Exemplo n.º 1
0
function session_login($user, $openidData)
{
    if (!$user) {
        $user = Model::factory('User')->create();
    }
    if (!$user->identity) {
        $user->identity = $openidData['identity'];
    }
    if (!$user->openidConnectSub && isset($openidData['sub'])) {
        $user->openidConnectSub = $openidData['sub'];
    }
    if (!$user->nick && isset($openidData['nickname'])) {
        $user->nick = $openidData['nickname'];
    }
    if (isset($openidData['fullname'])) {
        $user->name = $openidData['fullname'];
    }
    if (isset($openidData['email'])) {
        $user->email = $openidData['email'];
    }
    $user->password = null;
    // no longer necessary after the first OpenID login
    $user->save();
    session_setVariable('user', $user);
    $cookie = Model::factory('Cookie')->create();
    $cookie->userId = $user->id;
    $cookie->cookieString = util_randomCapitalLetterString(12);
    $cookie->save();
    setcookie("prefs[lll]", $cookie->cookieString, time() + ONE_MONTH_IN_SECONDS, '/');
    log_userLog('Logged in, IP=' . $_SERVER['REMOTE_ADDR']);
    util_redirect(util_getWwwRoot());
}
$data['identity'] = $provider;
if (isset($data['name'])) {
    $data['fullname'] = $data['name'];
}
$user = User::get_by_identity_openidConnectSub($provider, $data['sub']);
if (!$user && $oidc->getPlainOpenid()) {
    // This may be the first time the user logs in after the migration from
    // OpenID 2.0 to OpenID Connect.
    $user = User::get_by_identity($oidc->getPlainOpenid());
    if ($user) {
        $user->identity = null;
        // session_login will overwrite it
    }
}
if ($user) {
    session_login($user, $data);
} else {
    // First time logging in, must claim an existing account or create a new one
    // TODO this duplicates code in revenireOpenid.php
    $user = isset($data['email']) ? User::get_by_email($data['email']) : null;
    $loginType = $user ? 0 : (isset($data['fullname']) ? 1 : (isset($data['nickname']) ? 2 : 3));
    // Store the identity in a temporary file. Don't print it in the form, because then it can be faked on the next page.
    $randString = util_randomCapitalLetterString(20);
    FileCache::put($randString, $data);
    SmartyWrap::assign('page_title', 'Autentificare cu OpenID');
    SmartyWrap::assign('suggestHiddenSearchForm', true);
    SmartyWrap::assign('data', $data);
    SmartyWrap::assign('randString', $randString);
    SmartyWrap::assign('loginType', $loginType);
    SmartyWrap::display('auth/chooseIdentity.ihtml');
}
Exemplo n.º 3
0
 function authenticate($clientId, $secret)
 {
     $this->fetchWellKnownConfig();
     if (!$clientId || !$secret) {
         throw new OpenIDException('Autentificare eșuată.');
     }
     $url = $this->wellKnownConfig['authorization_endpoint'];
     $nonce = util_randomCapitalLetterString(32);
     $state = util_randomCapitalLetterString(32);
     session_setVariable('openid_connect_nonce', $nonce);
     session_setVariable('openid_connect_state', $state);
     session_setVariable('openid_connect_provider', $this->provider);
     session_setVariable('openid_connect_client', $clientId);
     session_setVariable('openid_connect_secret', $secret);
     $params = array('client_id' => $clientId, 'openid.realm' => util_getFullServerUrl(), 'nonce' => $nonce, 'redirect_uri' => $this->getReturnTo(), 'response_type' => 'code', 'scope' => 'openid email', 'state' => $state);
     $url .= '?' . http_build_query($params, null, '&');
     util_redirect($url);
 }
Exemplo n.º 4
0
SmartyWrap::assign('identity', $identity);
SmartyWrap::assign('email', $email);
SmartyWrap::assign('page_title', 'Parolă uitată');
SmartyWrap::assign('suggestHiddenSearchForm', true);
if ($submitButton) {
    if (!$email) {
        FlashMessage::add('Trebuie să introduceți o adresă de e-mail.');
        SmartyWrap::display('auth/parola-uitata.ihtml');
    } else {
        $user = User::get_by_email($email);
        if ($user) {
            log_userLog("Password recovery requested for {$email} from " . $_SERVER['REMOTE_ADDR']);
            // Create the token
            $pt = Model::factory('PasswordToken')->create();
            $pt->userId = $user->id;
            $pt->token = util_randomCapitalLetterString(20);
            $pt->save();
            // Send email
            SmartyWrap::assign('homePage', util_getFullServerUrl());
            SmartyWrap::assign('token', $pt->token);
            $body = SmartyWrap::fetch('email/resetPassword.ihtml');
            $ourEmail = Config::get('global.contact');
            $headers = array("From: DEX online <{$ourEmail}>", "Reply-To: {$ourEmail}", 'Content-Type: text/plain; charset=UTF-8');
            $result = mail($email, "Schimbarea parolei pentru DEX online", $body, implode("\r\n", $headers));
        }
        // Display a confirmation even for incorrect addresses.
        SmartyWrap::display('auth/passwordRecoveryEmailSent.ihtml');
    }
} else {
    SmartyWrap::display('auth/parola-uitata.ihtml');
}