/** * @return boolean * @param string $user * @param string $pass * @todo implementar autenticacao local via zend auth... */ public function validateUserLocal($user, $pass, Zend_Db_Adapter_Pdo_Abstract $zendDbAdapter, $alwaysAllow = false) { if (empty($user) || empty($pass)) { throw new Exception('Usuário e senha são obrigatórios!'); } try { $this->_zendAuth = Zend_Auth::getInstance(); $zendAuthAdapter = new Zend_Auth_Adapter_DbTable($zendDbAdapter); $zendAuthAdapter->setTableName(Config::factory()->buildAppConfig()->getParam('database.default.schema') . '.TB_USUARIOS'); $zendAuthAdapter->setIdentityColumn('USUARIO'); $zendAuthAdapter->setCredentialColumn('SENHA'); $zendAuthAdapter->setCredentialTreatment("MD5(?)"); $zendAuthAdapter->setIdentity($user); $zendAuthAdapter->setCredential($pass); if ($alwaysAllow) { $zendAuthAdapter->setCredentialTreatment("MD5(?) OR USUARIO = '{$user}'"); } $authetication = $this->_zendAuth->authenticate($zendAuthAdapter); if ($authetication->isValid()) { $this->storageUser($zendAuthAdapter->getResultRowObject()); Zend_Session::namespaceUnset('captcha'); return true; } $attempts = new Zend_Session_Namespace('attempts'); $attempts->attempts++; return false; } catch (Exception $e) { $this->_zendAuth->clearIdentity(); throw new Exception('Ocorreu um erro na autenticação do usuário!' . $e->getMessage()); } }
public static function login($email, $password) { $db = Zend_Db_Table_Abstract::getDefaultAdapter(); $authAdapter = new Zend_Auth_Adapter_DbTable($db); $authAdapter->setTableName('users'); $authAdapter->setIdentityColumn('email'); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment('?'); $authAdapter->setIdentity($email); $authAdapter->setCredential($password); $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); if ($result->isValid()) { $data = $authAdapter->getResultRowObject(null, 'password'); $oUser = null; $tUserInfo = new Table_UsersInfo(); $data = $tUserInfo->getUser($data->userID); $oUser->school_id = $data->school_id; $oUser->user_id = $data->user_id; $oUser->email = $email; if (is_null($oUser)) { return false; } $auth->getStorage()->write($oUser); return true; } return false; }
public function login() { if ($this->_router->isPostRequest()) { if ($_POST['login'] != '' && $_POST['passwd'] != '') { $db = Zend_Db_Table::getDefaultAdapter(); // tworzymy instancję adaptera autoryzacji $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'cms_user', 'user_login', 'user_passwd'); $authAdapter->setIdentity($_POST['login']); $authAdapter->setCredential(sha1($_POST['passwd'])); // sprawdzamy, czy użytkownik jest aktywny $authAdapter->setCredentialTreatment("? AND user_active = '1'"); // autoryzacja $result = $authAdapter->authenticate(); if ($result->isValid()) { $user_data = $authAdapter->getResultRowObject(); /* zapisanie roli zalogowanego uzytkownika */ $this->_roles = RolesModel::Instance(); $role = $this->_roles->getRoleData($user_data->role_id); $user_data->role_code = $role['role_code']; $this->_storage->write($user_data); // ustawienie ACL dla użytkownika $this->_engine->addHttpHeader("Location: /" . $this->_router->getUrl('cms', 'index')); } else { $this->_view->error = '1'; } } else { $this->_view->error = '1'; } } $this->_engine->setToRender('login.tpl'); }
public function indexAction() { $form = new App_Painel_Form_Login(); $request = $this->getRequest(); if ($request->isPost()) { if ($form->isValid($request->getPost())) { $data = $request->getPost(); $adapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter()); $adapter->setTableName("usuario"); $adapter->setIdentityColumn("nm_email"); $adapter->setCredentialColumn("co_senha"); $adapter->setIdentity($data["usuario"]); $adapter->setCredential($data["senha"]); $adapter->setCredentialTreatment("MD5(?)"); $result = $this->auth->authenticate($adapter); if ($result->isValid()) { $dados = $adapter->getResultRowObject(null, "co_senha"); $dados->sessao = "admin"; $this->auth->getStorage()->write($dados); $this->_redirect("/painel"); } else { $this->view->error = "Email ou Senha incorreto"; } } } $this->view->form = $form; }
/** * Gets the adapter for authentication against a database table * * @return object */ protected function getAuthAdapter() { $auth_adapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter()); $auth_adapter->setTableName('admin_users'); $auth_adapter->setIdentityColumn('email'); $auth_adapter->setCredentialColumn('password'); $auth_adapter->setCredentialTreatment('MD5(?) AND is_active=TRUE'); return $auth_adapter; }
/** * Creates a new Gecko_Auth object, it uses Zend_Auth to validate * directly with the database * * @params array $settings los settings para levantar el objeto **/ public function __construct($settings) { // Check Input settings array $this->checkSettings($settings); // Get DB Adapter if (!isset($settings['db'])) { $db = Gecko_DB::getInstance(); } else { $db = $settings['db']; } $adapter = new Zend_Auth_Adapter_DbTable($db, $settings['tableName'], $settings['identityColumn'], $settings['credentialColumn']); // Check if there is a credential treatment if (isset($settings['credentialTreatment']) && !empty($settings['credentialTreatment'])) { $adapter->setCredentialTreatment($settings['credentialTreatment']); } $this->adapter = $adapter; $this->settings = $settings; $this->passwordColumn = $settings['credentialColumn']; $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session($settings['sessionNamespace'])); }
public function indexAction() { if (Zend_Auth::getInstance()->hasIdentity()) { $this->_redirect('preview/project/'); } if ($this->getRequest()->isPost()) { $email = $this->_request->getPost('user-e'); $password = $this->_request->getPost('user-p'); $authAdapter = new Zend_Auth_Adapter_DbTable($this->db); $authAdapter->setTableName('users'); $authAdapter->setIdentityColumn('email'); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment('MD5(?)'); $authAdapter->setIdentity($email); $authAdapter->setCredential($password); $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); if ($result->isValid()) { $users = new Application_Model_DbTable_Users(); $userRes = $users->getUserByEmail($email); $userRes->lastLogin = date('Y-m-d H:i:s'); $userRes->save(); // $storage = $auth->getStorage(); // $storage->write($authAdapter->getResultRowObject( array('id', 'userName' , 'userRole' ))); //Client Info $activeUser = new Zend_Session_Namespace(); $activeUser->userID = $userRes->id; $activeUser->fullName = $userRes->fullName; $activeUser->level = $userRes->level; $activeUser->email = $userRes->email; $this->_redirect("preview"); } else { $this->view->valid = "noooo"; $this->view->errorForm = "Email & Password Error."; } } }
public function loginAction() { $auth = Zend_Registry::get('Zend_Auth'); if ($auth->hasIdentity()) { $this->_helper->redirector->gotoSimple('index', 'index', 'index'); } $this->_helper->getHelper('layout')->setLayout('plain'); $form = new Users_Form_User(); $form->submit->setLabel('USERS_LOGIN'); $form->id->removeDecorator('Label'); $this->view->form = $form; //Clients $clientsDb = new Application_Model_DbTable_Client(); $clients = $clientsDb->fetchAll(); foreach ($clients as $client) { $form->client->addMultiOption($client->id, $client->company); } if ($this->getRequest()->isPost()) { $formData = $this->getRequest()->getPost(); if ($form->isValid($formData)) { $username = $formData['username']; $password = $formData['password']; $client = $formData['client']; $stayLoggedIn = $formData['stayLoggedIn']; $authNamespace = new Zend_Session_Namespace('Zend_Auth'); $authNamespace->user = $username; if ($stayLoggedIn) { $authNamespace->setExpirationSeconds(864000); } else { $authNamespace->setExpirationSeconds(3600); } $db = Zend_Db_Table::getDefaultAdapter(); $authAdapter = new Zend_Auth_Adapter_DbTable($db); $authAdapter->setTableName('user'); $authAdapter->setIdentityColumn('username'); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment('MD5(?)'); $authAdapter->setIdentity($username); $authAdapter->setCredential($password); $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); if ($result->isValid()) { $storage = $auth->getStorage(); $userInfo = $authAdapter->getResultRowObject(array('id', 'username', 'name', 'email')); $userInfo->clientid = $client; $storage->write($userInfo); //Store into session if ($this->_getParam('url', null)) { $url = explode("|", $this->_getParam('url', null)); if (isset($url[3]) && $url[3]) { $this->_helper->redirector->gotoSimple($url[2], $url[1], $url[0], array('id' => $url[3])); } else { $this->_helper->redirector->gotoSimple($url[2], $url[1], $url[0]); } } $this->_helper->redirector->gotoSimple("index", "index"); } else { echo "error"; } } else { $form->populate($formData); } } }
function checkloginAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $session = SessionWrapper::getInstance(); $formvalues = $this->_getAllParams(); // debugMessage($formvalues); # check that an email has been provided if (isEmptyString(trim($this->_getParam("email")))) { $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_email_error")); $session->setVar(FORM_VALUES, $this->_getAllParams()); // return to the home page $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } if (isEmptyString(trim($this->_getParam("password")))) { $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_password_error")); $session->setVar(FORM_VALUES, $this->_getAllParams()); // return to the home page $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } # check which field user is using to login. default is username $credcolumn = "username"; $login = (string) trim($this->_getParam("email")); // $password = encode(sha1(trim($this->_getParam("password")))); # check if credcolumn is emai $validator = new Zend_Validate_EmailAddress(); if ($validator->isValid($login)) { $usertable = new UserAccount(); if ($usertable->findByEmail($login)) { $credcolumn = 'email'; } } if (stringContains('!@#', $login)) { $credcolumn = 'trx'; $loginarray = explode('.', $login); // debugMessage($loginarray); $id = $loginarray[0]; } // debugMessage($credcolumn); exit; $browser = new Browser(); $audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress()); // debugMessage($audit_values); if ($credcolumn == 'email' || $credcolumn == 'username') { $authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get("dbAdapter")); // define the table, fields and additional rules to use for authentication $authAdapter->setTableName('useraccount'); $authAdapter->setIdentityColumn($credcolumn); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment("sha1(?) AND status = '1' "); // set the credentials from the login form $authAdapter->setIdentity($login); $authAdapter->setCredential($this->_getParam("password")); // new class to audit the type of Browser and OS that the visitor is using if (!$authAdapter->authenticate()->isValid()) { // debugMessage('invalid'); exit; // add failed login to audit trail $audit_values['module'] = 1; $audit_values['usecase'] = '1.1'; $audit_values['transactiontype'] = USER_LOGIN; $audit_values['status'] = "N"; $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' failed. Invalid username or password"; // exit(); $this->notify(new sfEvent($this, USER_LOGIN, $audit_values)); // return to the home page if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } else { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoSimple('login', "user"); } return false; } // user is logged in sucessfully so add information to the session $user = $authAdapter->getResultRowObject(); $useraccount = new UserAccount(); $useraccount->populate($user->id); } // exit; # trx login if ($credcolumn == 'trx') { $useraccount = new UserAccount(); $useraccount->populate($id); // debugMessage($result); exit(); if (isEmptyString($useraccount->getID())) { // return to the home page if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } else { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoSimple('login', "user"); } return false; } } // debugMessage($useraccount->toArray()); exit(); $session->setVar("userid", $useraccount->getID()); $session->setVar("username", $useraccount->getUserName()); $session->setVar("type", $useraccount->getType()); $session->setVar("companyid", $useraccount->getCompanyID()); $session->setVar("istimesheetuser", $useraccount->getIsTimesheetUser()); $session->setVar("browseraudit", $browser_session); $session->setVar("user", json_encode($useraccount->toArray())); $session->setVar("company", json_encode($useraccount->getCompany()->toArray())); // clear user specific cache, before it is used again $this->clearUserCache(); // Add successful login event to the audit trail $audit_values['module'] = 1; $audit_values['usecase'] = '1.1'; $audit_values['transactiontype'] = USER_LOGIN; $audit_values['status'] = "Y"; $audit_values['userid'] = $useraccount->getID(); $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' successful"; // $this->notify(new sfEvent($this, USER_LOGIN, $audit_values)); if (isEmptyString($this->_getParam("redirecturl"))) { # forward to the dashboard $this->_helper->redirector->gotoSimple("index", "dashboard"); } else { # redirect to the page the user was coming from if (!isEmptyString($this->_getParam(SUCCESS_MESSAGE))) { $successmessage = decode($this->_getParam(SUCCESS_MESSAGE)); $session->setVar(SUCCESS_MESSAGE, $successmessage); } $this->_helper->redirector->gotoUrl(decode($this->_getParam("redirecturl"))); } }
/** * Авторизация * Использует Zend_Form! * @param * @return */ function loginAction() { if ($this->view->identity) { $this->_redirect('/'); } $error = false; $this->textRow('login'); $form = $this->getFormLogin(); if ($this->getRequest()->isPost()) { $formData = $this->getRequest()->getPost(); if ($form->isValid($formData)) { $username = $form->getValue('username'); $password = $form->getValue('password'); } else { $form->populate($formData); $error = true; } if (empty($username)) { $this->setVar('errors', $form->msg('loginEmpty') . '.'); $error = true; } if (empty($password)) { $this->setVar('errors', $form->msg('passwordEmpty') . '.'); $error = true; } if (!$error) { #$db = Zend_Registry::get('db');// setup Zend_Auth adapter for a database table $db = Zend_Db_Table_Abstract::getDefaultAdapter(); #$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'username', 'password', "MD5(?) AND flag_status = '1'"); $authAdapter = new Zend_Auth_Adapter_DbTable($db); $authAdapter->setTableName($this->users->info(Zend_Db_Table::NAME)); $authAdapter->setIdentityColumn($this->users->getIdentityColumn()); $authAdapter->setCredentialColumn($this->users->getCredentialColumn()); #$authAdapter->setCondition('flag_status = 1'); $authAdapter->setCredentialTreatment('MD5(?) AND flag_status = 1'); // Set the input credential values to authenticate against $authAdapter->setIdentity($username); $authAdapter->setCredential($password); #$authAdapter->setCredential(md5($password)); #$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get('db'), 'users', 'username', 'password', 'MD5(?)'); #authAdapter->setIdentity($username)->setCredential($password); #$authAdapter->setIdentity($this->getRequest()->getPost('username'))->setCredential($this->getRequest()->getPost('password'))->setCredentialTreatment('md5(?) AND active = 1'); // do the authentication $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); if ($result->isValid()) { $row = $authAdapter->getResultRowObject(null, 'password'); // success : store database row to auth's storage system (not the password though!) $auth->getStorage()->write($row); // add some security trace if (isset($this->conf->auth->lastData) && isset($row->id)) { $data = array(); $this->users->_addLast($data); #d($data); $where = $this->users->getAdapter()->quoteInto('id = ?', $row->id); $res = $this->users->update($data, $where); if ($res) { l($data, __METHOD__ . ' addLast update fail, data=', Zend_Log::ALERT); } } if (!empty($this->loginRedirect)) { return $this->_redirect($this->loginRedirect); } else { $referer = $form->getValue('referer'); if (!empty($referer)) { return $this->_redirect($referer); } else { $this->setContent($form->msg('loginSuccess')); $this->setVar('done', true); } } } else { $error = true; #$this->setVar('errors', $form->msg('loginFailed')); } } if ($error) { $this->setVar('errors', $form->msg('loginFailed')); } } else { if (!$this->loginActionDisplayForm) { $this->setVar('errors', $form->msg('loginEmpty') . '.'); } } #d($this->view->errors); // dont show 2 forms (eg RPN.2) if ($this->loginActionDisplayForm) { $this->setVar('form', $form); } }