예제 #1
0
 /**
  * Account sign in form processing.
  *
  * @return Redirect
  */
 public function login(Request $request)
 {
     $validator = $this->validator(Input::all());
     if ($validator->fails()) {
         return redirect()->back()->withInput()->withErrors($validator);
     }
     // Should we even check for LDAP users?
     if (Setting::getSettings()->ldap_enabled == '1') {
         LOG::debug("LDAP is enabled.");
         // Check if the user exists in the database
         $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
         LOG::debug("Local auth lookup complete");
         try {
             Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
             LOG::debug("Binding user to LDAP.");
         } catch (\Exception $e) {
             LOG::debug("User " . Input::get('username') . ' did not authenticate successfully against LDAP.');
             //$ldap_error = $e->getMessage();
             // return redirect()->back()->withInput()->with('error',$e->getMessage());
         }
         // The user does not exist in the database. Try to get them from LDAP.
         // If user does not exist and authenticates sucessfully with LDAP we
         // will create it on the fly and sign in with default permissions
         if (!$user) {
             LOG::debug("Local user " . Input::get('username') . " does not exist");
             try {
                 if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
                     LOG::debug("Creating local user " . Input::get('username'));
                     if ($newuser = Ldap::createUserFromLdap($userattr)) {
                         LOG::debug("Local user created..");
                     } else {
                         LOG::debug("Could not create local user.");
                     }
                 } else {
                     LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
                 }
             } catch (\Exception $e) {
                 return redirect()->back()->withInput()->with('error', $e->getMessage());
             }
             // If the user exists and they were imported from LDAP already
         } else {
             LOG::debug("Local user " . Input::get('username') . " exists in database. Authenticating existing user against LDAP.");
             if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
                 $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
                 LOG::debug("Valid LDAP login. Updating the local data.");
                 $user->password = bcrypt($request->input('password'));
                 $user->email = $ldap_attr['email'];
                 $user->first_name = $ldap_attr['firstname'];
                 $user->last_name = $ldap_attr['lastname'];
                 $user->save();
             } else {
                 LOG::debug("User " . Input::get('username') . " did not authenticate correctly against LDAP. Local user was not updated.");
             }
             // End LDAP auth
         }
         // End if(!user)
         // NO LDAP enabled - just try to login the user normally
     }
     LOG::debug("Authenticating user against database.");
     // Try to log the user in
     if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
         LOG::debug("Local authentication failed.");
         // throw new Cartalyst\Sentry\Users\UserNotFoundException();
         return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
     }
     // Get the page we were before
     $redirect = \Session::get('loginRedirect', 'home');
     // Unset the page we were before from the session
     \Session::forget('loginRedirect');
     // Redirect to the users page
     return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
     // Ooops.. something went wrong
     return redirect()->back()->withInput()->withErrors($this->messageBag);
 }
예제 #2
0
파일: Ldap.php 프로젝트: jbirdkerr/snipe-it
 /**
  * Create user from LDAP attributes
  *
  * @author [A. Gianotto] [<*****@*****.**>]
  * @since [v3.0]
  * @param $ldapatttibutes
  * @return array|bool
  */
 static function createUserFromLdap($ldapatttibutes)
 {
     $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
     // Create user from LDAP data
     if (!empty($item["username"])) {
         $user = new User();
         $user->first_name = $item["firstname"];
         $user->last_name = $item["lastname"];
         $user->username = $item["username"];
         $user->email = $item["email"];
         if (Setting::getSettings()->ldap_pw_sync == '1') {
             $user->password = bcrypt(Input::get("password"));
         } else {
             $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
             $user->password = bcrypt($pass);
         }
         $user->activated = 1;
         $user->ldap_import = 1;
         $user->notes = 'Imported on first login from LDAP';
         if ($user->save()) {
             return true;
         } else {
             LOG::debug('Could not create user.' . $user->getErrors());
             exit;
         }
     }
     return false;
 }
예제 #3
0
파일: Ldap.php 프로젝트: dmeltzer/snipe-it
 /**
  * Create user from LDAP attributes
  *
  * @author [A. Gianotto] [<*****@*****.**>]
  * @since [v3.0]
  * @param $ldapatttibutes
  * @return array|bool
  */
 static function createUserFromLdap($ldapatttibutes)
 {
     $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
     // Create user from LDAP data
     if (!empty($item["username"])) {
         $user = new User();
         $user->first_name = $item["firstname"];
         $user->last_name = $item["lastname"];
         $user->username = $item["username"];
         $user->email = $item["email"];
         $user->password = bcrypt(Input::get("password"));
         $user->activated = 1;
         $user->ldap_import = 1;
         $user->notes = 'Imported on first login from LDAP';
         if ($user->save()) {
             return true;
         } else {
             LOG::debug('Could not create user.' . $user->getErrors());
             exit;
         }
     }
     return false;
 }
예제 #4
0
 /**
  * Account sign in form processing.
  *
  * @return Redirect
  */
 public function postSignin()
 {
     // Declare the rules for the form validation
     $rules = array('username' => 'required', 'password' => 'required');
     // Create a new validator instance from our validation rules
     $validator = Validator::make(Input::all(), $rules);
     // If validation fails, we'll exit the operation now.
     if ($validator->fails()) {
         // Ooops.. something went wrong
         return Redirect::back()->withInput()->withErrors($validator);
     }
     try {
         /**
          * =================================================================
          * Hack in LDAP authentication
          */
         // Try to get the user from the database.
         $user = (array) DB::table('users')->where('username', Input::get('username'))->first();
         if ($user && strpos($user["notes"], 'LDAP') !== false) {
             LOG::debug("Authenticating user against LDAP.");
             if ($this->ldap(Input::get('username'), Input::get('password'))) {
                 LOG::debug("valid login");
                 $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10);
                 $user = Sentry::findUserByLogin(Input::get('username'));
                 $user->password = $pass;
                 $user->save();
                 $credentials = array('username' => Input::get('username'), 'password' => $pass);
                 Sentry::authenticate($credentials, Input::get('remember-me', 0));
             } else {
                 throw new Cartalyst\Sentry\Users\UserNotFoundException();
             }
         } else {
             LOG::debug("Authenticating user against database.");
             // Try to log the user in
             Sentry::authenticate(Input::only('username', 'password'), Input::get('remember-me', 0));
         }
         // Get the page we were before
         $redirect = Session::get('loginRedirect', 'account');
         // Unset the page we were before from the session
         Session::forget('loginRedirect');
         // Redirect to the users page
         return Redirect::to($redirect)->with('success', Lang::get('auth/message.signin.success'));
     } catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
         $this->messageBag->add('username', Lang::get('auth/message.account_not_found'));
     } catch (Cartalyst\Sentry\Users\UserNotActivatedException $e) {
         $this->messageBag->add('username', Lang::get('auth/message.account_not_activated'));
     } catch (Cartalyst\Sentry\Throttling\UserSuspendedException $e) {
         $this->messageBag->add('username', Lang::get('auth/message.account_suspended'));
     } catch (Cartalyst\Sentry\Throttling\UserBannedException $e) {
         $this->messageBag->add('username', Lang::get('auth/message.account_banned'));
     }
     // Ooops.. something went wrong
     return Redirect::back()->withInput()->withErrors($this->messageBag);
 }
예제 #5
0
 /**
  * @brief 返回经过缩放后的图片数据
  *
  * reference: http://php.net/manual/zh/function.imagejpeg.php
  */
 public static function scaleImageFileToBlob($param)
 {
     $source_pic = $param['path'];
     $max_width = $param['width'];
     $max_height = $param['height'];
     list($width, $height, $image_type) = getimagesize($source_pic);
     switch ($image_type) {
         case 1:
             $src = imagecreatefromgif($source_pic);
             break;
         case 2:
             $src = imagecreatefromjpeg($source_pic);
             break;
         case 3:
             $src = imagecreatefrompng($source_pic);
             break;
         default:
             return '';
             break;
     }
     $x_ratio = $max_width / $width;
     $y_ratio = $max_height / $height;
     if ($width <= $max_width && $height <= $max_height) {
         $tn_width = $width;
         $tn_height = $height;
     } else {
         if ($x_ratio * $height < $max_height) {
             $tn_height = ceil($x_ratio * $height);
             $tn_width = $max_width;
         } else {
             $tn_width = ceil($y_ratio * $width);
             $tn_height = $max_height;
         }
     }
     LOG::debug('tn_width=' . $tn_width);
     LOG::debug('tn_height=' . $tn_width);
     $tmp = imagecreatetruecolor($tn_width, $tn_height);
     /* Check if this image is PNG or GIF, then set if Transparent*/
     if ($image_type == 1 or $image_type == 3) {
         imagealphablending($tmp, false);
         imagesavealpha($tmp, true);
         $transparent = imagecolorallocatealpha($tmp, 255, 255, 255, 127);
         imagefilledrectangle($tmp, 0, 0, $tn_width, $tn_height, $transparent);
     }
     imagecopyresampled($tmp, $src, 0, 0, 0, 0, $tn_width, $tn_height, $width, $height);
     /*
      * imageXXX() only has two options, save as a file, or send to the browser.
      * It does not provide you the oppurtunity to manipulate the final GIF/JPG/PNG file stream
      * So I start the output buffering, use imageXXX() to output the data stream to the browser, 
      * get the contents of the stream, and use clean to silently discard the buffered contents.
      */
     ob_start();
     switch ($image_type) {
         case 1:
             imagegif($tmp);
             break;
         case 2:
             imagejpeg($tmp, NULL, 75);
             break;
             // best quality
         // best quality
         case 3:
             imagepng($tmp, NULL, 8);
             break;
             // no compression
         // no compression
         default:
             echo '';
             break;
     }
     $final_image = ob_get_contents();
     ob_end_clean();
     return $final_image;
 }
예제 #6
0
파일: filters.php 프로젝트: rurix2/snipe-it
        return Redirect::route('signin');
    }
    // Check if the user has access to the admin pages
    if (!Sentry::getUser()->hasAccess('reports')) {
        LOG::debug('Unsufficient permissions');
        // Show the insufficient permissions page
        return Redirect::route('profile')->with("error", "You do not have permission to view this page.");
    }
});
Route::filter('backup-auth', function () {
    if (!Sentry::getUser()->isSuperUser()) {
        LOG::debug('Not a super admin');
        return Redirect::route('home')->with('error', Lang::get('general.insufficient_permissions'));
    }
});
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
    if (Session::token() != Input::get('_token')) {
        LOG::debug('No CSRF token');
        throw new Illuminate\Session\TokenMismatchException();
    }
});
예제 #7
0
 /**
  * Account sign in form processing.
  *
  * @return Redirect
  */
 public function postSignin()
 {
     // Declare the rules for the form validation
     $rules = array('username' => 'required', 'password' => 'required');
     // Create a new validator instance from our validation rules
     $validator = Validator::make(Input::all(), $rules);
     // If validation fails, we'll exit the operation now.
     if ($validator->fails()) {
         // Ooops.. something went wrong
         return Redirect::back()->withInput()->withErrors($validator);
     }
     try {
         // Should we even check for LDAP users?
         if (Setting::getSettings()->ldap_enabled == '1') {
             LOG::debug("LDAP is enabled.");
             // Check if the user exists in the database
             $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
             LOG::debug("Sentry lookup complete");
             // The user does not exist in the database. Try to get them from LDAP.
             // If user does not exist and authenticates sucessfully with LDAP we
             // will create it on the fly and sign in with default permissions
             if (!$user) {
                 LOG::debug("Local user " . Input::get('username') . " does not exist");
                 if ($userattr = $this->ldap(Input::get('username'), Input::get('password'), true)) {
                     LOG::debug("Creating local user from authenticated LDAP user.");
                     $credentials = $this->createUserFromLdap($userattr);
                 } else {
                     LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
                 }
                 // If the user exists and they were imported from LDAP already
             } else {
                 LOG::debug("Local user " . Input::get('username') . " exists in database. Authenticating existing user against LDAP.");
                 if ($this->ldap(Input::get('username'), Input::get('password'))) {
                     LOG::debug("Valid LDAP login. Updating the local data.");
                     $sentryuser = Sentry::findUserById($user->id);
                     //need the Sentry object, not the Eloquent object, to access critical password hashing functions
                     $sentryuser->password = Input::get('password');
                     $sentryuser->save();
                 } else {
                     LOG::debug("User did not authenticate correctly against LDAP. Local user was not updated.");
                 }
                 // End LDAP auth
             }
             // End if(!user)
             // NO LDAP enabled - just try to login the user normally
         }
         LOG::debug("Authenticating user against database.");
         // Try to log the user in
         if (!Sentry::authenticate(Input::only('username', 'password'), Input::get('remember-me', 0))) {
             LOG::debug("Local authentication failed.");
             throw new Cartalyst\Sentry\Users\UserNotFoundException();
         }
         // Get the page we were before
         $redirect = Session::get('loginRedirect', 'account');
         // Unset the page we were before from the session
         Session::forget('loginRedirect');
         // Redirect to the users page
         return Redirect::to($redirect)->with('success', Lang::get('auth/message.signin.success'));
     } catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
         LOG::debug("Local authentication: User " . Input::get('username') . " not found");
         $this->messageBag->add('username', Lang::get('auth/message.account_not_found'));
     } catch (Cartalyst\Sentry\Users\WrongPasswordException $e) {
         LOG::debug("Local authentication: Password for " . Input::get('username') . " is incorrect.");
         $this->messageBag->add('username', Lang::get('auth/message.account_not_found'));
     } catch (Cartalyst\Sentry\Users\UserNotActivatedException $e) {
         LOG::debug("Local authentication: User not activated");
         $this->messageBag->add('username', Lang::get('auth/message.account_not_activated'));
     } catch (Cartalyst\Sentry\Throttling\UserSuspendedException $e) {
         LOG::debug("Local authentication: Account suspended");
         $this->messageBag->add('username', Lang::get('auth/message.account_suspended'));
     } catch (Cartalyst\Sentry\Throttling\UserBannedException $e) {
         LOG::debug("Local authentication: Account banned.");
         $this->messageBag->add('username', Lang::get('auth/message.account_banned'));
     }
     // Ooops.. something went wrong
     return Redirect::back()->withInput()->withErrors($this->messageBag);
 }