Пример #1
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('login_view')) {
         // assign redirect
         $this->template->assign('redirect', $this->getRedirect($this->get));
         // check login attempts
         $this->attempt = new Attempt($this->registry);
         $this->level = $this->attempt->getStage();
         if ($this->level == Attempt::TRYING) {
             $captcha = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'api/core/captcha';
             $this->template->assign('captcha', $captcha);
         } else {
             if ($this->level == Attempt::ABUSE) {
                 throw new Exception('Your IP ' . $_SERVER['REMOTE_ADDR'] . ' is banned for 30 minutes because of too many wrong logins');
             }
         }
         // template
         $this->htmlCss->add('login');
         $this->htmlJs->add('amun');
         $this->htmlJs->add('login');
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #2
0
 public function onLoad()
 {
     parent::onLoad();
     // add path
     $this->path->add('Reset Password', $this->page->getUrl() . '/resetPw');
     // template
     $this->htmlCss->add('login');
 }
Пример #3
0
 public function onLoad()
 {
     parent::onLoad();
     // add path
     $this->path->add('Register', $this->page->getUrl() . '/register');
     $this->path->add('Activate', $this->page->getUrl() . '/register/activate');
     // template
     $this->htmlCss->add('login');
 }
Пример #4
0
 public function onLoad()
 {
     parent::onLoad();
     // add path
     $this->path->add('Recover', $this->page->getUrl() . '/recover');
     // captcha
     $captcha = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'api/core/captcha';
     $this->template->assign('captcha', $captcha);
     // template
     $this->htmlCss->add('login');
 }
Пример #5
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('login_view')) {
         $this->session->destroy();
         // redirect
         header('Location: ' . $this->config['psx_url']);
         exit;
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #6
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('login_view')) {
         // add path
         $this->path->add('Connect', $this->page->getUrl() . '/connect');
         // check whether connection was started
         $this->request = isset($_SESSION['amun_openid_request']) ? $_SESSION['amun_openid_request'] : null;
         if ($this->request instanceof SetupRequest) {
             // sreg extension
             $sreg = null;
             $params = $this->request->getExtension(Extension\Sreg::NS);
             $required = isset($params['required']) ? explode(',', $params['required']) : array();
             $optional = isset($params['optional']) ? explode(',', $params['optional']) : array();
             $fields = array_merge($required, $optional);
             if (!empty($fields)) {
                 $sreg = Extension\Sreg::validateFields($fields);
             }
             // oauth extension
             $oauth = null;
             $params = $this->request->getExtension(Extension\Oauth::NS);
             $consumer = isset($params['consumer']) ? $params['consumer'] : null;
             if (!empty($consumer)) {
                 $oauth = array('consumer' => $consumer);
             }
             $this->claimedId = $this->request->getClaimedId();
             $this->identity = $this->request->getIdentity();
             $this->assocHandle = $this->request->getAssocHandle();
             $this->returnTo = $this->request->getReturnTo();
             $this->sreg = $sreg;
             $this->oauth = $oauth;
             $this->template->assign('rpData', array_intersect_key($this->getAvailableSregExtFields(), array_flip($sreg)));
             $this->template->assign('rpHost', $this->returnTo->getHost());
         } else {
             throw new Exception('No connection was initialized');
         }
         // get association
         $this->assoc = $this->getAssociation();
         // check whether access is already allowed or denied
         $status = $this->getHandler('AmunService\\Openid')->getStatus($this->user->getId(), $this->assoc['id']);
         if ($status === Openid\Record::APPROVED) {
             $this->allowAccess();
         }
         if ($status === Openid\Record::DENIED) {
             $this->denyAccess();
         }
         // template
         $this->htmlCss->add('login');
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #7
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('search_view')) {
         // template
         $this->htmlCss->add('search');
         $this->htmlJs->add('search');
         $this->htmlJs->add('ace-html');
         $this->htmlJs->add('bootstrap');
         $this->htmlJs->add('prettify');
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #8
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('login_view')) {
         // captcha
         $captcha = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'api/core/captcha';
         $this->template->assign('captcha', $captcha);
         // add path
         $this->path->add('Register', $this->page->getUrl() . '/register');
         // template
         $this->htmlCss->add('login');
         $this->htmlJs->add('jquery');
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #9
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('file_view')) {
         $file = $this->getHandler()->getOneByPageId($this->page->getId());
         if (!empty($file)) {
             $date = new DateTime($file['date'], $this->registry['core.default_timezone']);
             header('Content-Type: ' . $file['contentType']);
             header('Last-Modified: ' . $date->format(DateTime::RFC2822));
             echo $file['content'];
             exit;
         } else {
             throw new Exception('No file set');
         }
     } else {
         throw new Exception('Access not allowed');
     }
 }
Пример #10
0
 public function onLoad()
 {
     parent::onLoad();
     if ($this->user->hasRight('my_view')) {
         // check status of current user
         if ($this->user->isAnonymous()) {
             throw new Exception('Anonymous user cant view their profile');
         }
     } else {
         throw new Exception('Access not allowed');
     }
     // options
     $options = new Option('index', $this->registry, $this->user, $this->page);
     $options->add('my_view', 'Settings', $this->page->getUrl() . '/settings');
     $options->add('my_view', 'Friends', $this->page->getUrl() . '/friends');
     $options->add('my_view', 'Account', $this->page->getUrl());
     $options->load(array($this->page));
     $this->template->assign('options', $options);
 }
Пример #11
0
 public function onLoad()
 {
     parent::onLoad();
     // get oauth token
     $oauthToken = $this->get->oauth_token('string', array(new Filter\Length(40, 40), new Filter\Xdigit()));
     if ($this->validate->hasError()) {
         throw new Exception($this->validate->getLastError());
     }
     // check whether user is logged in if not redirect them to
     // the login form
     if ($this->user->isAnonymous()) {
         $self = $this->page->getUrl() . '/auth?oauth_token=' . $oauthToken;
         header('Location: ' . $this->page->getUrl() . '?redirect=' . urlencode($self));
         exit;
     }
     if ($this->user->hasRight('login_view')) {
         // add path
         $this->path->add('Auth', $this->page->getUrl() . '/auth');
         try {
             if (!empty($oauthToken)) {
                 // check token
                 $row = $this->getHandler('AmunService\\Oauth\\Request')->getOneByToken($oauthToken, array('apiId', 'status', 'callback', 'token', 'expire', 'date'));
                 if (!empty($row)) {
                     $this->template->assign('token', $row['token']);
                     // assign api id
                     $this->apiId = $row['apiId'];
                     // check token status so if a token has access status we
                     // can not access this page
                     if (!in_array($row['status'], array(Oauth\Record::TEMPORARY, Oauth\Record::APPROVED))) {
                         throw new Exception('The token was already approved');
                     }
                     // check expire
                     $now = new DateTime('NOW', $this->registry['core.default_timezone']);
                     $date = new DateTime($row['date'], $this->registry['core.default_timezone']);
                     $date->add(new DateInterval($row['expire']));
                     if ($now > $date) {
                         $con = new Condition(array('token', '=', $oauthToken));
                         $this->hm->getTable('AmunService\\Oauth\\Request')->delete($con);
                         throw new Exception('The token is expired');
                     }
                     // load user rights
                     $con = new Condition(array('groupId', '=', $this->user->getGroupId()));
                     $this->userRights = $this->getHandler('AmunService\\User\\Group\\Right')->getAll(array('rightId', 'groupId', 'rightDescription'), 0, 1024, 'rightDescription', Sql::SORT_ASC, $con);
                     $this->template->assign('userRights', $this->userRights);
                     // assign token and callback for later use
                     $token = $row['token'];
                     $callback = $row['callback'];
                     // parse callback
                     if ($callback != 'oob') {
                         $host = parse_url($row['callback'], PHP_URL_HOST);
                         if (!empty($host)) {
                             $this->template->assign('consumerHost', $host);
                         } else {
                             throw new Exception('No valid callback was defined in the request');
                         }
                     }
                 } else {
                     throw new Exception('The consumer provide an invalid token');
                 }
                 // request consumer informations
                 $row = $this->getHandler('AmunService\\Oauth')->getOneById($this->apiId, array('url', 'title', 'description'));
                 if (!empty($row)) {
                     $this->template->assign('consumerTitle', $row['title']);
                     $this->template->assign('consumerDescription', $row['description']);
                 } else {
                     throw new Exception('Request is not assigned to an user');
                 }
                 // check whether access is already allowed
                 if ($this->getHandler('AmunService\\Oauth\\Access')->isAllowed($this->apiId, $this->user->getId())) {
                     $this->allowAccess($token, $callback, false);
                 }
             } else {
                 throw new Exception('The consumer has not provide an valid token');
             }
         } catch (\Exception $e) {
             $this->template->assign('error', $e->getMessage());
         }
         // template
         $this->htmlCss->add('login');
     } else {
         throw new Exception('Access not allowed');
     }
 }