public function setDynamicRules() { $context = $this->getContext(); $user = $context->getUser(); $request = $context->getRequest(); $module = $request->getParameter('module'); $action = $request->getParameter('action'); $cache = false; $lifetime = 0; $withLayout = false; //the following actions will not be hard cached when access is restricted to admins only $nuclearCachingExceptions = array('sfGuardAuth' => array('signin' => true), 'home' => array('contact' => true, 'join' => true, 'confirmed' => true, 'requested' => true, 'joined' => true, 'confirmEmail' => true, 'chat' => true)); //if access is restricted to admins only, pages not in the home module will be cached for a week if (sfConfig::get('app_login_admin_only') == 'on' && (!$user->isAuthenticated() || !sfGuardUserTable::isAdmin($user->getGuardUser()->id)) && !isset($nuclearCachingExceptions[$module][$action])) { $cache = true; $withLayout = true; $lifetime = self::WEEK_LIFETIME; } elseif ($lifetime = self::$alwaysCached[$module][$action]) { $cache = true; $withLayout = $request->isXmlHttpRequest() || !$user->isAuthenticated(); } elseif (!$user->isAuthenticated() && ($lifetime = self::$outsideCached[$module][$action])) { $cache = true; $withLayout = true; } elseif ($user->isAuthenticated() && ($lifetime = self::$insideCached[$module][$action])) { $cache = true; $withLayout = false; } if ($cache) { $context->getViewCacheManager()->addCache($module, $action, array('withLayout' => $withLayout, 'lifeTime' => $lifetime)); } }
public function executeSignin($request) { $user = $this->getUser(); if ($user->isAuthenticated()) { return $this->redirect('@homepage'); } if ($request->getParameter('no_layout')) { $this->setLayout(false); } $this->form = new LoginForm(); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('signin')); if ($this->form->isValid()) { $values = $this->form->getValues(); //check that email has been confirmed $profile = Doctrine::getTable('sfGuardUserProfile')->findOneByEmail($values['username']); if (!$profile->is_confirmed) { $request->setError('', "This email address hasn't been confirmed; check your inbox for an email with a confirmation link"); $this->getUser()->setAuthenticated(false); return sfView::SUCCESS; } if (!$profile->User->is_active) { $request->setError('', "This account is disabled; contact the system administrator"); $this->getUser()->setAuthenticated(false); return sfView::SUCCESS; } //if logins restricted to admins only, check that they have admin powers if (sfConfig::get('app_login_admin_only') == 'on') { if (!sfGuardUserTable::isAdmin($profile->user_id)) { $request->setError('', "Login has been disabled for non-administrators. Please try again later."); $this->getUser()->setAuthenticated(false); return sfView::SUCCESS; } } $remember = isset($values['remember']); $this->getUser()->signIn($values['user'], $remember); if (!($signinUrl = $request->getParameter('referer'))) { $signinUrl = sfConfig::get('app_sf_guard_plugin_success_signinUrl', $user->getReferer($request->getReferer())); } $url = LsRouting::generateUrlForRedirect($signinUrl); return $this->redirect('' != $url ? $url : '@homepage'); } } else { if ($request->isXmlHttpRequest()) { $this->getResponse()->setHeaderOnly(true); $this->getResponse()->setStatusCode(401); return sfView::NONE; } $user->setReferer($request->getReferer()); $module = sfConfig::get('sf_login_module'); if ($this->getModuleName() != $module) { return $this->redirect($module . '/' . sfConfig::get('sf_login_action')); } } }
public function execute($filterChain) { $context = $this->getContext(); $user = $context->getUser(); $firstCall = $this->isFirstCall(); //attempt to log in user if they have the sfRemember cookie if (sfconfig::get('app_login_enabled') && $firstCall && (!$user->isAuthenticated() || !$user->getGuardUser())) { if ($cookie = $context->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) { $q = Doctrine_Query::create()->from('sfGuardRememberKey r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie); //if login restricted to admins only if (sfConfig::get('app_login_admin_only') == 'on') { $q->leftJoin('u.sfGuardUserGroup g')->leftJoin('u.sfGuardUserPermission p')->andWhere('g.group_id = 1 OR p.permission_id = 1'); } if ($q->count()) { $user->signIn($q->fetchOne()->sfGuardUser); } else { $context->getResponse()->setCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'), false, time() - 86400); } } } if ($firstCall && sfConfig::get('app_login_admin_only') == 'on' && $user->isAuthenticated()) { if (!sfGuardUserTable::isAdmin($user->getGuardUser()->id)) { $options = $context->getStorage()->getOptions(); $cookieName = $options['session_name']; $user->setAuthenticated(false); $context->getResponse()->setCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'), false, time() - 86400); $context->getResponse()->setCookie($cookieName, false, time() - 86400); } } if (!sfconfig::get('app_login_enabled')) { $user->signOut(); } $filterChain->execute(); //set cookie to indicate whether user us logged in if (sfconfig::get('app_login_enabled') && $user->isAuthenticated()) { $context->getResponse()->setCookie('LittleSisUser', true); } else { $context->getResponse()->setCookie('LittleSisUser', false, time() - 86400); } }