/**
*
*/
function out()
{
$rep = $this->getResponse('redirectUrl');
jAuth::logout();
$conf = jApp::coord()->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.after_logout');
}
if (jApp::coord()->execOriginalAction()) {
if ($conf['enable_after_logout_override']) {
$url_return = $this->param('auth_url_return');
if ($url_return) {
$rep->url = $url_return;
} else {
$rep->url = jUrl::get($conf['after_logout']);
}
}
} else {
// we are here because of an internal redirection (authentication missing)
// if we can indicate the url to go after the login, let's pass this url
// to the next action (which is in most of case a login form)
if ($conf['enable_after_login_override']) {
$rep->url = jUrl::get($conf['after_logout'], array('auth_url_return' => jUrl::getCurrentUrl()));
} else {
$rep->url = jUrl::get($conf['after_logout']);
}
}
return $rep;
}
/**
*
*/
function out()
{
jAuth::logout();
$rep = $this->getResponse('text');
$rep->content = 'LOGOUT';
return $rep;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
jAuth::checkCookieToken();
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
$authok = false;
if ($needAuth) {
if ($notLogged) {
if (jApp::coord()->request->isAjax() || $this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
if (!$badip) {
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
} else {
$authok = true;
}
} else {
$authok = true;
}
return $selector;
}
public function testGetRightDisconnect()
{
jAuth::logout();
jAcl::clearCache();
$this->assertEqual(jAcl::getRight('super.cms'), array());
$this->assertEqual(jAcl::getRight('admin.access'), array());
jAcl::clearCache();
}
/**
*
*/
function out()
{
$rep = $this->getResponse('redirectUrl');
jAuth::logout();
$conf = jApp::coord()->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jcommunity~login.error.no.auth_logout');
}
if (!($conf['enable_after_logout_override'] && ($url_return = $this->param('auth_url_return')))) {
$url_return = jUrl::get($conf['after_logout']);
}
$rep->url = $url_return;
return $rep;
}
/**
*
*/
function out()
{
jAuth::logout();
$conf = $GLOBALS['gJCoord']->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.auth_logout');
}
if (!($conf['enable_after_logout_override'] && ($url_return = $this->param('auth_url_return')))) {
$url_return = jUrl::get($conf['after_logout']);
}
$rep = $this->getResponse('redirectUrl');
$rep->url = $url_return;
return $rep;
}
/**
*
*/
function out()
{
jAuth::logout();
$conf = $GLOBALS['gJCoord']->getPlugin('auth')->config;
if ($conf['after_logout'] == '') {
throw new jException('jauth~autherror.no.after_logout');
}
$url_return = $this->param('auth_url_return');
if (!$conf['enable_after_logout_override'] || $url_return == null || $url_return == jUrl::getCurrentUrl()) {
// we don't want to return to the current page if authentification is missing for this page
$url_return = jUrl::get($conf['after_logout'], array('auth_url_return' => $url_return));
}
$rep = $this->getResponse('redirectUrl');
$rep->url = $url_return;
return $rep;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$selector = null;
$banok = false;
if (isset($params['banuser.check'])) {
jClasses::inc('havefnubb~bans');
$banok = bans::check();
}
if ($banok) {
// disconnect the user if he was connected
jAuth::logout();
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException(jLocale::get("havefnubb~ban.you.are.banned"));
} else {
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
return $selector;
}
/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$notLogged = false;
$badip = false;
$selector = null;
// Check if auth cookie exist and user isn't logged on
if (isset($this->config['persistant_enable']) && $this->config['persistant_enable'] && !jAuth::isConnected()) {
if (isset($this->config['persistant_cookie_name']) && isset($this->config['persistant_crypt_key'])) {
$cookieName = $this->config['persistant_cookie_name'];
if (isset($_COOKIE[$cookieName]['auth']) && strlen($_COOKIE[$cookieName]['auth']) > 0) {
$decrypted = jCrypt::decrypt($_COOKIE[$cookieName]['auth'], $this->config['persistant_crypt_key']);
$decrypted = @unserialize($decrypted);
if ($decrypted && is_array($decrypted)) {
list($login, $password) = $decrypted;
jAuth::login($login, $password);
}
}
if (isset($_COOKIE[$cookieName]['login'])) {
// destroy deprecated cookies
setcookie($cookieName . '[login]', '', time() - 3600, $this->config['persistant_cookie_path']);
setcookie($cookieName . '[passwd]', '', time() - 3600, $this->config['persistant_cookie_path']);
}
} else {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
}
//Do we check the ip ?
if ($this->config['secure_with_ip']) {
if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) {
$_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure();
} else {
if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) {
session_destroy();
$selector = new jSelectorAct($this->config['bad_ip_action']);
$notLogged = true;
$badip = true;
}
}
}
//Creating the user's object if needed
if (!isset($_SESSION[$this->config['session_name']])) {
$notLogged = true;
$_SESSION[$this->config['session_name']] = new jAuthDummyUser();
} else {
$notLogged = !jAuth::isConnected();
}
if (!$notLogged && $this->config['timeout']) {
if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) {
if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) {
$notLogged = true;
jAuth::logout();
unset($_SESSION['JELIX_AUTH_LASTTIME']);
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
} else {
$_SESSION['JELIX_AUTH_LASTTIME'] = time();
}
}
$needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required'];
$authok = false;
if ($needAuth) {
if ($notLogged) {
if ($this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
if (!$badip) {
$auth_url_return = jApp::coord()->request->getParam('auth_url_return');
if ($auth_url_return === null) {
jApp::coord()->request->params['auth_url_return'] = jUrl::getCurrentUrl();
}
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
} else {
$authok = true;
}
} else {
$authok = true;
}
return $selector;
}
function dodestroy()
{
$user = $this->param('user');
$rep = $this->getResponse('redirect');
$rep->action = 'jcommunity~account:show';
$rep->params = array('user' => $user);
if ($user == '' || !jAuth::isConnected() || jAuth::getUserSession()->login != $user) {
return $rep;
}
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('username', $user);
if (jAuth::removeUser($user)) {
jAuth::logout();
$rep->body->assign('MAIN', $tpl->fetch('account_destroy_done'));
} else {
$rep->body->assign('MAIN', $tpl->fetch('account_destroy_cancel'));
}
return $rep;
}
public function testGetRightDisconnect()
{
jAuth::logout();
jAcl2::clearCache();
$this->assertFalse(jAcl2::check('super.cms.list'));
$this->assertFalse(jAcl2::check('admin.access'));
jAcl2::clearCache();
jAcl2DbManager::addRight('__anonymous', 'super.cms.list');
$this->assertTrue(jAcl2::check('super.cms.list'));
$this->assertFalse(jAcl2::check('admin.access'));
jAcl2::clearCache();
}
