Пример #1
0
/**
 * DEPRECATED This should only be called once, to load into $app['currentUser']. So $USER_CURRENT & $USER_CURRENT_LOADED shouldn't be needed.
 * At some point in future, remove this function and put the logic into code that just writes to $app['currentUser'] only.
 *
 * @return UserAccountModel|null
 */
function userGetCurrent()
{
    global $USER_CURRENT, $USER_CURRENT_LOADED, $WEBSESSION;
    if (!$USER_CURRENT_LOADED) {
        if ($WEBSESSION->has('userID') && $WEBSESSION->get('userID') > 0) {
            $uar = new UserAccountRepository();
            $USER_CURRENT = $uar->loadByID($WEBSESSION->get('userID'));
            if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) {
                $USER_CURRENT = null;
            }
        } else {
            if (isset($_COOKIE['userID']) && isset($_COOKIE['userKey'])) {
                $uarmr = new UserAccountRememberMeRepository();
                $uarm = $uarmr->loadByUserAccountIDAndAccessKey($_COOKIE['userID'], $_COOKIE['userKey']);
                if ($uarm) {
                    $uar = new UserAccountRepository();
                    $USER_CURRENT = $uar->loadByID($uarm->getUserAccountId());
                    if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) {
                        $USER_CURRENT = null;
                    }
                    if ($USER_CURRENT) {
                        userLogIn($USER_CURRENT);
                    }
                }
            }
        }
        $USER_CURRENT_LOADED = true;
    }
    return $USER_CURRENT;
}
Пример #2
0
 function login(Request $request, Application $app)
 {
     $form = $app['form.factory']->create(new LogInUserForm());
     $this->processThingsToDoAfterGetUser($request, $app);
     if ('POST' == $request->getMethod()) {
         $form->bind($request);
         if ($form->isValid()) {
             $data = $form->getData();
             $userRepository = new UserAccountRepository();
             $user = null;
             // We are deliberately very forgiving about people putting the wrong thing in the wrong field.
             if ($data['email']) {
                 $user = $userRepository->loadByUserNameOrEmail($data['email']);
             }
             if (!$user && $data['username']) {
                 $user = $userRepository->loadByUserNameOrEmail($data['username']);
             }
             if ($user) {
                 if ($user->checkPassword($data['password'])) {
                     if ($user->getIsClosedBySysAdmin()) {
                         $form->addError(new FormError('There was a problem with this account and it has been closed: ' . $user->getClosedBySysAdminReason()));
                         $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - closed.');
                     } else {
                         userLogIn($user);
                         $this->actionThingsToDoAfterGetUser($app, $user);
                         if ($data['rememberme']) {
                             $uarmr = new UserAccountRememberMeRepository();
                             $uarm = $uarmr->create($user);
                             $uarm->sendCookies();
                         }
                         return $app->redirect("/");
                     }
                 } else {
                     $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - password wrong.');
                     $form->addError(new FormError('User and password not recognised'));
                 }
             } else {
                 $app['monolog']->addError("Login attempt - unknown account");
                 $form->addError(new FormError('User and password not recognised'));
             }
         }
     }
     $this->parameters['form'] = $form->createView();
     return $app['twig']->render('index/user/login.html.twig', $this->parameters);
 }