예제 #1
0
 /**
  * Logins the user (performing the brute force attack check)
  * 
  * @param myUser $userSf
  * @param PcUser $userApp - the user trying to login
  * @param boolean $rememberme - whether the user wanted to remember the login
  * @param boolean $remembermeCookieAlreadySet - in this case, if even
  *    $rememberme is true, the cookie is not set because it is already available
  * @return boolean - false if the account is blocked because of a brute
  *         force attack detection
  */
 public static function login(myUser $userSf, PcUser $userApp, $rememberme = false, $remembermeCookieAlreadySet = false)
 {
     // Check whether the account must be block because of a
     // brute force attack detection
     $c = new Criteria();
     $c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID, Criteria::INNER_JOIN);
     $c->add(PcUserPeer::ID, $userApp->getId(), Criteria::EQUAL);
     $row = PcFailedLoginsPeer::doSelectOne($c);
     if ($row) {
         $maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold');
         $currentAttempts = $row->getTimes();
         $timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration');
         $secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt());
         if ($secondsElapsedFromLastAttempt > $timeout) {
             // reset the 'failed logins' situation for the user
             $row->delete();
         } else {
             if ($currentAttempts >= $maxAttempts) {
                 PcWatchdog::alert('Brute force attack attempt', 'For the userid ' . $row->getUserId());
                 return false;
             }
         }
     }
     $userApp->setLanguage(PcUtils::getVisitorAcceptLanguage());
     $userApp->setIpAddress(PcUtils::getVisitorIPAddress());
     $userApp->save();
     $userSf->setAuthenticated(true);
     $userSf->setAttribute('userid', $userApp->getId());
     if ($userApp->isAdmin()) {
         $userSf->addCredential('admin');
     }
     if ($userApp->isStaffMember()) {
         $userSf->addCredential('staffMember');
     }
     if ($userApp->isContractor()) {
         $userSf->addCredential('contractor');
     }
     if ($userApp->isEditor()) {
         $userSf->addCredential('editor');
     }
     if ($userApp->isTranslator()) {
         $userSf->addCredential('translator');
     }
     if ($rememberme && !$remembermeCookieAlreadySet) {
         self::setRememberMeCookie($userSf, $userApp);
     } else {
         if (!$rememberme) {
             // the user may login a second time (while still logged in because of forum integration problems), without
             // ticking the rememberme checkbox
             self::resetRememberMeCookie();
         } else {
             // if $rememberme and $remembermeCookieAlreadySet
             // are both true we don't need to do anything
         }
     }
     sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent('CustomAuthLogin', 'custom_auth.login', array('user' => $userApp, 'rememberme' => $rememberme)));
     return true;
 }
예제 #2
0
 /**
  * Register a new user
  *
  * @param string $email - the email address
  * @param string $password - the plain password (no encryption)
  * @param string $lang - if it is null or empty, the language will be detected from the header of the request
  * @param string $preferredLang - this should be a 2-char abbreviation of the lang the user wants,
  *         among the ones in the main app.yml config file
  * @param string $tzLabel - a timezone label as in the PcTimezone db table
  * @param integer $dstOn (1 or 0) - whether or not the dst for the user is on
  * @param boolen $joinNewsletter(=false) - whether the user decided to join our newsletter
  * @param boolen $sendActivationEmail(=true) - whether to send the activation email  
  * @return boolean|PcUser false is a user with that email already exists, the PcUser object otherwise
  */
 public static function registerNewUser($email, $password, $lang, $preferredLang, $tzLabel, $dstOn, $joinNewsletter = false, $sendActivationEmail = true)
 {
     if (self::emailExist($email)) {
         return false;
     }
     $newUser = new PcUser();
     $newUser->setEmail($email);
     $newUser->setPassword($password);
     $newUser->setAwaitingActivation(1);
     if ($joinNewsletter) {
         $newUser->setNewsletter(1);
     }
     $newUser->save();
     // Dealing with timezone
     $newUser->setDstActive($dstOn);
     $c = new Criteria();
     $c->add(PcTimezonePeer::LABEL, $tzLabel, Criteria::EQUAL);
     $timezone = PcTimezonePeer::doSelectOne($c);
     if (!is_object($timezone)) {
         // set to a default one
         $timezone = PcTimezonePeer::retrieveByPK(21);
     }
     $newUser->setTimezoneId($timezone->getId());
     // Dealing with formats
     // _ time format: the countries with the majority of our users are using the
     //   12H format, thus we can leave the default
     // _ for the date format we check whether they are in USA
     // _ for the first day of the week, we check whether they are in USA
     $dateFormatId = 3;
     $weekStart = 1;
     // from Monday
     $tzOffset = $timezone->getOffset();
     if ($tzOffset <= -300 && $tzOffset >= -450) {
         $dateFormatId = 4;
         $weekStart = 0;
         // from Sunday
     }
     $newUser->setDateFormat($dateFormatId);
     $newUser->setWeekStart($weekStart);
     if ($lang != null && $lang !== '') {
         $newUser->setLanguage($lang);
     } else {
         $newUser->setLanguage(PcUtils::getVisitorAcceptLanguage());
     }
     $availableLangs = PcLanguagePeer::getAvailableLanguageAbbreviations();
     if (in_array($preferredLang, $availableLangs)) {
         $newUser->setPreferredLanguage($preferredLang);
     } else {
         $newUser->setPreferredLanguage(SfConfig::get('app_site_defaultLang'));
     }
     $newUser->setIpAddress(PcUtils::getVisitorIPAddress());
     if ($sessionEntryPoint = sfContext::getInstance()->getUser()->getAttribute('session_entry_point')) {
         $newUser->setSessionEntryPoint($sessionEntryPoint);
     }
     if ($sessionReferral = sfContext::getInstance()->getUser()->getAttribute('session_referral')) {
         $newUser->setSessionReferral($sessionReferral);
     }
     $newUser->save();
     // Creating system lists
     $inboxList = new PcList();
     $inboxList->setIsInbox(1)->setTitle(__('ACCOUNT_LISTS_INBOX'))->setCreator($newUser)->save();
     $todoList = new PcList();
     $todoList->setIsTodo(1)->setTitle(__('ACCOUNT_LISTS_TODO'))->setCreator($newUser)->save();
     // Creating default contexts
     $context = new PcUsersContexts();
     $context->setPcUser($newUser)->setContext(__('ACCOUNT_TAGS_DEFAULT_HOME'))->save();
     $context = new PcUsersContexts();
     $context->setPcUser($newUser)->setContext(__('ACCOUNT_TAGS_DEFAULT_ERRANDS'))->save();
     $context = new PcUsersContexts();
     $context->setPcUser($newUser)->setContext(__('ACCOUNT_TAGS_DEFAULT_COMPUTER'))->save();
     // Creating some tasks for the inbox
     $newUser->addToInbox(__('ACCOUNT_MISC_WELCOME_TASK'));
     // creating Plancake email address
     $newUser->generateAndStorePlancakeEmailAddress();
     // I need to use a token for the activation of their account
     $token = '';
     $c = new Criteria();
     $c->add(PcActivationTokenPeer::USER_ID, $newUser->getId(), Criteria::EQUAL);
     $tokenEntry = PcActivationTokenPeer::doSelectOne($c);
     if (is_object($tokenEntry)) {
         $token = $tokenEntry->getToken();
     } else {
         $secret = sfConfig::get('app_registration_secret');
         // token doesn't need to be 32-char long. It is better to keep it short
         // so there will be less chance the email client will break the link into 2 lines
         $token = substr(md5($newUser->getId() . $secret . time()), 0, 14);
         $tokenEntry = new PcActivationToken();
         $tokenEntry->setUserId($newUser->getId());
         $tokenEntry->setToken($token);
         $tokenEntry->save();
     }
     // now we can send the email
     if ($sendActivationEmail) {
         $link = sfContext::getInstance()->getController()->genUrl('@activation?t=' . $token, true);
         $from = sfConfig::get('app_emailAddress_contact');
         $subject = 'Plancake - ' . __('WEBSITE_REGISTRATION_EMAIL_SUBJECT');
         $body = sprintf(__('WEBSITE_REGISTRATION_EMAIL_BODY'), $link);
         PcUtils::sendEmail($email, $subject, $body, $from);
     }
     $newUser->refreshLatestBlogAccess();
     sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent($newUser, 'user.sign_up', array('user' => $newUser, 'plainPassword' => $password)));
     return $newUser;
 }