/**
* Authenticate the user
*
* @var Controller_Action
* @var Username
* @var Password
* @return if success user's object otherwise NULL.
*/
public function authenticate(Controller_Action $controller, $username, $password)
{
$user = NULL;
if (!$this->ldapConnect()) {
$controller->setError('Could not connect to the LDAP Server.');
return $user;
}
//If the login id is not the COMMON_NAME_ATTRIBUTE, find the value to bind
if (defined('LDAP_ALT_LOGIN_ATTRIBUTE') && LDAP_ALT_LOGIN_ATTRIBUTE !== false) {
$ldap_commonName = $this->getLdapCommonName(LDAP_ALT_LOGIN_ATTRIBUTE . '=' . $username);
} else {
$ldap_commonName = $username;
}
$ldap_username = $this->getLdapUsername($ldap_commonName);
error_log("Ldap: {$ldap_commonName} : {$ldap_username}");
$login_status = $this->ldapBind($ldap_username, $password);
if ($login_status) {
// if ($sr=ldap_read($this->ldap_connection, LDAP_USER_DN,"(objectclass=*)",array('samaccountname'))) {
// error_log("LdapDump: ".json_encode(ldap_get_entries($this->ldap_connection,$sr)));
// }
$ldapEmail = $this->getLdapEmail(LDAP_COMMON_NAME_ATTRIBUTE . "=" . $ldap_commonName);
if ($this->user->loadByUsername($ldapEmail)) {
if ($this->user->isActive()) {
$user = $this->user;
} else {
$controller->setError("User is deactivated.");
}
} else {
//Ldap users are already authenticated. If they don't exist yet, take care of it.
$user = new LoveUser();
$data = array("Username" => $ldapEmail, "Password" => 'LDAP', "Nickname" => array_shift(split('@', $ldapEmail)), "Active" => 1, "Confirmed" => 1, "Removed" => 0, "Admin" => 0, "Token" => '', "DateAdded" => 0, "DateModified" => 0);
$user->loadData($data);
try {
$id = $user->save();
$result = $id;
} catch (Exception $e) {
$controller->setError($e->getMessage());
}
}
} else {
$controller->setError("Invalid login");
}
$this->ldapClose();
return $user;
}
public function adminresettoken(Controller_Action $controller, $user_id, $admin_id)
{
$result = NULL;
if ($this->user->loadById($admin_id)) {
if ($this->user->isActive()) {
if ($this->user->isNotRemoved()) {
if ($this->user->isAdmin()) {
if ($this->user->loadById($user_id)) {
$this->user->setToken(uniqid());
try {
if ($this->user->save()) {
$result = $this->user;
} else {
$controller->setError("Unable to save new user data.");
}
} catch (Exception $e) {
$controller->setError($e->getMessage());
}
$result = $this->user;
} else {
$controller->setError("User doesn't exist.");
}
} else {
$controller->setError("You are not admin user.");
}
} else {
$controller->setError("Admin user is removed.");
}
} else {
$controller->setError("Admin user is deactivated.");
}
} else {
$controller->setError("Admin user doesn't exist.");
}
return $result;
}
