/**
* Installing new database. Use only when auto-creating new site
*/
public function recreateDefaults()
{
// Administrator group
/** @var AdminUserGroup $group */
$group = AdminUserGroupRepository::findOneEntityById(1);
// If no any Admin group - create new empty group
if (!$group || !$group->getUndeletable() || !$group->getCanSetPermissions() || !$group->getFullAccess()) {
if ($group) {
$group->is_superadmin = true;
$group->setField('undeletable', 1)->setField('can_set_permissions', 1)->setField('structure_permissions', 1)->setFullAccess(1)->save();
} else {
// Delete all groups
$group_collection = new AdminUserGroupRepository();
$group_collection->deleteObjectCollection();
// Drop auto-increment value
$group_collection->alterTableResetAutoIncrement();
// Create new Group for Admins
$group = new AdminUserGroup();
$group->is_superadmin = true;
$group->loadDataFromArray(['undeletable' => 1, 'can_set_permissions' => 1, 'structure_permissions' => 1, 'full_access' => 1, 'title' => 'Developers']);
$group->save();
// Create new Group for Managers
$group = new AdminUserGroup();
$group->is_superadmin = true;
$group->loadDataFromArray(['undeletable' => 0, 'can_set_permissions' => 1, 'structure_permissions' => 1, 'full_access' => 1, 'title' => 'Managers', 'default' => 1]);
$group->save();
echo '<br>Default User Group is created.<br>';
}
}
unset($data);
// Check we have any active Admin
$users_collection = new AdminUserRepository();
$users_collection->setWhereActive(1);
$have_any_user = $users_collection->hasAnyObjectInCollection();
// Check we have admin as first User
$users_collection = new AdminUserRepository();
$users_collection->setWhereActive(1);
$users_collection->setWhereId(1);
$users_collection->setWhereGroupId(1);
$users_collection->setWhereLogin('neTpyceB');
// Name of vendor repo owner
$have_default_user = $users_collection->hasAnyObjectInCollection();
// Recreate default User
if (!$have_any_user || !$have_default_user) {
//Remove all Users
$users_collection = new AdminUserRepository();
$users_collection->deleteObjectCollection();
// Reset auto-increment
$users_collection->alterTableResetAutoIncrement();
// Create new default Developer
$user = new AdminUser();
$user->loadDataFromArray(['group_id' => 1, 'login' => 'neTpyceB', 'password' => $this->generateHash(''), 'active' => 1]);
$user->save();
// Create new default Manager
$user = new AdminUser();
$user->loadDataFromArray(['group_id' => 2, 'login' => 'manager', 'password' => $this->generateHash(''), 'active' => 1]);
$user->save();
echo '<br>Default User "manager" and empty password is created.
<br>
Please log in and change password.
<br>';
}
}
public function _login()
{
if (!$_POST || !isset($_POST['login'], $_POST['password']) || trim($_POST['login']) == '') {
go('/');
}
//Check ban and log-in attempts
$attempts_repo = new AdminUsersAttemptsEntityRepository();
$attempts_repo->setWhereIp(IP_LONG);
$attempts_obj = $attempts_repo->getFirstObjectFromCollection();
if ($attempts_obj) {
$attempts = $attempts_obj->getAsArray();
// Got info, check times
if ($attempts && $attempts['failed_attempts']) {
if ($attempts['failed_attempts'] > self::MAX_FAILED_ATTEMPTS && $attempts['last_attempt_ts'] + self::MAX_BAN_TIME > NOW) {
die('IP banned, wait till ' . date('H:i:s', $attempts['last_attempt_ts'] + self::MAX_BAN_TIME));
} elseif ($attempts['failed_attempts'] > self::FIRST_FAILED_ATTEMPTS && $attempts['last_attempt_ts'] + self::FIRST_BAN_TIME > NOW) {
die('IP banned, wait till ' . date('H:i:s', $attempts['last_attempt_ts'] + self::FIRST_BAN_TIME));
}
}
}
// Get user info
$user_collection = new AdminUserRepository();
$user_collection->setWhereLogin($_POST['login']);
$user_collection->setWhereActive(1);
$user_collection->setWherePassword(Users::getInstance()->generateHash($_POST['password']));
/** @var AdminUser $user */
$user = $user_collection->getFirstObjectFromCollection();
if ($user) {
// Removing user's bans
$attempts_repo->deleteObjectCollection();
// Auth in
$this->initLogInProcess($user);
} else {
// Check if no user exist in system
Users::getInstance()->recreateDefaults();
// Log attempt
if (!$attempts_obj || !$attempts_obj->getId()) {
// Check exists already
$attempts_obj = new AdminUsersAttemptsEntity();
$attempts_obj->setIp(IP_LONG);
}
$attempts_obj->setLastAttemptTs(NOW);
$attempts_obj->setFailedAttempts($attempts_obj->getFailedAttempts() + 1);
$attempts_obj->save();
go('/');
}
}
