예제 #1
0
 /**
  * Called after successful login
  * @return 
  * @param array $a_username
  * @param object $a_auth
  */
 protected function loginObserver($a_username, $a_auth)
 {
     global $ilLog, $ilAppEventHandler, $ilSetting;
     if ($this->getContainer()->loginObserver($a_username, $a_auth)) {
         // validate user
         include_once "Services/User/classes/class.ilObjUser.php";
         $user_id = ilObjUser::_loginExists($a_auth->getUsername());
         if ($user_id != ANONYMOUS_USER_ID) {
             $user = new ilObjUser($user_id);
             // check if profile is complete
             include_once "Services/User/classes/class.ilUserProfile.php";
             if (ilUserProfile::isProfileIncomplete($user) and ilAuthFactory::getContext() != ilAuthFactory::CONTEXT_ECS) {
                 $user->setProfileIncomplete(true);
                 $user->update();
             }
             // --- extended user validation
             //
             // we only have a single status, so abort after each one
             // order from highest priority to lowest
             // active?
             if (!$user->getActive()) {
                 $this->status = AUTH_USER_INACTIVE;
                 $a_auth->logout();
                 return;
             }
             // time limit
             if (!$user->checkTimeLimit()) {
                 $this->status = AUTH_USER_TIME_LIMIT_EXCEEDED;
                 // #16327
                 $this->exceeded_user_name = $this->getUserName();
                 $a_auth->logout();
                 return;
             }
             // check client ip
             $clientip = $user->getClientIP();
             if (trim($clientip) != "") {
                 $clientip = preg_replace("/[^0-9.?*,:]+/", "", $clientip);
                 $clientip = str_replace(".", "\\.", $clientip);
                 $clientip = str_replace(array("?", "*", ","), array("[0-9]", "[0-9]*", "|"), $clientip);
                 if (!preg_match("/^" . $clientip . "\$/", $_SERVER["REMOTE_ADDR"])) {
                     $this->status = AUTH_USER_WRONG_IP;
                     $a_auth->logout();
                     return;
                 }
             }
             // simultaneous login
             if ($ilSetting->get('ps_prevent_simultaneous_logins') && ilObjUser::hasActiveSession($user_id)) {
                 $this->status = AUTH_USER_SIMULTANEOUS_LOGIN;
                 $a_auth->logout();
                 return;
             }
             include_once 'Services/Tracking/classes/class.ilOnlineTracking.php';
             ilOnlineTracking::addUser($user_id);
             include_once 'Modules/Forum/classes/class.ilObjForum.php';
             ilObjForum::_updateOldAccess($user_id);
             require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
             $security_settings = ilSecuritySettings::_getInstance();
             // determine first login of user for setting an indicator
             // which still is available in PersonalDesktop, Repository, ...
             // (last login date is set to current date in next step)
             if ($security_settings->isPasswordChangeOnFirstLoginEnabled() && $user->getLastLogin() == null) {
                 $user->resetLastPasswordChange();
             }
             $user->refreshLogin();
             // reset counter for failed logins
             ilObjUser::_resetLoginAttempts($user_id);
         }
         // --- anonymous/registered user
         $ilLog->write(__METHOD__ . ': logged in as ' . $a_auth->getUsername() . ', remote:' . $_SERVER['REMOTE_ADDR'] . ':' . $_SERVER['REMOTE_PORT'] . ', server:' . $_SERVER['SERVER_ADDR'] . ':' . $_SERVER['SERVER_PORT']);
         ilSessionControl::handleLoginEvent($a_auth->getUsername(), $a_auth);
         $ilAppEventHandler->raise('Services/Authentication', 'afterLogin', array('username' => $a_auth->getUsername()));
     }
 }