Authenticates the user and, if successful, initializes an authenticated session.
public initSession ( Piwik\Auth $auth, boolean $rememberMe ) | ||
$auth | Piwik\Auth | The Auth implementation to use. |
$rememberMe | boolean | Whether the authenticated session should be remembered after the browser is closed or not. |
/** * Authenticate user and password. Redirect if successful. * * @param string $login user name * @param string $password md5 password * @param bool $rememberMe Remember me? * @param string $urlToRedirect URL to redirect to, if successfully authenticated * @return string failure message if unable to authenticate */ protected function authenticateAndRedirect($login, $password, $rememberMe, $urlToRedirect = false, $passwordHashed = false) { Nonce::discardNonce('Login.login'); $this->auth->setLogin($login); if ($passwordHashed === false) { $this->auth->setPassword($password); } else { $this->auth->setPasswordHash($password); } $this->sessionInitializer->initSession($this->auth, $rememberMe); // remove password reset entry if it exists $this->passwordResetter->removePasswordResetInfo($login); if (empty($urlToRedirect)) { $urlToRedirect = Url::getCurrentUrlWithoutQueryString(); } Url::redirectToUrl($urlToRedirect); }
private function processPasswordChange($userLogin) { $alias = Common::getRequestVar('alias'); $email = Common::getRequestVar('email'); $newPassword = false; $password = Common::getRequestvar('password', false); $passwordBis = Common::getRequestvar('passwordBis', false); if (!empty($password) || !empty($passwordBis)) { if ($password != $passwordBis) { throw new Exception($this->translator->translate('Login_PasswordsDoNotMatch')); } $newPassword = $password; } // UI disables password change on invalid host, but check here anyway if (!Url::isValidHost() && $newPassword !== false) { throw new Exception("Cannot change password with untrusted hostname!"); } APIUsersManager::getInstance()->updateUser($userLogin, $newPassword, $email, $alias); if ($newPassword !== false) { $newPassword = Common::unsanitizeInputValue($newPassword); } // logs the user in with the new password if ($newPassword !== false) { $sessionInitializer = new SessionInitializer(); $auth = StaticContainer::get('Piwik\\Auth'); $auth->setLogin($userLogin); $auth->setPassword($password); $sessionInitializer->initSession($auth, $rememberMe = false); } }