/** * Logs the user out * * @param \thebuggenie\core\framework\Request $request * * @return bool */ public function runLogout(framework\Request $request) { if ($this->getUser() instanceof entities\User) { framework\Logging::log('Setting user logout state'); $this->getUser()->setOffline(); } framework\Context::logout(); if ($request->isAjaxCall()) { return $this->renderJSON(array('status' => 'logout ok', 'url' => framework\Context::getRouting()->generate(framework\Settings::getLogoutReturnRoute()))); } $this->forward(framework\Context::getRouting()->generate(framework\Settings::getLogoutReturnRoute())); }
/** * Returns the logged in user, or default user if not logged in * * @param \thebuggenie\core\framework\Request $request * @param \thebuggenie\core\framework\Action $action * * @return \thebuggenie\core\entities\User */ public static function loginCheck(framework\Request $request, framework\Action $action) { try { $authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction()); $user = null; $external = false; switch ($authentication_method) { case framework\Action::AUTHENTICATION_METHOD_ELEVATED: case framework\Action::AUTHENTICATION_METHOD_CORE: $username = $request['tbg3_username']; $password = $request['tbg3_password']; if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = $request['tbg3_elevated_password']; } $raw = true; // If no username and password specified, check if we have a session that exists already if ($username === null && $password === null) { if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $username = framework\Context::getRequest()->getCookie('tbg3_username'); $password = framework\Context::getRequest()->getCookie('tbg3_password'); $user = self::getB2DBTable()->getByUsername($username); if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password'); if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } else { if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) { framework\Context::setUser($user); framework\Context::getRouting()->setCurrentRouteName('elevated_login_page'); throw new framework\exceptions\ElevatedLoginException('reenter'); } } } else { if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } } if (!$user instanceof User) { framework\Context::logout(); throw new \Exception('No such login'); } } } // If we have authentication details, validate them if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) { $external = true; framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $user = $mod->verifyLogin($username, $password); } else { $user = $mod->doLogin($username, $password); } if (!$user instanceof User) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } } catch (\Exception $e) { throw $e; } } elseif (framework\Settings::isUsingExternalAuthenticationBackend()) { $external = true; framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } $user = $mod->doAutoLogin(); if ($user == false) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } else { if ($user == true) { $user = null; } } } catch (\Exception $e) { throw $e; } } elseif ($username !== null && $password !== null && !$user instanceof User) { $external = false; framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO); $user = self::getB2DBTable()->getByUsername($username); if ($user instanceof User && !$user->hasPassword($password)) { $user = null; } if (!$user instanceof User) { framework\Context::logout(); } } break; case framework\Action::AUTHENTICATION_METHOD_DUMMY: $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); break; case framework\Action::AUTHENTICATION_METHOD_CLI: $user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername()); break; case framework\Action::AUTHENTICATION_METHOD_RSS_KEY: $user = self::getB2DBTable()->getByRssKey($request['rsskey']); break; case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD: $user = self::getB2DBTable()->getByUsername($request['api_username']); if (!$user->authenticateApplicationPassword($request['api_token'])) { $user = null; } break; } if ($user === null && !framework\Settings::isLoginRequired()) { $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); } if ($user instanceof User) { if (!$user->isActivated()) { throw new \Exception('This account has not been activated yet'); } elseif (!$user->isEnabled()) { throw new \Exception('This account has been suspended'); } elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) { if (!framework\Settings::isRegistrationAllowed()) { throw new \Exception('This account does not have access to this scope'); } } if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) { $password = $user->getHashPassword(); if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) { if ($request->getParameter('tbg3_rememberme')) { framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword()); } else { framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword()); } } } } elseif (framework\Settings::isLoginRequired()) { throw new \Exception('Login required'); } else { throw new \Exception('No such login'); } } catch (\Exception $e) { throw $e; } return $user; }
<?php $tbg_response->setTitle(__('Configure authentication')); ?> <center> <h1><?php echo __('Settings saved'); ?> </h1> <?php echo __('To apply changes to the authentication system, you have been automatically logged out. The new authentication system is now in use.'); ?> <p><?php echo link_tag(make_url('home'), __('Continue')); ?> </p> </center> <?php \thebuggenie\core\framework\Context::logout();