public static function login($credentials)
{
$session = Base::getSession();
$username_field = Base::getConfig('username_field', 'username');
if (isset($credentials[$username_field]) and isset($credentials['password'])) {
$user_model = new \GCore\Admin\Models\User();
$user = $user_model->find('first', array('conditions' => array($username_field => $credentials[$username_field])));
if (!empty($user)) {
$user_groups = Arr::getVal($user, array('GroupUser', '[n]', 'group_id'), self::get_public_groups());
$user_groups_paths = Arr::getVal($user, array('Group', '[n]', 'path'), array());
$user_inheritance = array();
foreach ($user_groups_paths as $user_groups_path) {
$user_inheritance = array_merge($user_inheritance, array_filter(explode('.', $user_groups_path)));
}
$user_inheritance = array_unique($user_inheritance);
$user = $user['User'];
$password_correct = self::check_password($credentials['password'], $user['password']);
if (!$password_correct) {
$session->setFlash('error', l_('AUTHENTICATE_INCORRECT_LOGIN_CREDENTIALS'));
return false;
}
if (!empty($user['activation'])) {
$session->setFlash('error', l_('AUTHENTICATE_ACCOUNT_NOT_ACTIVATED'));
return false;
}
if ($user['blocked'] == 1) {
$session->setFlash('error', l_('AUTHENTICATE_ACCOUNT_BLOCKED'));
return false;
}
//account is found and can login, insert session data
$user_session = array();
$user_session['id'] = $user['id'];
$user_session['name'] = $user['name'];
$user_session['username'] = $user['username'];
$user_session['email'] = $user['email'];
$user_session['last_login'] = $user['last_visit'];
$user_session['logged_in'] = 1;
$user_session['groups'] = $user_groups;
$user_session['inheritance'] = $user_inheritance;
//get referer
$referer = $session->get('_referer');
$session->restart();
$session->set('_referer', $referer);
$session->set('user', array_merge($session->get('user', array()), $user_session));
if (Base::getConfig('session_handler', 'php') == 'database') {
$session_model = new \GCore\Admin\Models\Session();
//$update = $session_model->updateAll(array('user_id' => $user['id'], 'site' => GCORE_SITE), array('session_id' => $session->get_id()));
$insert_status = $session_model->save(array('session_id' => $session->get_id(), 'user_id' => $user['id'], 'site' => GCORE_SITE, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'last_activity' => time()), array('new' => true));
}
//update last visit
$user_model->updateAll(array('last_visit' => date('Y-m-d H:i:s', time())), array('id' => $user['id']), array('modified' => false));
//after login hook
$hook_results = Event::trigger('on_after_user_login');
return true;
} else {
$session->setFlash('error', l_('AUTHENTICATE_INCORRECT_LOGIN_CREDENTIALS'));
return false;
}
} else {
return false;
}
}
function gc($max_life_time = 1440)
{
$session_model = new \GCore\Admin\Models\Session();
$oldest = time() - $max_life_time;
return $session_model->deleteAll(array('last_activity <' => $oldest));
}
