</button>
<h4><?php
echo __('Application password: %password_name', array('%password_name' => $password->getName()));
?>
</h4>
<p><?php
echo __('Last used: %last_used_time, created at: %created_at_time', array('%last_used_time' => $password->getLastUsedAt() ? tbg_formatTime($password->getLastUsedAt(), 20) : __('never used'), '%created_at_time' => tbg_formatTime($password->getCreatedAt(), 20)));
?>
</p>
</li>
<?php
}
?>
</ul>
<?php
if (\thebuggenie\core\framework\Settings::isOpenIDavailable()) {
?>
<h3>
<?php
echo __('Linked OpenID accounts');
?>
<button class="button button-silver" onclick="TBG.Main.Helpers.Backdrop.show('<?php
echo make_url('get_partial_for_backdrop', array('key' => 'openid'));
?>
');"><?php
echo __('Link an OpenID account');
?>
</button>
</h3>
<p><?php
echo __("Via %openid you can log in to The Bug Genie by authenticating via Google, Wordpress and a lot of other websites. This means you don't have to register an account specifically for The Bug Genie, but authenticate with your existing Google, Wordpress, etc. user account instead. The Bug Genie will not receive or store your external usernames or passwords.", array('%openid' => link_tag('http://openid.net', 'OpenID')));
/**
* Do login (AJAX call)
*
* @Route(name="login", url="/do/login")
* @AnonymousRoute
*
* @param \thebuggenie\core\framework\Request $request
*/
public function runDoLogin(framework\Request $request)
{
$i18n = framework\Context::getI18n();
$options = $request->getParameters();
$forward_url = framework\Context::getRouting()->generate('home');
if ($request->hasParameter('persona') && $request['persona'] == 'true') {
$url = 'https://verifier.login.persona.org/verify';
$assert = filter_input(INPUT_POST, 'assertion', FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
//Use the $_POST superglobal array for PHP < 5.2 and write your own filter
$params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode(framework\Context::getURLhost() . ':80');
$ch = curl_init();
$options = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_POST => 2, CURLOPT_POSTFIELDS => $params);
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
$details = json_decode($result);
$user = null;
if ($details->status == 'okay') {
$user = entities\User::getByEmail($details->email);
if ($user instanceof entities\User) {
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_persona_session', true);
$user->setOnline();
$user->save();
return $this->renderJSON(array('status' => 'login ok', 'redirect' => in_array($request['referer_route'], array('home', 'login'))));
}
}
if (!$user instanceof entities\User) {
$this->getResponse()->setHttpStatus(401);
$this->renderJSON(array('message' => $this->getI18n()->__('Invalid login')));
}
return;
}
if (framework\Settings::isOpenIDavailable()) {
$openid = new \LightOpenID(framework\Context::getRouting()->generate('login_page', array(), false));
}
if (framework\Settings::isOpenIDavailable() && !$openid->mode && $request->isPost() && $request->hasParameter('openid_identifier')) {
$openid->identity = $request->getRawParameter('openid_identifier');
$openid->required = array('contact/email');
$openid->optional = array('namePerson/first', 'namePerson/friendly');
return $this->forward($openid->authUrl());
} elseif (framework\Settings::isOpenIDavailable() && $openid->mode == 'cancel') {
$this->error = framework\Context::getI18n()->__("OpenID authentication cancelled");
} elseif (framework\Settings::isOpenIDavailable() && $openid->mode) {
try {
if ($openid->validate()) {
if ($this->getUser()->isAuthenticated() && !$this->getUser()->isGuest()) {
if (tables\OpenIdAccounts::getTable()->getUserIDfromIdentity($openid->identity)) {
framework\Context::setMessage('openid_used', true);
throw new \Exception('OpenID already in use');
}
$user = $this->getUser();
} else {
$user = entities\User::getByOpenID($openid->identity);
}
if ($user instanceof entities\User) {
$attributes = $openid->getAttributes();
$email = array_key_exists('contact/email', $attributes) ? $attributes['contact/email'] : null;
if (!$user->getEmail()) {
if (array_key_exists('contact/email', $attributes)) {
$user->setEmail($attributes['contact/email']);
}
if (array_key_exists('namePerson/first', $attributes)) {
$user->setRealname($attributes['namePerson/first']);
}
if (array_key_exists('namePerson/friendly', $attributes)) {
$user->setBuddyname($attributes['namePerson/friendly']);
}
if (!$user->getNickname() || $user->isOpenIdLocked()) {
$user->setBuddyname($user->getEmail());
}
if (!$user->getRealname()) {
$user->setRealname($user->getBuddyname());
}
$user->save();
}
if (!$user->hasOpenIDIdentity($openid->identity)) {
tables\OpenIdAccounts::getTable()->addIdentity($openid->identity, $user->getID());
}
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
$user->setOnline();
$user->save();
if ($this->checkScopeMembership($user)) {
return true;
}
return $this->forward(framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin')));
} else {
$this->error = framework\Context::getI18n()->__("Didn't recognize this OpenID. Please log in using your username and password, associate it with your user account in your account settings and try again.");
}
} else {
$this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider");
}
} catch (\Exception $e) {
$this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider: %message", array('%message' => htmlentities($e->getMessage(), ENT_COMPAT, framework\Context::getI18n()->getCharset())));
}
} elseif ($request->getMethod() == framework\Request::POST) {
try {
if ($request->hasParameter('tbg3_username') && $request->hasParameter('tbg3_password') && $request['tbg3_username'] != '' && $request['tbg3_password'] != '') {
$user = entities\User::loginCheck($request, $this);
$user->setOnline();
$user->save();
framework\Context::setUser($user);
if ($this->checkScopeMembership($user)) {
return true;
}
if ($request->hasParameter('return_to')) {
$forward_url = $request['return_to'];
} else {
if (framework\Settings::get('returnfromlogin') == 'referer') {
$forward_url = $request->getParameter('tbg3_referer', framework\Context::getRouting()->generate('dashboard'));
} else {
$forward_url = framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin'));
}
}
$forward_url = htmlentities($forward_url, ENT_COMPAT, framework\Context::getI18n()->getCharset());
} else {
throw new \Exception('Please enter a username and password');
}
} catch (\Exception $e) {
if ($request->isAjaxCall()) {
$this->getResponse()->setHttpStatus(401);
framework\Logging::log($e->getMessage(), 'openid', framework\Logging::LEVEL_WARNING_RISK);
return $this->renderJSON(array("error" => $i18n->__("Invalid login details")));
} else {
$this->forward403($e->getMessage());
}
}
} else {
if ($request->isAjaxCall()) {
$this->getResponse()->setHttpStatus(401);
return $this->renderJSON(array("error" => $i18n->__('Please enter a username and password')));
} else {
$this->forward403($i18n->__('Please enter a username and password'));
}
}
if (!isset($user)) {
$this->forward403($i18n->__("Invalid login details"));
}
if ($this->checkScopeMembership($user)) {
return true;
}
$user->setOnline();
$user->save();
if ($request->isAjaxCall()) {
return $this->renderJSON(array('forward' => $forward_url));
} else {
$this->forward($this->getRouting()->generate('account'));
}
}
