/**
* DEPRECATED This should only be called once, to load into $app['currentUser']. So $USER_CURRENT & $USER_CURRENT_LOADED shouldn't be needed.
* At some point in future, remove this function and put the logic into code that just writes to $app['currentUser'] only.
*
* @return UserAccountModel|null
*/
function userGetCurrent()
{
global $USER_CURRENT, $USER_CURRENT_LOADED, $WEBSESSION;
if (!$USER_CURRENT_LOADED) {
if ($WEBSESSION->has('userID') && $WEBSESSION->get('userID') > 0) {
$uar = new UserAccountRepository();
$USER_CURRENT = $uar->loadByID($WEBSESSION->get('userID'));
if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) {
$USER_CURRENT = null;
}
} else {
if (isset($_COOKIE['userID']) && isset($_COOKIE['userKey'])) {
$uarmr = new UserAccountRememberMeRepository();
$uarm = $uarmr->loadByUserAccountIDAndAccessKey($_COOKIE['userID'], $_COOKIE['userKey']);
if ($uarm) {
$uar = new UserAccountRepository();
$USER_CURRENT = $uar->loadByID($uarm->getUserAccountId());
if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) {
$USER_CURRENT = null;
}
if ($USER_CURRENT) {
userLogIn($USER_CURRENT);
}
}
}
}
$USER_CURRENT_LOADED = true;
}
return $USER_CURRENT;
}
function login(Request $request, Application $app)
{
$form = $app['form.factory']->create(new LogInUserForm());
$this->processThingsToDoAfterGetUser($request, $app);
if ('POST' == $request->getMethod()) {
$form->bind($request);
if ($form->isValid()) {
$data = $form->getData();
$userRepository = new UserAccountRepository();
$user = null;
// We are deliberately very forgiving about people putting the wrong thing in the wrong field.
if ($data['email']) {
$user = $userRepository->loadByUserNameOrEmail($data['email']);
}
if (!$user && $data['username']) {
$user = $userRepository->loadByUserNameOrEmail($data['username']);
}
if ($user) {
if ($user->checkPassword($data['password'])) {
if ($user->getIsClosedBySysAdmin()) {
$form->addError(new FormError('There was a problem with this account and it has been closed: ' . $user->getClosedBySysAdminReason()));
$app['monolog']->addError("Login attempt - account " . $user->getId() . ' - closed.');
} else {
userLogIn($user);
$this->actionThingsToDoAfterGetUser($app, $user);
if ($data['rememberme']) {
$uarmr = new UserAccountRememberMeRepository();
$uarm = $uarmr->create($user);
$uarm->sendCookies();
}
return $app->redirect("/");
}
} else {
$app['monolog']->addError("Login attempt - account " . $user->getId() . ' - password wrong.');
$form->addError(new FormError('User and password not recognised'));
}
} else {
$app['monolog']->addError("Login attempt - unknown account");
$form->addError(new FormError('User and password not recognised'));
}
}
}
$this->parameters['form'] = $form->createView();
return $app['twig']->render('index/user/login.html.twig', $this->parameters);
}
