/** * Logs the current user out. * * @return void */ public function logout() { $this->user = null; setcookie('synergixe_sso', serialize($this->session->get()), time() - 24 * 3600, "/", ".synergixe.ng", FALSE, TRUE); $this->session->forget(); $this->cookie->forget(); }
/** * Check to see if the user is logged in and activated. * * @return bool */ public function check() { if (is_null($this->user)) { // Check session first, follow by cookie if (!($userArray = $this->session->get()) and !($userArray = $this->cookie->get())) { return false; } // Now check our user is an array with two elements, // the username followed by the persist code if (!is_array($userArray) or count($userArray) !== 2) { return false; } list($login, $persistCode) = $userArray; // Let's find our user try { $user = $this->getUserProvider()->findByLogin($login); } catch (UserNotFoundException $e) { return false; } // Great! Let's check the session's persist code // against the user. If it fails, somebody has tampered // with the cookie / session data and we're not allowing // a login if (!$user->checkPersistCode($persistCode)) { return false; } // Now we'll set the user property on Sentry $this->user = $user; } // Let's check our cached user is indeed activated if (!($user = $this->getUser()) or !$user->isActivated()) { return false; } return true; }
/** * Retrieves a token (OAuth1 token credentials or OAuth2 access * token) for the given provider, abstracting away the * differences from the user. * * @param mixed $provider * @return mixed * @throws \Cartalyst\SentrySocial\AccessMissingException */ protected function retrieveToken($provider) { if ($this->oauthVersion($provider) == 1) { $temporaryIdentifier = $this->requestProvider->getOAuth1TemporaryCredentialsIdentifier(); if (!$temporaryIdentifier) { throw new AccessMissingException('Missing [oauth_token] parameter (used for OAuth1 temporary credentials identifier).'); } $verifier = $this->requestProvider->getOAuth1Verifier(); if (!$verifier) { throw new AccessMissingException('Missing [verifier] parameter.'); } $temporaryCredentials = $this->session->get(); $tokenCredentials = $provider->getTokenCredentials($temporaryCredentials, $temporaryIdentifier, $verifier); return $tokenCredentials; } $code = $this->requestProvider->getOAuth2Code(); if (!$code) { throw new AccessMissingException("Missing [code] parameter."); } $accessToken = $provider->getAccessToken('authorization_code', compact('code')); return $accessToken; }
/** * Check to see if the user is logged in and activated, and hasn't been banned or suspended. * * @return bool */ public function check() { if (is_null($this->user)) { // Check session first, follow by cookie if ( ! $userArray = $this->session->get() and ! $userArray = $this->cookie->get()) { return false; } // Now check our user is an array with two elements, // the username followed by the persist code if ( ! is_array($userArray) or count($userArray) !== 2) { return false; } list($id, $persistCode) = $userArray; // Let's find our user try { $user = $this->getUserProvider()->findById($id); } catch (UserNotFoundException $e) { return false; } // Great! Let's check the session's persist code // against the user. If it fails, somebody has tampered // with the cookie / session data and we're not allowing // a login if ( ! $user->checkPersistCode($persistCode)) { return false; } // Now we'll set the user property on Sentry $this->user = $user; } // Let's check our cached user is indeed activated if ( ! $user = $this->getUser() or ! $user->isActivated()) { return false; } // If throttling is enabled we check it's status if( $this->getThrottleProvider()->isEnabled()) { // Check the throttle status $throttle = $this->getThrottleProvider()->findByUserId( $user->getId() ); if( $throttle->isBanned() or $throttle->isSuspended()) { $this->logout(); return false; } } return true; }