public function authenticateAction() { $authAttempts = new Users_Model_AuthAttempts(); $attempt = $authAttempts->get(); $form = new Users_Form_Login(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed()); $formData = $this->_request->getPost(); $form->populate($formData); if (!$form->isValid($formData)) { $this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials')); $this->_redirectToNormalConnection(''); } $users = new Users_Model_Users(); $result = $users->authenticate($this->_request->getPost('username'), $this->_config->yubikey->enabled && $this->_config->yubikey->force ? $this->_request->getPost('yubikey') : $this->_request->getPost('password'), false, $this->view); if ($result) { $user = $users->getUser(); if ($attempt) { $attempt = $authAttempts->delete(); } if ($user->role != Users_Model_User::ROLE_ADMIN && $this->underMaintenance) { Zend_Auth::getInstance()->clearIdentity(); return $this->_redirectForMaintenance(true); } } else { if (!$attempt) { $authAttempts->create(); } else { $attempt->addFailure(); $attempt->save(); } $this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials')); } $this->_redirectToNormalConnection(''); }
public function proceedAction() { // double check upgrade is necessary in case someone access this action directly if (!$this->_needsUpgrade()) { $this->_redirect(''); return; } $form = new Install_Form_UpgradeLogin(); $formData = $this->_request->getPost(); $form->populate($formData); if (!$form->isValid($formData)) { $appSession = Zend_Registry::get('appSession'); $appSession->loginForm = $form; $this->_forward('index'); return; } $users = new Users_Model_Users(); list($super, $mayor, $minor) = explode('.', $this->_getDbVersion()); $greaterThan2 = $super >= 2; $result = $users->authenticate($this->_request->getPost('username'), $this->_request->getPost('password'), false, $this->view, !$greaterThan2); if (!$result) { $this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials')); $this->_redirect('index'); return; } $user = $users->getUser(); if ($user->role != Users_Model_User::ROLE_ADMIN) { Zend_Auth::getInstance()->clearIdentity(); $this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials')); $this->_redirect('index'); return; } $this->_runUpgrades(true); $upgradedVersion = $this->_runUpgrades(false); $this->_helper->FlashMessenger->addMessage($this->view->translate('Upgrade was successful. You are now on version %s', $upgradedVersion)); $missingConfigs = $this->_checkMissingConfigDirectives(); if ($missingConfigs) { $this->_helper->FlashMessenger->addMessage($this->view->translate('WARNING: there are some new configuration settings. To override their default values (as set in config.default.php) add them to your config.php file. The new settings correspond to the following directives: %s.', implode(', ', $missingConfigs))); } // we need to logout user in case the user table changed Zend_Auth::getInstance()->clearIdentity(); Zend_Session::forgetMe(); $this->_redirect('/'); }
public function authenticateAction() { $server = $this->_getOpenIdProvider(); $request = $server->decodeRequest(); $authAttempts = new Users_Model_AuthAttempts(); $attempt = $authAttempts->get(); $form = new Form_OpenidLogin(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed()); $formData = $this->_request->getPost(); $form->populate($formData); if (!$form->isValid($formData)) { $formErrors = $form->getErrors(); // gotta resort to pass errors as params because we don't use the session here if (@$formErrors['captcha']) { $this->_forward('login', null, null, array('invalidCaptcha' => true)); } else { $this->_forward('login'); } return; } $users = new Users_Model_Users(); $result = $users->authenticate($request->idSelect() ? $form->getValue('openIdIdentity') : $request->identity, $this->_config->yubikey->enabled && $this->_config->yubikey->force ? $form->getValue('yubikey') : $form->getValue('password'), true, $this->view); if ($result) { if ($attempt) { $attempt->delete(); } $sites = new Model_Sites(); $trustRoot = $this->_getTrustRoot($request); if ($sites->isTrusted($users->getUser(), $trustRoot)) { $this->_forward('proceed', null, null, array('allow' => true)); } elseif ($sites->isNeverTrusted($users->getUser(), $trustRoot)) { $this->_forward('proceed', null, null, array('deny' => true)); } else { $this->_forward('trust'); } } else { if (!$attempt) { $authAttempts->create(); } else { $attempt->addFailure(); $attempt->save(); } $this->_forward('login', null, null, array('invalidLogin' => true)); } }