/**
* Return current user if it exists.
*
* @return User instance or false
*/
public static function user()
{
if (is_null(self::$user)) {
// Not already cached
self::$user = false;
// Authentication logic
$event = new Event('auth_check');
$auth = $event->trigger(function () {
// No authentification is required by application
if (!Config::get('auth_sp_type')) {
return array();
}
// Check for local authentificaiton (script)
if (AuthLocal::isAuthenticated()) {
return array('local', AuthLocal::attributes());
}
// Check for remote application/user
if ((Config::get('auth_remote_application_enabled') || Config::get('auth_remote_user_enabled')) && AuthRemote::isAuthenticated() && (AuthRemote::application() && Config::get('auth_remote_application_enabled') || !AuthRemote::application() && Config::get('auth_remote_user_enabled'))) {
return array('remote', AuthRemote::attributes(), AuthRemote::application() && AuthRemote::isAdmin());
}
// Check for SP autentification
if (AuthSP::isAuthenticated()) {
return array('sp', AuthSP::attributes());
}
return array();
});
self::$type = array_shift($auth);
self::$attributes = array_shift($auth);
if (count($auth)) {
self::$isAdmin = array_shift($auth);
}
if (self::$attributes && array_key_exists('uid', self::$attributes)) {
$user_filter = Config::get('auth_user_filter');
if ($user_filter) {
self::$allowed = false;
if (is_string($user_filter)) {
if (preg_match('`^([^:]+):(.+)$`', $user_filter, $p)) {
self::$allowed = array_key_exists($p[1], self::$attributes) && preg_match('`' . $p[2] . '`', self::$attributes[$p[1]]);
}
} else {
self::$allowed = !(bool) $user_filter;
}
if (!self::$allowed) {
self::$type = null;
return;
}
}
// Set user if got uid attribute
self::$user = User::fromAttributes(self::$attributes);
// Save user additionnal attributes if enabled
if (self::isSP() && Config::get('auth_sp_save_user_additional_attributes') && array_key_exists('additional', self::$attributes) && self::$user->additional_attributes != self::$attributes['additional']) {
self::$user->additional_attributes = self::$attributes['additional'];
self::$user->save();
}
}
}
return self::$user;
}
/**
* This function allows to know if the user is authentified
*
* @return boolean True if authentified, false otherwhise
*/
public static function user()
{
if (is_null(self::$attributes)) {
// Not already cached
// Used to break infinite loop on Exceptions
self::$attributes = array();
if (!self::getFromCache()) {
// Authentication logic
if (AuthLocalApplication::isAuthenticated()) {
// SP
self::$attributes = AuthLocalApplication::attributes();
self::$isLocal = true;
} else {
if (AuthSP::isAuthenticated()) {
// SP
self::$attributes = AuthSP::attributes();
self::$isSP = true;
}
}
if (!self::$attributes || !array_key_exists('email', self::$attributes)) {
return false;
}
self::$user = User::fromAttributes(self::$attributes);
if (Config::get('use_application_cache')) {
$currentTime = time();
self::$creationTime = $currentTime;
self::$expiredTime = $currentTime + Config::get('notes_auth_cache_expired');
self::$sessionKey = Utilities::generateSessionKey(56);
}
self::storeCache();
}
}
return self::$user;
}