function testLoginGetsUserDataFromDatabase()
{
$language = 'en_gb';
$this->userRepository->expects($this->once())->method('LoadByUsername')->with($this->equalTo($this->username))->will($this->returnValue($this->user));
LoginTime::$Now = time();
$this->user->Login(LoginTime::Now(), $language);
$this->userRepository->expects($this->once())->method('Update')->with($this->equalTo($this->user));
$this->authorization->expects($this->once())->method('IsApplicationAdministrator')->with($this->equalTo($this->user))->will($this->returnValue(true));
$this->authorization->expects($this->once())->method('IsGroupAdministrator')->with($this->equalTo($this->user))->will($this->returnValue(true));
$this->authorization->expects($this->once())->method('IsResourceAdministrator')->with($this->equalTo($this->user))->will($this->returnValue(true));
$this->authorization->expects($this->once())->method('IsScheduleAdministrator')->with($this->equalTo($this->user))->will($this->returnValue(true));
$context = new WebLoginContext(new LoginData(false, $language));
$actualSession = $this->auth->Login($this->username, $context);
$user = new UserSession($this->id);
$user->FirstName = $this->fname;
$user->LastName = $this->lname;
$user->Email = $this->email;
$user->Timezone = $this->timezone;
$user->HomepageId = $this->homepageId;
$user->IsAdmin = true;
$user->IsGroupAdmin = true;
$user->IsResourceAdmin = true;
$user->IsScheduleAdmin = true;
$user->LanguageCode = $language;
$user->LoginTime = LoginTime::Now();
$user->PublicId = $this->publicId;
$user->ScheduleId = $this->scheduleId;
foreach ($this->groups as $group) {
$user->Groups[] = $group->GroupId;
}
$this->assertEquals($user, $actualSession);
}
function Login($user_name, $password = NULL, $type = 'USER_NAME')
{
global $config_vars;
$authentication = new Authentication();
Debug::text('User Name: ' . $user_name . ' Password Length: ' . strlen($password) . ' Type: ' . $type, __FILE__, __LINE__, __METHOD__, 10);
//FIXME: When using Flex, I think it sets the cookie itself, so we need to pass this information on to it before it will actually work.
//However this should work fine for JSON/SOAP.
//FIXME: Store the type in the authentication table so we know how the user logged in. Then we can disable certain functionality if using the phone_id.
if (isset($config_vars['other']['web_session_expire']) and $config_vars['other']['web_session_expire'] != '') {
$authentication->setEnableExpireSession((int) $config_vars['other']['web_session_expire']);
}
if ($authentication->Login($user_name, $password, $type) === TRUE) {
$retval = $authentication->getSessionId();
Debug::text('Success, Session ID: ' . $retval, __FILE__, __LINE__, __METHOD__, 10);
return $retval;
} else {
$validator_obj = new Validator();
$validator_stats = array('total_records' => 1, 'valid_records' => 0);
$error_column = 'user_name';
$error_message = TTi18n::gettext('User Name or Password is incorrect');
//Get company status from user_name, so we can display messages for ONHOLD/Cancelled accounts.
$clf = TTnew('CompanyListFactory');
$clf->getByUserName($user_name);
if ($clf->getRecordCount() > 0) {
$c_obj = $clf->getCurrent();
if ($c_obj->getStatus() == 20) {
$error_message = TTi18n::gettext('Sorry, your company\'s account has been placed ON HOLD, please contact customer support immediately');
} elseif ($c_obj->getStatus() == 23) {
$error_message = TTi18n::gettext('Sorry, your trial period has expired, please contact our sales department to reactivate your account');
} elseif ($c_obj->getStatus() == 28) {
if ($c_obj->getMigrateURL() != '') {
$error_message = TTi18n::gettext('To better serve our customers your account has been migrated, please update your bookmarks to use the following URL from now on: ') . 'http://' . $c_obj->getMigrateURL();
} else {
$error_message = TTi18n::gettext('To better serve our customers your account has been migrated, please contact customer support immediately.');
}
} elseif ($c_obj->getStatus() == 30) {
$error_message = TTi18n::gettext('Sorry, your company\'s account has been CANCELLED, please contact customer support if you believe this is an error');
} elseif ($c_obj->getPasswordPolicyType() == 1 and $c_obj->getProductEdition() > 10) {
//Password policy is enabled, confirm users password has not exceeded maximum age.
$ulf = TTnew('UserListFactory');
$ulf->getByUserName($user_name);
if ($ulf->getRecordCount() > 0) {
foreach ($ulf as $u_obj) {
//Make sure we confirm that the password is in fact correct, but just expired.
if ($u_obj->checkPassword($password, FALSE) == TRUE and $u_obj->checkPasswordAge() == FALSE) {
$error_message = TTi18n::gettext('Sorry, your password has exceeded its maximum age specified by your company\'s password policy and must be changed immediately');
$error_column = 'password';
}
}
}
unset($ulf, $u_obj);
}
}
$validator_obj->isTrue($error_column, FALSE, $error_message);
$validator[0] = $validator_obj->getErrorsArray();
return $this->returnHandler(FALSE, 'VALIDATION', TTi18n::getText('INVALID DATA'), $validator, $validator_stats);
}
return $this->returnHandler(FALSE);
}
function Login($user_name, $password = NULL, $type = NULL)
{
$authentication = new Authentication();
Debug::text('User Name: ' . $user_name . ' Password Length: ' . strlen($password) . ' Type: ' . $type, __FILE__, __LINE__, __METHOD__, 10);
if ($authentication->Login($user_name, $password, $type) === TRUE) {
$retval = $authentication->getSessionId();
Debug::text('Success, Session ID: ' . $retval, __FILE__, __LINE__, __METHOD__, 10);
return $retval;
}
return FALSE;
}
<?php
session_start();
define("PLSPATH", __DIR__ . "/../");
require PLSPATH . 'classes/Config.php';
require PLSPATH . 'classes/Database.php';
require PLSPATH . 'classes/Validate.php';
require PLSPATH . 'classes/Authentication.php';
require PLSPATH . 'classes/User.php';
require PLSPATH . 'classes/Session.php';
require PLSPATH . 'classes/Error.php';
require PLSPATH . 'classes/Email.php';
require PLSPATH . 'classes/Cookie.php';
require PLSPATH . 'classes/Avatar.php';
Config::LoadFile("config/config.php");
Config::LoadFile("config/lang.php");
$db = new Database();
$db->Connect();
if (Config::Get("validation.use_captcha")) {
require PLSPATH . 'classes/vendor/captcha/recaptchalib.php';
}
if (isset($_COOKIE["rememberme"])) {
if (!Authentication::Login(Cookie::Get(), true)) {
Cookie::Clear();
}
}
<?php
require_once '../config/init.php';
sleep(1);
if (isset($_POST['action'])) {
$success = false;
$message = array();
$data = array();
switch ($_POST['action']) {
case 'login':
$success = Authentication::Login($_POST);
$message = Error::GetAll();
break;
case 'signup':
$success = Authentication::Signup($_POST);
$message = $success ? array(Config::Get('success.created')) : Error::GetAll();
if (Config::Get('validation.email_activation') && $success) {
$message[] = Config::Get('success.activation');
}
break;
case 'recover':
$success = Authentication::Recover($_POST);
$message = $success ? array(Config::Get('success.recovery')) : Error::GetAll();
break;
case 'reactivate':
$success = Authentication::Reactivate($_POST);
$message = $success ? array(Config::Get('success.activation')) : Error::GetAll();
break;
case 'reset':
$success = Authentication::Reset($_POST['key'], $_POST['password'], $_POST['cpassword']);
$message = $success ? array(Config::Get('success.reset')) : Error::GetAll();
