/**
* Authenticates the user according to a defined ruleset.
* @param User $user the user
* @param array $conditions [description]
* @return [type] [description]
*/
public static function authenticate($user, $conditions = array())
{
Log::info('Ravenly: authenticating.');
$status = true;
// If no user, then fail auth
if (!$user || !Ravenly::loggedIn()) {
$status = false;
}
// Get auth conditions
$c = Config::get('ravenly::auth.conditions');
if (is_array($c)) {
$c = array_merge($c, $conditions);
}
Log::info('Ravenly: - checking conditions.');
// Check crsid conditions
if (array_key_exists('crsid', $c) && is_array($c['crsid'])) {
if (!in_array($user->crsid, $c['crsid'])) {
Log::info('Ravenly: ! failed crsid condition.');
$status = false;
} else {
Log::info('Ravenly: fulfilled crsid condition.');
}
}
// Check College conditions
if (array_key_exists('collegecode', $c) && is_array($c['collegecode'])) {
if (!in_array($user->collegecode, $c['collegecode'])) {
Log::info('Ravenly: ! failed college condition.');
$status = false;
} else {
Log::info('Ravenly: fulfilled college condition.');
}
}
// Check if in the DB (if necessary)
if (array_key_exists('force_db', $c)) {
if (!$user->exists && $c['force_db']) {
Log::info('Ravenly: ! failed force_db condition.');
$status = false;
} else {
Log::info('Ravenly: fulfilled force_db condition.');
}
}
// Check user group conditions
if (array_key_exists('group', $c) && is_array($c['group'])) {
if (!$user->inGroup($c['group'])) {
Log::info('Ravenly: ! failed group condition.');
$status = false;
} else {
Log::info('Ravenly: fulfilled group condition.');
}
}
if ($status) {
Log::info('Ravenly: - authentication successful.');
} else {
Log::info('Ravenly: - authentication failed.');
return Response::error(403);
}
}
<?php
namespace Ravenly;
use Route;
use Log;
/**
* Raven login filter.
* Requires Raven Login and authenticates against default conditions.
*
* e.g. $this->filter('before', 'raven');
*/
Route::filter('raven', function () {
Log::info('Ravenly: raven filter initiated.');
if (Ravenly::loggedIn()) {
Log::info('Ravenly: - user already logged in, authenticating.');
} else {
Log::info('Ravenly: - user not logged in, logging in.');
$l_status = Ravenly::login();
if (!is_bool($l_status)) {
return $l_status;
}
if ($l_status === false) {
Log::info('Ravenly: [!] login failed.');
return Response::error(403);
}
}
$status = Ravenly::authenticate(Ravenly::user());
if ($status === false) {
Log::info('Ravenly: [!] not authorised.');
return Response::error(403);
