/** * Logs a user in using the RiverID method. * * @param string username * @param string password * @param boolean enable auto-login * @param string email * @param object a riverid object, not required * @return boolean */ public function login_riverid($user, $password, $remember, $email, $riverid = false) { // First check for exemptions if (!is_object($user)) { // Load the user $user = ORM::factory('user', $user); } if (isset($user->id) and in_array($user->id, kohana::config('riverid.exempt'))) { // Looks like this is an exempted account return $this->login_standard($user, $password, $remember); } // Get down to business since there were no exemptions if ($riverid == false) { $riverid = new RiverID(); $riverid->email = $email; $riverid->password = $password; } $is_registered = $riverid->is_registered(); // See if the request even fired off. if ($riverid->error) { throw new Exception($riverid->error[0]); } if ($is_registered == true) { // RiverID is registered on RiverID Server if ($riverid->authenticated != true) { // Attempt to sign in if our riverid object hasn't already authenticated $riverid->signin(); } if ($riverid->authenticated == true) { // Correct email/pass // Collect the RiverID user_id and connect that with a user in the local system $user = User_Model::get_user_by_river_id($riverid->user_id); if (!$user->id) { // User not found locally with that RiverID, we need to see if they are already registered // and convert their account or add them as a new user to the system // This may be a brand new user, but we need to figure out if // the email has already been registered $user = User_Model::get_user_by_email($riverid->email); if (!$user->id) { // Email isn't in our system, create a new user. $user = User_Model::create_user($riverid->email, $riverid->password, $riverid->user_id); } else { // Email already exists. Put the RiverID on that account. $user->riverid = $riverid->user_id; $user->save(); } } else { // We authenticated and we matched a RiverID, lets just makes sure the email // addresses are both up to date if ($user->email != $riverid->email) { // We don't have a match for this user account. We need to see if we should // be updating this account by first checking to see if another account // already uses this email address $user_check = User_Model::get_user_by_email($riverid->email); if (!$user_check->id) { $user->email = $riverid->email; $user->username = $riverid->email; $user->save(); } else { // Conflicting accounts // TODO: Figure out what to do when we need to update an email address on // one account but it's already in use on another. } } } // Now that we have our user account tied to their RiverID, approve their authentication return $this->perform_login($user, $remember, $riverid); } else { // Incorrect email/pass, but registered on RiverID. Failed login. if ($riverid->error) { throw new Exception($riverid->error[0]); } return FALSE; } } else { // Email is not registerd on RiverID Server, could be registered locally // First see if they used the correct user/pass on their local account $user = User_Model::get_user_by_email($riverid->email); if (!$user->id) { // User doesn't exist locally or on RiverID. Fail login. if ($riverid->error) { throw new Exception($riverid->error[0]); } return FALSE; } else { // User exists locally but doesn't yet exist on the RiverID server // Check if they got the password correct if ($user->has(ORM::factory('role', 'login')) and User_Model::check_password($user->id, $password, TRUE)) { // Correct password! Create RiverID account $riverid->register(); // If something went wrong with registration, catch it here if ($riverid->error) { throw new Exception($riverid->error[0]); } // Our user is now registered, let's assign the riverid user to the db. $user->riverid = $riverid->user_id; // Now lets sign them in $riverid->signin(); // If something went wrong with signin, catch it here if ($riverid->error) { throw new Exception($riverid->error[0]); } return $this->perform_login($user, $remember, $riverid); } else { // Incorrect user/pass. Fail login. if ($riverid->error) { throw new Exception($riverid->error[0]); } return FALSE; } } } }
/** * Checks if current password being passed is correct * @param Validation $post $_POST variable with validation rules */ public function current_pw_valid_chk(Validation $post) { if (array_key_exists('current_password', $post->errors())) { return; } $user = User_Model::get_user_by_email($post->email); if (!User_Model::check_password($user->email, $post->current_password)) { $post->add_error('current_password', 'incorrect'); } }