public function login($username, $password)
{
// Remove backslashes
$username = str_replace("\\", "", $username);
// filter data from the user
$f = new Zend_Filter_StripTags();
$this->user = $f->filter($username);
$this->pwd = $f->filter($password);
// Validate credentials
if (empty($username)) {
throw new Exception('Invalid username');
}
if (empty($password)) {
throw new Exception('Invalid password');
}
// Username can be alphanum with dash, underscore, @, periods and apostrophe
$usernameValidator = new Zend_Validate_Regex('/^([A-Za-z0-9-_@\\.\']+)$/');
if (!$usernameValidator->isValid($username)) {
throw new Exception('Please enter a valid username');
}
// setup Zend_Auth adapter for a database table
$this->db->setFetchMode(Zend_Db::FETCH_ASSOC);
$authAdapter = new Zend_Auth_Adapter_DbTable($this->db);
$authAdapter->setTableName('ol_admins');
$authAdapter->setIdentityColumn('user');
$authAdapter->setCredentialColumn('password');
// Set the input credential values to authenticate against
$authAdapter->setIdentity($username);
$authAdapter->setCredential(md5($password));
$authAdapter->getDbSelect()->where('active = ?', 1);
// MUST be an active account
// do the authentication
$result = $this->auth->authenticate($authAdapter);
$this->db->setFetchMode(Zend_Db::FETCH_OBJ);
if (!$result->isValid()) {
throw new Exception('Login failed.');
}
//var_dump($authAdapter->getResultRowObject()); exit();
// Update last login date
$users = new OneLogin_Acl_Users();
$users->updateLastLoginDate($username);
// Define object and set auth information
$objUser = new stdClass();
$objUser->user_id = $authAdapter->getResultRowObject()->id;
$objUser->api_user_username = $username;
$objUser->api_user_password = $password;
$objUser->active = $authAdapter->getResultRowObject()->active;
$this->auth->getStorage()->write($objUser);
}
/**
* Disable account
*/
public function unsetActiveAsyncAction()
{
// No need to render
$this->_helper->viewRenderer->setNoRender();
// Create json object
$json = new stdClass();
$json->error = 0;
$json->message = "";
// The entire process
try {
// Get parameters
$id = $this->_getParam("id");
// Create instance and insert user
$users = new OneLogin_Acl_Users();
$users->unsetActive($id);
$json->message = "User updated";
} catch (Exception $e) {
$json->error = 1;
$json->message = str_replace("'", '', trim($e->getMessage()));
}
echo $this->_helper->json($json);
// Send response
}
/**
* Delete a user from ol_admins table
*/
public function deleteAdminAsyncAction()
{
// No need to render
$this->_helper->viewRenderer->setNoRender();
// Create json object
$json = new stdClass();
$json->error = 0;
$json->message = "";
// The entire process
try {
// Get parameters
$userName = $this->_getParam("username");
$where = array("user = ?" => $userName);
// Current logged user cannot be removed
if ($this->view->currentUser == $userName) {
throw new Exception('You cannot remove your own username');
}
// Create instance and insert user
$users = new OneLogin_Acl_Users();
$users->delete($where);
$json->message = "User removed";
} catch (Exception $e) {
$json->error = 1;
$json->message = str_replace("'", '', trim($e->getMessage()));
}
echo $this->_helper->json($json);
// Send response
}
