: DEX online <{$ourEmail}>", "Reply-To: {$ourEmail}", 'Content-Type: text/plain; charset=UTF-8'); $result = mail($email, "Schimbarea parolei pentru DEX online", $body, implode("\r\n", $headers)); } // Display a confirmation even for incorrect addresses. SmartyWrap::display('auth/passwordRecoveryEmailSent.ihtml'); } } else { SmartyWrap::display('auth/parola-uitata.ihtml'); }