public function login($username, $password)
{
if (method_exists('midgard_connection', 'get_sitegroup')) {
// Midgard 8.09 or 9.03 authentication API with sitegroups
if (!$this->sitegroup) {
// In Midgard2 we need current SG name for authentication
$this->sitegroup = midgardmvc_core::get_instance()->dispatcher->get_midgard_connection()->get_sitegroup();
}
$this->user = midgard_user::auth($username, $password, $this->sitegroup);
if (!$this->user) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$username}", 'warning');
return false;
}
return true;
}
// Use Midgard 9.09 authentication API
try {
$user = new midgard_user($this->prepare_tokens($username, $password));
if ($user->login()) {
$this->user = $user;
}
} catch (Exception $e) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$username}", 'warning');
return false;
}
return true;
}
private function midgard2Login($credentials)
{
// TODO: Handle different authtypes
$tokens = array('login' => $credentials->getUserID(), 'password' => $credentials->getPassword(), 'authtype' => 'Plaintext', 'active' => true);
try {
$user = new \midgard_user($tokens);
$user->login();
} catch (\midgard_error_exception $e) {
throw new \PHPCR\LoginException($e->getMessage());
}
return $user;
}
/**
* Perform a login against the midgard backend
*
* @param string $username The username as entered
* @param string $password The password as entered
* @param boolean $trusted Use trusted auth (mgd1 only, ATM)
* @return mixed The appropriate object or false
*/
public static function login($username, $password, $trusted = false)
{
if (method_exists('midgard_user', 'login')) {
// Ratatoskr
$login_tokens = array('login' => $username, 'authtype' => $GLOBALS['midcom_config']['auth_type']);
if (!$trusted) {
$login_tokens['password'] = self::prepare_password($password);
}
try {
$user = new midgard_user($login_tokens);
} catch (midgard_error_exception $e) {
return false;
}
if (!$user->login()) {
return false;
}
return $user;
} else {
// Ragnaroek
$sg_name = '';
$mode = $GLOBALS['midcom_config']['auth_sitegroup_mode'];
if ($mode == 'auto') {
$mode = self::_get('sitegroup') == 0 ? 'not-sitegrouped' : 'sitegrouped';
}
if ($mode == 'sitegrouped') {
$sitegroup = new midgard_sitegroup(self::_get('sitegroup'));
$sg_name = $sitegroup->name;
}
$stat = midgard_user::auth($username, $password, $sg_name, $trusted);
if (!$stat && $GLOBALS['midcom_config']['auth_type'] == 'Plaintext' && strlen($password) > 11) {
//mgd1 has the password field defined with length 13, but it doesn't complain
//when saving a longer password, it just sometimes shortens it, so we try the
//shortened version here (we cut at 11 because the first two characters are **)
$stat = midgard_user::auth($username, substr($password, 0, 11), $sg_name, $trusted);
}
return $stat;
}
}
/**
* Executes the login to midgard.
* @param username
* @param password
* @return bool
*/
private function do_midgard_login($username, $password)
{
if (method_exists('midgard_connection', 'get_sitegroup')) {
// Midgard 8.09 or 9.03 authentication API with sitegroups
if (!$this->sitegroup) {
// Sitegroups are only used in Midgard 9.03 and older
$this->sitegroup = midgardmvc_core::get_instance()->dispatcher->get_midgard_connection()->get_sitegroup();
}
if ($this->sitegroup) {
$this->user = midgard_user::auth($username, '', $this->sitegroup, $this->trusted_auth);
} else {
$this->user = midgard_user::auth($username, '', $this->trusted_auth);
}
// Don't allow trusted auth for admin users
if ($this->trusted_auth && !empty($this->user) && $this->user->is_admin()) {
// Re-check using password for admin users
$this->user = midgard_user::auth($username, $password, $this->sitegroup, false);
}
if (!$this->user) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$username}", 'warning');
$this->session_cookie->delete_login_session_cookie();
return false;
}
return true;
}
// Use Midgard 9.09 authentication API
try {
$user = new midgard_user($this->prepare_tokens($username, $password));
if ($user->login()) {
$this->user = $user;
}
} catch (Exception $e) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$username}", 'warning');
$this->session_cookie->delete_login_session_cookie();
return false;
}
return true;
}
/**
* Executes the login to Midgard2.
*/
protected function do_midgard_login(array $tokens)
{
try {
$tokens = $this->prepare_tokens($tokens);
$user = new midgard_user($tokens);
if ($user->login()) {
$this->user = $user;
}
} catch (midgard_error_exception $e) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$tokens['login']}: " . $e->getMessage(), 'warning');
midgardmvc_core::get_instance()->context->get_request()->set_data_item('midgardmvc_core_services_authentication_message', midgardmvc_core::get_instance()->i18n->get('authentication failed', 'midgardmvc_core'));
return false;
} catch (Exception $e) {
midgardmvc_core::get_instance()->log(__CLASS__, "Failed authentication attempt for {$tokens['login']}: " . $e->getMessage(), 'warning');
midgardmvc_core::get_instance()->context->get_request()->set_data_item('midgardmvc_core_services_authentication_message', midgardmvc_core::get_instance()->i18n->get('authentication failed: ' . $e->getMessage(), 'midgardmvc_core'));
return false;
}
return true;
}
