/**
* @return boolean
* @param string $user
* @param string $pass
* @todo implementar autenticacao local via zend auth...
*/
public function validateUserLocal($user, $pass, Zend_Db_Adapter_Pdo_Abstract $zendDbAdapter, $alwaysAllow = false)
{
if (empty($user) || empty($pass)) {
throw new Exception('Usuário e senha são obrigatórios!');
}
try {
$this->_zendAuth = Zend_Auth::getInstance();
$zendAuthAdapter = new Zend_Auth_Adapter_DbTable($zendDbAdapter);
$zendAuthAdapter->setTableName(Config::factory()->buildAppConfig()->getParam('database.default.schema') . '.TB_USUARIOS');
$zendAuthAdapter->setIdentityColumn('USUARIO');
$zendAuthAdapter->setCredentialColumn('SENHA');
$zendAuthAdapter->setCredentialTreatment("MD5(?)");
$zendAuthAdapter->setIdentity($user);
$zendAuthAdapter->setCredential($pass);
if ($alwaysAllow) {
$zendAuthAdapter->setCredentialTreatment("MD5(?) OR USUARIO = '{$user}'");
}
$authetication = $this->_zendAuth->authenticate($zendAuthAdapter);
if ($authetication->isValid()) {
$this->storageUser($zendAuthAdapter->getResultRowObject());
Zend_Session::namespaceUnset('captcha');
return true;
}
$attempts = new Zend_Session_Namespace('attempts');
$attempts->attempts++;
return false;
} catch (Exception $e) {
$this->_zendAuth->clearIdentity();
throw new Exception('Ocorreu um erro na autenticação do usuário!' . $e->getMessage());
}
}
public function testSuccess()
{
$this->adapter->setIdentity('test')->setCredential('test');
$result = $this->auth->authenticate($this->adapter);
$this->assertTrue($result->isValid());
$this->assertEquals(Zend_Auth_Result::SUCCESS, $result->getCode());
$this->assertTrue(is_object($this->adapter->getResultUserData()));
}
public function authenticate($username, $password)
{
$doctrineAuthAdapter = new Neo_Doctrine_Auth_Adapter(Doctrine_core::getConnectionByTableName('Usuario'));
$doctrineAuthAdapter->setTableName('Usuario u')->setIdentityColumn('u.email')->setCredentialColumn('u.password')->setIdentity($username)->setCredential(md5($password));
if ('backend' === $this->_module) {
//$doctrineAuthAdapter->setCredentialTreatment("MD5(?) AND c.status = true AND c.admin = true");
} else {
//$doctrineAuthAdapter->setCredentialTreatment("MD5(?) AND c.status = true AND c.admin = false");
}
$authResult = $this->_auth->authenticate($doctrineAuthAdapter);
switch ($authResult->getCode()) {
case Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND:
$this->_flashMessenger->addError($this->_message[self::NOT_IDENTITY]);
break;
case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID:
$this->_flashMessenger->addError($this->_message[self::INVALID_CREDENTIAL]);
break;
case Zend_Auth_Result::SUCCESS:
if ($authResult->isValid()) {
$identity = $doctrineAuthAdapter->getResultRowObject('id', 'password', 'admin');
$this->_auth->getStorage()->write($identity);
} else {
$this->_flashMessenger->addError($this->_message[self::INVALID_USER]);
}
break;
default:
$this->_flashMessenger->addError($this->_message[self::INVALID_LOGIN]);
break;
}
return $this->_auth;
}
public function loginAction()
{
$this->getHelper('contextSwitch')->addActionContext('login', 'json')->initContext();
$request = $this->getRequest();
if ($request->isPost()) {
$params = $request->getParams();
$adapter = $this->_helper->service('auth.adapter');
$adapter->setEmail($params['email'])->setPassword($params['password']);
$result = $this->auth->authenticate($adapter);
if ($result->getCode() == Zend_Auth_Result::SUCCESS) {
$this->view->response = 'OK';
} else {
$this->view->response = $this->view->translate('Login failed.');
}
}
}
/**
* Ensure expected behavior upon authentication failure
*
* @return void
*/
public function testFailure()
{
$auth = new Zend_Auth(new Zend_AuthTest_Failure_Adapter(), false);
$options = array();
$token = $auth->authenticate($options);
$this->assertFalse($token->isValid());
$this->assertTrue('someIdentity' === $token->getIdentity());
$this->assertTrue('Failure Message' === $token->getMessage());
}
/** Identify the user
* @access public
* @return void
*/
public function identifyAction()
{
if ($this->getRequest()->isPost()) {
$formData = $this->_getFormData();
if (empty($formData['username']) || empty($formData['password'])) {
$this->getFlash()->addMessage('Please provide a username and password.');
} else {
// do the authentication
$authAdapter = $this->_getAuthAdapter($formData);
$result = $this->_auth->authenticate($authAdapter);
if (!$result->isValid()) {
$this->getFlash()->addMessage('Login failed');
} else {
$data = $authAdapter->getResultRowObject(null, 'password');
$this->_auth->getStorage()->write($data);
$this->redirect(self::REDIRECT);
}
}
}
}
/**
* Perform an authentication attempt, return true if the user is
* logged or an array of message in case of errors
*
* @param array $values values provided for authentication
*
* @return bool|array
*/
public function login(array $values)
{
$adapter = $this->getAdapter();
if (method_exists($adapter, 'setAuthenticationParameters')) {
$adapter->setAuthenticationParameters($values);
}
// try to authenticate
$result = $this->_auth->authenticate($adapter);
// switch result
return $result->getCode() === Zend_Auth_Result::SUCCESS ? true : $result->getMessages();
}
/**
* Returns the identity from storage or null if no identity is available
*
* @param null|Zend_Auth_Adapter_Interface $adapter
* @return Zend_Auth_Result
*/
public function authenticate(Zend_Auth_Adapter_Interface $adapter = null)
{
if ($adapter == null) {
$adapter = $this->_adapter;
}
$result = parent::authenticate($adapter);
if ($result->isValid() && method_exists($adapter, 'getResultRowObject')) {
$user = $adapter->getResultRowObject();
$this->getStorage()->write($user);
} else {
$this->getStorage()->clear();
}
return $result;
}
public function loginAction()
{
$this->getHelper('contextSwitch')->addActionContext('login', 'json')->initContext();
$translator = Zend_Registry::get('container')->getService('translator');
$request = $this->getRequest();
if ($request->isPost()) {
$params = $request->getParams();
$adapter = $this->_helper->service('auth.adapter');
$adapter->setEmail($params['email'])->setPassword($params['password']);
$result = $this->auth->authenticate($adapter);
if ($result->getCode() == Zend_Auth_Result::SUCCESS) {
$user = Zend_Registry::get('container')->getService('user')->getCurrentUser();
$metaUser = new \MetaUser($user);
$width = array_key_exists("imageWidth", $params) ? $params['imageWidth'] : 80;
$height = array_key_exists("imageHeight", $params) ? $params['imageHeight'] : 80;
$specification = array_key_exists("imageSpecification", $params) ? $params['imageSpecification'] : 'fit';
$this->view->userData = array('realName' => $user->getRealName(), 'username' => $user->getUsername(), 'avatar' => $metaUser->image($width, $height, $specification));
$this->view->response = 'OK';
} else {
$this->view->response = $translator->trans('Login failed.');
}
}
}
/**
* @return Zend_Auth_Result
*/
public function authenticate(Zend_Auth $auth, $username, $password, $persistIfSuccessful = true)
{
$adapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table_Abstract::getDefaultAdapter(), 'user', 'username', 'user_credential.value');
$adapterSelect = $adapter->getDbSelect()->join('user_credential', 'user_credential.user_id = user.id')->where('user_credential.type = "PASSWORD"');
$adapter->setIdentity($username)->setCredential(md5($password));
// SQLite has no internal md5() function
$authResult = $auth->authenticate($adapter);
if (!$authResult->isValid() || $persistIfSuccessful == false) {
return $authResult;
}
$userInfo = $adapter->getResultRowObject(array('id', 'username'));
/** NEEDS TO BE IMPLEMENTED **/
// Store all user details except password in authentication session
$auth->getStorage()->write($currentUser);
return $authResult;
}
public function passwordRestoreFinishAction()
{
$translator = Zend_Registry::get('container')->getService('translator');
$user = $this->_helper->service('user')->find($this->_getParam('user'));
if (empty($user)) {
$this->_helper->flashMessenger(array('error', $translator->trans('User not found.')));
$this->_helper->redirector('index', 'index', 'default');
}
if (!$user->isActive()) {
$this->_helper->flashMessenger(array('error', $translator->trans('User is not active user.')));
$this->_helper->redirector('index', 'index', 'default');
}
$token = $this->_getParam('token', false);
if (!$token) {
$this->_helper->flashMessenger(array('error', $translator->trans('No token provided.')));
$this->_helper->redirector('index', 'index', 'default');
}
if (!$this->_helper->service('user.token')->checkToken($user, $token, 'password.restore')) {
$this->_helper->flashMessenger(array('error', $translator->trans('Invalid token.')));
$this->_helper->redirector('index', 'index', 'default');
}
$form = new Application_Form_PasswordRestorePassword();
$request = $this->getRequest();
if ($request->isPost() && $form->isValid($request->getPost())) {
$this->_helper->service('user')->save($form->getValues(), $user);
$this->_helper->service('user.token')->invalidateTokens($user, 'password.restore');
if (!$this->auth->hasIdentity()) {
// log in
$adapter = $this->_helper->service('auth.adapter');
$adapter->setEmail($user->getEmail())->setPassword($form->password->getValue());
$this->auth->authenticate($adapter);
$this->_helper->redirector('index', 'dashboard');
} else {
$this->_helper->flashMessenger($translator->trans("Password changed"));
$this->_helper->redirector('index', 'auth');
}
}
$this->view->form = $form;
}
/**
* Authenticates against the supplied adapter
*
* @param string $username
* @param string $password
* @return Zend_Auth_Result
*/
public function authenticate($username, $password)
{
// Get a reference to the singleton instance of Zend_Auth
$this->_auth = Zend_Auth::getInstance();
// Set the storage interface
$this->_auth->setStorage(new Glo_Auth_Storage_Session('Glo_Auth'));
// Set the identity on the adapter
$this->_adapter->setIdentity($username);
// Set the credential on the adapter
$this->_adapter->setCredential($password);
// Attempt authentication, saving the result
$result = $this->_auth->authenticate($this->_adapter);
if (!$result->isValid()) {
// Authentication failed
throw new Glo_Auth_Exception_Failed(array_shift($result->getMessages()));
} else {
$data = $this->_adapter->getResultRowObject(array('user_uuid'));
$storage = $this->_auth->getStorage();
$storage->write($data);
}
return $result;
}
/**
* Called before teh disptach loop gets processed.
*
* This callback allows for proxy or filter behavior. By altering the
* request and resetting its dispatched flag (via
* {@link Zend_Controller_Request_Abstract::setDispatched() setDispatched(false)}),
* the current action may be skipped.
*
* The method checks for an authenticated user. It does also compare the
* authToken property of teh user with the auth_token field in the db - if the
* authToken is set in the db and does not equal to the authToken in the session,
* then it is assumed that another user has signed in with the same credentials, and
* the user's current session will be invalidated.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
// check here if the user's authentity is already set
if (!$this->auth->hasIdentity()) {
/**
* @see Conjoon_Keys
*/
require_once 'Conjoon/Keys.php';
if (isset($_COOKIE[Conjoon_Keys::COOKIE_REMEMBERME_UNAME]) && isset($_COOKIE[Conjoon_Keys::COOKIE_REMEMBERME_TOKEN])) {
/**
* @see Conjoon_Auth_Adapter_Db
*/
require_once 'Conjoon/Auth/Adapter/Db.php';
$authAdapter = new Conjoon_Auth_Adapter_Db(array('cookie' => array('name' => $_COOKIE[Conjoon_Keys::COOKIE_REMEMBERME_UNAME], 'remember_me_token' => $_COOKIE[Conjoon_Keys::COOKIE_REMEMBERME_TOKEN])));
// if the result is valid, the return value of the adapter will
// be stored automatically in the supplied storage object
// from the auth object
$this->auth->authenticate($authAdapter);
}
}
if ($this->auth->hasIdentity()) {
// identity is set. Now check for auth token equality
$currentUser = $this->auth->getIdentity();
/**
* @see Conjoon_BeanContext_Decorator
*/
require_once 'Conjoon/BeanContext/Decorator.php';
/**
* @see Conjoon_Modules_Default_User_Model_User
*/
require_once 'Conjoon/Modules/Default/User/Model/User.php';
$decorator = new Conjoon_BeanContext_Decorator(new Conjoon_Modules_Default_User_Model_User());
$tokenedUser = $decorator->getUserAsDto($currentUser->getId());
// check whether the token in the DB equals to the token in the session
if ($tokenedUser->authToken != $currentUser->getAuthToken()) {
// the application needs to query the registry. That's okay since no secret data will
// be transported if the registry sees that there's no login
if ($request->action == 'get.entries' && $request->controller == 'registry' && $request->module == 'default') {
return;
}
// user wants to log out - this is needed to sign in again since the
// active session will prevent from continue with using the app
if ($request->action == 'logout' && $request->controller == 'reception' && $request->module == 'default') {
return;
}
// does not equal - someone has logged in currently
// with the same user credentials.
// redirect to appropriate controller action
$request->setModuleName('default');
$request->setControllerName('reception');
$request->setActionName('auth.token.failure');
}
return;
}
// the user wants to login and requested the login controller's process
// action. Let him pass!
if ($request->action == 'process' && $request->controller == 'reception' && $request->module == 'default') {
return;
}
// user wants to log out - okay
if ($request->action == 'logout' && $request->controller == 'reception' && $request->module == 'default') {
return;
}
// resource not available.
if ($request->action == 'resource.not.available' && $request->controller == 'index' && $request->module == 'default') {
return;
}
// the application needs to query the registry. That's okay since no secret data will
// be transported if the registry sees that there's no login
if ($request->action == 'get.entries' && $request->controller == 'registry' && $request->module == 'default') {
return;
}
// anything other means the user is not logged in
$request->setModuleName('default')->setControllerName('reception')->setActionName('index')->setDispatched(false);
}
/**
* 認証実行
*
* @param Zend_Auth_Adapter_Interface $adapter
*/
public function authenticate($adapter)
{
return parent::authenticate($adapter);
}
