/**
* Get Auth result
*
* @param \Phire\Table\UserTypes $type
* @return string
*/
public function getAuthResult($type)
{
$result = null;
if (!$this->isValid()) {
$result = $this->getResultMessage();
} else {
$user = $this->getUser();
$session = Table\UserSessions::findBy(array('user_id' => $user['id']));
if (!$type->multiple_sessions && isset($session->id)) {
$result = 'Multiple sessions are not allowed. Someone is already logged on from ' . $session->ip . '.';
} else {
if (!$type->mobile_access && \Pop\Web\Mobile::isMobileDevice()) {
$result = 'Mobile access is not allowed.';
} else {
if (!$user['verified']) {
$result = 'The user is not verified.';
} else {
if ($type->id != $user['type_id']) {
$userType = Table\UserTypes::findById($user['type_id']);
if (isset($userType->id) && !$userType->global_access) {
$result = 'The user is not allowed in this area.';
}
}
}
}
}
}
return $result;
}
/**
* Remove content navigation
*
* @param array $post
* @return void
*/
public function remove(array $post)
{
if (isset($post['remove_sessions'])) {
foreach ($post['remove_sessions'] as $id) {
$session = Table\UserSessions::findById($id);
if (isset($session->id)) {
$session->delete();
}
}
}
}
/**
* Method to use a JSON request to reset a user's last session action
*
* @return void
*/
public function session()
{
$session = new Model\UserSession();
// Update user session last action
if (isset($session->user->sess_id)) {
$userSession = Table\UserSessions::findById($session->user->sess_id);
if (isset($userSession->id) && $userSession->user_id == $session->user->id) {
$userSession->last = date('Y-m-d H:i:s');
$userSession->save();
}
}
}
/**
* Login method
*
* @param string $username
* @param \Phire\Table\UserTypes $type
* @param boolean $success
* @return void
*/
public function login($username, $type, $success = true)
{
$user = Table\Users::findBy(array('username' => $username));
$sess = Session::getInstance();
$typeUri = strtolower($type->type) != 'user' ? '/' . strtolower($type->type) : APP_URI;
// If login success
if ($success && isset($user->id)) {
// Create and save new session database entry
if ($type->track_sessions) {
Table\UserSessions::clearSessions($user->id);
$session = new Table\UserSessions(array('user_id' => $user->id, 'ip' => $_SERVER['REMOTE_ADDR'], 'ua' => $_SERVER['HTTP_USER_AGENT'], 'start' => date('Y-m-d H:i:s')));
$session->save();
$sessionId = $session->id;
$otherSession = Table\UserSessions::findBy(array('user_id' => $user->id));
if (isset($otherSession->rows[0])) {
foreach ($otherSession->rows as $other) {
if ($other->id != $sessionId) {
$sess->sessionError = $this->i18n->__('Another user is currently logged in as %1 from %2.', array('<strong>' . $username . '</strong>', $other->ip));
}
}
}
} else {
$sessionId = null;
}
$type = Table\UserTypes::findById($user->type_id);
$role = Table\UserRoles::findById($user->role_id);
// Get user login data
$lastLogin = null;
$lastUa = null;
$lastIp = null;
$lastLoginString = '(N/A)';
$timestamp = time();
$ua = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];
if ($type->reset_password) {
if ($type->reset_password_interval == '1st') {
if ($user->logins == '') {
$sess->reset_pwd = true;
}
} else {
$interval = 86400;
$resetAry = explode(' ', $type->reset_password_interval);
if ($resetAry[1] == 'Months') {
$interval = 2628000;
} else {
if ($resetAry[1] == 'Years') {
$interval = 31536000;
}
}
$interval = $resetAry[0] * $interval;
if ($user->logins != '') {
$lastL = key(unserialize($user->logins));
if (time() - $lastL > $interval) {
$sess->reset_pwd = true;
}
}
}
}
if ($user->logins == '') {
$logins = array($timestamp => array('ua' => $ua, 'ip' => $ip));
} else {
$logins = unserialize($user->logins);
$last = end($logins);
$lastLogin = date('Y-m-d H:i:s', key($logins));
$lastIp = $last['ip'];
$lastUa = $last['ua'];
$logins[$timestamp] = array('ua' => $ua, 'ip' => $ip);
$lastLoginString = date('D M j, Y g:i A', strtotime($lastLogin)) . ' (' . ('' !== $lastIp ? $lastIp : 'N/A') . ')';
}
// Create new session object
$sess->user = new \ArrayObject(array('id' => $user->id, 'site_ids' => unserialize($user->site_ids), 'type_id' => $user->type_id, 'type' => $type->type, 'typeUri' => $typeUri, 'global_access' => $type->global_access, 'role_id' => isset($role->id) ? $role->id : 0, 'role' => isset($role->id) ? $role->name : null, 'username' => $username, 'email' => $user->email, 'last_login' => $lastLogin, 'last_ua' => $lastUa, 'last_ip' => $lastIp, 'sess_id' => $sessionId, 'last' => $lastLoginString, 'last_action' => date('Y-m-d H:i:s')), \ArrayObject::ARRAY_AS_PROPS);
// Store timestamp and login data
$user->logins = serialize($logins);
$user->failed_attempts = 0;
$user->save();
// If set, log the login
if ($type->log_emails != '') {
$this->log($type, $user);
}
// Else, log failed attempt
} else {
if (isset($user->id)) {
$user->failed_attempts++;
$user->save();
}
}
}
/**
* Logout method
*
* @param boolean $redirect
* @return void
*/
public function logout($redirect = true)
{
// Destroy the session database entry
if (null !== $this->sess->user->sess_id) {
$session = Table\UserSessions::findById($this->sess->user->sess_id);
if (isset($session->id)) {
$session->delete();
}
}
// Destroy the session object.
unset($this->sess->user);
// Delete the phire cookie
$path = BASE_PATH . APP_URI;
if ($path == '') {
$path = '/';
}
$cookie = Cookie::getInstance(array('path' => $path));
$cookie->delete('phire');
if ($redirect) {
$uri = $this->basePath == '' ? '/' : $this->basePath;
\Pop\Http\Response::redirect($uri);
}
}
