public function postDispatch(Zend_Controller_Request_Abstract $request) { // if (Zend_Registry::isRegistered(Tomato_Core_GlobalKey::LOG_REQUEST) // && Zend_Registry::get(Tomato_Core_GlobalKey::LOG_REQUEST) == false // ) { // return; // } $objRequestLog = new Model_RequestLog(); $uri = $request->getRequestUri(); $agent = $request->getServer('HTTP_USER_AGENT'); $browserInfo = self::_getBrowserInfo($agent); $objRequestLog->insert(array('ip' => $request->getClientIp(), 'agent' => $agent, 'browser' => $browserInfo['browser'], 'version' => $browserInfo['version'], 'platform' => $browserInfo['platform'], 'bot' => self::_getBot($agent), 'uri' => $uri, 'full_url' => $request->getScheme() . '://' . $request->getHttpHost() . '/' . ltrim($uri, '/'), 'refer_url' => $request->getServer('HTTP_REFERER'), 'access_time' => date('Y-m-d H:i:s'))); // $log = new Tomato_Modules_Core_Model_RequestLog( // array( // 'ip' => $request->getClientIp(), // 'agent' => $agent, // 'browser' => $browserInfo['browser'], // 'version' => $browserInfo['version'], // 'platform' => $browserInfo['platform'], // 'bot' => self::_getBot($agent), // 'uri' => $uri, // 'full_url' => $request->getScheme().'://'.$request->getHttpHost().'/'.ltrim($uri, '/'), // 'refer_url' => $request->getServer('HTTP_REFERER'), // 'access_time' => date('Y-m-d H:i:s'), // ) // ); // $conn = Tomato_Core_Db_Connection::getMasterConnection(); // $gateway = new Tomato_Modules_Core_Model_RequestLogGateway(); // $gateway->setDbConnection($conn); // $gateway->create($log); }
public function routeStartup(Zend_Controller_Request_Abstract $request) { $front = Zend_Controller_Front::getInstance(); $bs = $front->getParam('bootstrap'); $multilog = $bs->getPluginResource('multiplelog'); foreach ($multilog->getLogs() as $log) { $log->setEventItem('ip', $request->getClientIp()); $log->setEventItem('impersonated', ''); $log->setEventItem('token', '#no token, yet#'); $log->setEventItem('username', '#unknown#'); } }
/** * * @param \Zend_Controller_Request_Abstract $request * @param string $actionId * @param boolean $changed * @param mixed $message * @param mixed $data * @param int $respondentId * @return boolean True when a log entry was stored */ public function _logEntry(\Zend_Controller_Request_Abstract $request, $actionId, $changed, $message, $data, $respondentId) { $action = $this->getAction($actionId); $currentUser = $this->_loader->getCurrentUser(); if ($respondentId) { $this->_respondentId = $respondentId; } // Exit when the user is not logged in and we should only track for logged in users if (!$currentUser->isActive()) { if (!$action['gls_when_no_user']) { return false; } } if ($request instanceof \Zend_Controller_Request_Http) { $post = $request->isPost(); $ip = $request->getClientIp(); if ($post && null === $data) { $data = $request->getPost(); } } else { $post = false; $ip = ''; } if (null === $message) { $message = $this->getMessages(); } if (!$respondentId) { // FallBack in case nothing is in $data $respondentId = $this->_respondentId; if (is_array($data)) { foreach ($this->_respondentIdFields as $field) { if (isset($data[$field]) && $data[$field]) { $respondentId = $data[$field]; break; } } } } $orgId = $currentUser->getCurrentOrganizationId() ? $currentUser->getCurrentOrganizationId() : 0; if (is_array($data)) { foreach ($this->_organizationIdFields as $field) { if (isset($data[$field]) && $data[$field]) { $orgId = $data[$field]; break; } } } // Get type for second exit check if ($changed) { $checkKey = 'gls_on_change'; } elseif ($post) { $checkKey = 'gls_on_post'; } else { $checkKey = 'gls_on_action'; } if (!$action[$checkKey]) { return false; } $values['gla_action'] = $action['gls_id_action']; $values['gla_respondent_id'] = $respondentId; $values['gla_by'] = $currentUser->getUserId(); $values['gla_organization'] = $orgId; $values['gla_role'] = $currentUser->getRole() ? $currentUser->getRole() : '--not set--'; $values['gla_changed'] = $changed ? 1 : 0; $values['gla_message'] = $this->_toJson($message); $values['gla_data'] = $this->_toJson($data); $values['gla_method'] = $post ? 'POST' : 'GET'; $values['gla_remote_ip'] = $ip; return $this->_storeLogEntry($request, $values, $changed); }
/** * Resolves the credentials using standard Auth Basic * * @param string $creds * @param Zend_Controller_Request_Abstract $request * @return array | false */ public function schemeM2MActivationToken($creds, Zend_Controller_Request_Abstract $request = null) { // If an old session exists, remove it Zend_Auth::getInstance()->clearIdentity(); // Get user profile $creds = $this->_decodeCredentials($creds); $user = $this->_getTokenUser($creds); if ($creds === false || $user === false) { return false; } // Fetch if user have a valid token $activationToken = UserService::getInstance()->getUserActivationToken($user->getId(), $creds[1]); $loginAttemptService = \Core\Service\LoginAttemptService::getInstance(); $loginAttemptModel = new LoginAttemptModel(array('userId' => $user->id, 'remoteIp' => $request->getClientIp())); if (!$activationToken) { $loginAttemptModel->result = LoginAttemptModel::RESULT_FAILED; $loginAttemptModel->type = LoginAttemptModel::FAIL_TYPE_CRED; $loginAttemptService->create($loginAttemptModel); throw new \Application\Exceptions\ForbiddenException("Fail attempting to log in with non existing token: " . $creds[1], \Application\Error\PermissionCodes::AUTH_NONEXISTENT_TOKEN); } // Reset counter retries (user status remains blocked at mongo) $bootstrap = Zend_Controller_Front::getInstance()->getParam('bootstrap'); $authRetry = $bootstrap->getResource('Authretry'); $authRetry->reset($user->getUserName()); // Generate a token for M2MToken auth $token = $this->_generateToken(false); // Regenerate a new session if (!Zend_Session::isRegenerated()) { Zend_Session::regenerateId(); } $loginAttemptModel->result = LoginAttemptModel::RESULT_SUCCESS; $loginAttemptService->create($loginAttemptModel); return array('id' => $user->getId(), 'username' => $user->getUserName(), 'token' => $token, 'orgId' => $user->getOrganizationId(), 'role' => $user->getRole(), 'authType' => self::AUTH_TYPE_ACTIVATION_TOKEN); }