Exemplo n.º 1
0
 /**
  * Logs a user in for impersonation.
  *
  * This method doesn’t have any sort of credential verification, and just requires the ID of the user to
  * impersonate, so use it at your own peril.
  *
  * The new user session will only last as long as the browser session remains active; no identity cookie will be
  * created.
  *
  * @param int $userId The user’s ID.
  *
  * @throws Exception
  * @return bool Whether the user is now being impersonated.
  */
 public function impersonate($userId)
 {
     $userModel = craft()->users->getUserById($userId);
     if (!$userModel) {
         throw new Exception(Craft::t('Could not find a user with Id of {userId}.', array('{userId}' => $userId)));
     }
     $this->_identity = new UserIdentity($userModel->username, null);
     $this->_identity->logUserIn($userModel);
     $id = $this->_identity->getId();
     $states = $this->_identity->getPersistentStates();
     // Run any before login logic.
     if ($this->beforeLogin($id, $states, false)) {
         // Fire an 'onBeforeLogin' event
         $this->onBeforeLogin(new Event($this, array('username' => $userModel->username)));
         $this->changeIdentity($id, $this->_identity->getName(), $states);
         // Fire an 'onLogin' event
         $this->onLogin(new Event($this, array('username' => $userModel->username)));
         $this->_sessionRestoredFromCookie = false;
         $this->_userRow = null;
         $this->_userModel = null;
         $this->setReturnUrl(null);
         // Run any after login logic.
         $this->afterLogin(false);
         return !$this->getIsGuest();
     }
     Craft::log($userModel->username . ' tried to log in unsuccessfully.', LogLevel::Warning);
     return false;
 }
 /**
  * Logs a user in for solely by their user ID.
  *
  * This method doesn’t have any sort of credential verification, so use it at your own peril.
  *
  * @param int  $userId            The user ID of the person to log in.
  * @param bool $rememberMe        Whether the user should be remembered.
  * @param bool $setUsernameCookie Whether to set the username cookie or not.
  *
  * @return bool
  * @throws Exception
  */
 public function loginByUserId($userId, $rememberMe = false, $setUsernameCookie = false)
 {
     $userModel = craft()->users->getUserById($userId);
     if (!$userModel) {
         throw new Exception(Craft::t('Could not find a user with Id of {userId}.', array('{userId}' => $userId)));
     }
     // Require a userAgent string and an IP address to help prevent direct socket connections from trying to login.
     if (!craft()->request->userAgent || !$_SERVER['REMOTE_ADDR']) {
         Craft::log('Someone tried to login with userId: ' . $userId . ', without presenting an IP address or userAgent string.', LogLevel::Warning);
         $this->logout(true);
         $this->requireLogin();
     }
     $this->_identity = new UserIdentity($userModel->username, null);
     $this->_identity->logUserIn($userModel);
     if ($setUsernameCookie) {
         $this->processUsernameCookie($userModel->username);
     }
     // Get how long this session is supposed to last.
     $this->authTimeout = craft()->config->getUserSessionDuration($rememberMe);
     $id = $this->_identity->getId();
     $states = $this->_identity->getPersistentStates();
     // Fire an 'onBeforeLogin' event
     $event = new Event($this, array('username' => $userModel->username));
     $this->onBeforeLogin($event);
     // Is the event is giving us the go-ahead?
     if ($event->performAction) {
         // Run any before login logic.
         if ($this->beforeLogin($id, $states, false)) {
             $this->changeIdentity($id, $this->_identity->getName(), $states);
             $user = craft()->users->getUserById($id);
             if ($user) {
                 if ($this->authTimeout) {
                     if ($this->allowAutoLogin) {
                         // Save the necessary info to the identity cookie.
                         $sessionToken = craft()->security->generateRandomString(32);
                         $hashedToken = craft()->security->hashData(base64_encode(serialize($sessionToken)));
                         $uid = $this->storeSessionToken($user, $hashedToken);
                         $data = array($this->getName(), $sessionToken, $uid, $rememberMe ? 1 : 0, craft()->request->getUserAgent(), $this->saveIdentityStates());
                         $this->_identityCookie = $this->saveCookie('', $data, $this->authTimeout);
                     } else {
                         throw new Exception(Craft::t('{class}.allowAutoLogin must be set true in order to use cookie-based authentication.', array('{class}' => get_class($this))));
                     }
                 }
                 craft()->users->updateUserLoginInfo($user);
             } else {
                 throw new Exception(Craft::t('Could not find a user with Id of {userId}.', array('{userId}' => $this->getId())));
             }
             $this->_sessionRestoredFromCookie = false;
             $this->_userRow = null;
             $this->_sessionRestoredFromCookie = false;
             $this->_userRow = null;
             $this->_userModel = null;
             // Run any after login logic.
             $this->afterLogin(false);
             $success = !$this->getIsGuest();
         } else {
             $success = false;
         }
     } else {
         $success = false;
     }
     if ($success) {
         // Fire an 'onLogin' event
         $this->onLogin(new Event($this, array('username' => $userModel->username)));
         return true;
     } else {
         Craft::log($userModel->username . ' tried to log in unsuccessfully.', LogLevel::Warning);
         return false;
     }
 }