/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
if (strpos($this->username, "@")) {
$user = User::model()->notsafe()->findByAttributes(array('email' => $this->username));
} else {
$user = User::model()->notsafe()->findByAttributes(array('username' => $this->username));
}
if ($user === null) {
if (strpos($this->username, "@")) {
$this->errorCode = self::ERROR_EMAIL_INVALID;
} else {
$this->errorCode = self::ERROR_USERNAME_INVALID;
}
} else {
if (!PasswordHelper::verifyPassword($this->password, $user->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($user->status == 0 && Yii::app()->getModule('user')->loginNotActiv == false) {
$this->errorCode = self::ERROR_STATUS_NOTACTIV;
} else {
if ($user->status == -1) {
$this->errorCode = self::ERROR_STATUS_BAN;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->errorCode = self::ERROR_NONE;
}
}
}
}
return !$this->errorCode;
}
/**
* Returns the JavaScript needed for performing client-side validation.
* @param CModel $object the data object being validated
* @param string $attribute the name of the attribute to be validated.
* @return string the client-side validation script.
* @see CActiveForm::enableClientValidation
*/
public function clientValidateAttribute($object, $attribute)
{
$phis = new PasswordHistory();
$passes = $phis->getHistory(Yii::app()->user->id);
$condition = "1==2";
foreach ($passes as $pass) {
$value = $object->{$attribute};
if (PasswordHelper::verifyPassword($value, $pass->password)) {
$condition = "1==1";
$this->addError($object, $attribute, 'You can not use a password which you have already used!');
break;
}
}
return "\n\tif(" . $condition . ") {\n\t\tmessages.push(" . CJSON::encode('your password is too weak, you fool!') . ");\n\t}\n\t";
}
/**
* Verify Old Password
*/
public function verifyOldPassword($attribute, $params)
{
if (!PasswordHelper::verifyPassword($this->{$attribute}, User::model()->notsafe()->findByPk(Yii::app()->user->id)->password)) {
$this->addError($attribute, UserModule::t("Old Password is incorrect."));
}
}
