/**
* This method should handle any login logic and report back to the subject
*
* @param array $user Holds the user data
* @param array $options Array holding options (remember, autoregister, group)
*
* @return boolean True on success
*
* @since 1.5
*/
public function onUserLogin($user, $options = array())
{
$instance = $this->_getUser($user, $options);
// If _getUser returned an error, then pass it back.
if ($instance instanceof Exception) {
return false;
}
// If the user is blocked, redirect with an error
if ($instance->block == 1) {
$this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
return false;
}
// Authorise the user based on the group information
if (!isset($options['group'])) {
$options['group'] = 'USERS';
}
// Check the user can login.
$result = $instance->authorise($options['action']);
if (!$result) {
$this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
return false;
}
// Mark the user as logged in
$instance->guest = 0;
$session = JFactory::getSession();
// Grab the current session ID
$oldSessionId = $session->getId();
// Fork the session
$session->fork();
$session->set('user', $instance);
// Ensure the new session's metadata is written to the database
$this->app->checkSession();
// Purge the old session
$query = $this->db->getQuery(true)->delete('#__session')->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($oldSessionId));
try {
$this->db->setQuery($query)->execute();
} catch (RuntimeException $e) {
// The old session is already invalidated, don't let this block logging in
}
// Hit the user last visit field
$instance->setLastVisit();
// Add "user state" cookie used for reverse caching proxies like Varnish, Nginx etc.
$conf = JFactory::getConfig();
$cookie_domain = $conf->get('cookie_domain', '');
$cookie_path = $conf->get('cookie_path', '/');
if ($this->app->isSite()) {
$this->app->input->cookie->set("joomla_user_state", "logged_in", 0, $cookie_path, $cookie_domain, 0);
}
return true;
}
/**
* This method should handle any login logic and report back to the subject
*
* @param array $user Holds the user data
* @param array $options Array holding options (remember, autoregister, group)
*
* @return boolean True on success
*
* @since 1.5
*/
public function onUserLogin($user, $options = array())
{
$instance = $this->_getUser($user, $options);
// If _getUser returned an error, then pass it back.
if ($instance instanceof Exception) {
return false;
}
// If the user is blocked, redirect with an error
if ($instance->get('block') == 1) {
$this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
return false;
}
// Authorise the user based on the group information
if (!isset($options['group'])) {
$options['group'] = 'USERS';
}
// Check the user can login.
$result = $instance->authorise($options['action']);
if (!$result) {
$this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
return false;
}
// Mark the user as logged in
$instance->set('guest', 0);
// Register the needed session variables
$session = JFactory::getSession();
$session->set('user', $instance);
// Check to see the the session already exists.
$this->app->checkSession();
// Update the user related fields for the Joomla sessions table.
$query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
try {
$this->db->setQuery($query)->execute();
} catch (RuntimeException $e) {
return false;
}
// Hit the user last visit field
$instance->setLastVisit();
// Add "user state" cookie used for reverse caching proxies like Varnish, Nginx etc.
$conf = JFactory::getConfig();
$cookie_domain = $conf->get('cookie_domain', '');
$cookie_path = $conf->get('cookie_path', '/');
if ($this->app->isSite()) {
$this->app->input->cookie->set("joomla_user_state", "logged_in", 0, $cookie_path, $cookie_domain, 0);
}
return true;
}
/**
* This method should handle any login logic and report back to the subject
*
* @param array $user Holds the user data
* @param array $options Array holding options (remember, autoregister, group)
*
* @return boolean True on success
*
* @since 1.5
*/
public function onUserLogin($user, $options = array())
{
$instance = $this->_getUser($user, $options);
// If _getUser returned an error, then pass it back.
if ($instance instanceof Exception) {
return false;
}
// If the user is blocked, redirect with an error
if ($instance->get('block') == 1) {
$this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
return false;
}
// Authorise the user based on the group information
if (!isset($options['group'])) {
$options['group'] = 'USERS';
}
// Check the user can login.
$result = $instance->authorise($options['action']);
if (!$result) {
$this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
return false;
}
// Mark the user as logged in
$instance->set('guest', 0);
// If the user has an outdated hash, update it.
if (substr($user['password'], 0, 4) != '$2y$' && $this->useStrongEncryption && JCrypt::hasStrongPasswordSupport() == true) {
if (strlen($user['password']) > 55) {
$user['password'] = substr($user['password'], 0, 55);
JFactory::getApplication()->enqueueMessage(JText::_('JLIB_USER_ERROR_PASSWORD_TRUNCATED'), 'notice');
}
$instance->password = password_hash($user['password'], PASSWORD_BCRYPT);
$instance->save();
}
// Register the needed session variables
$session = JFactory::getSession();
$session->set('user', $instance);
// Check to see the the session already exists.
$this->app->checkSession();
// Update the user related fields for the Joomla sessions table.
$query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
$this->db->setQuery($query)->execute();
// Hit the user last visit field
$instance->setLastVisit();
return true;
}
/**
* This method should handle any login logic and report back to the subject
*
* @param array $user Holds the user data
* @param array $options Array holding options (remember, autoregister, group)
*
* @return boolean True on success
*
* @since 1.5
*/
public function onUserLogin($user, $options = array())
{
$instance = $this->_getUser($user, $options);
// If _getUser returned an error, then pass it back.
if ($instance instanceof Exception) {
return false;
}
// If the user is blocked, redirect with an error
if ($instance->get('block') == 1) {
$this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
return false;
}
// Authorise the user based on the group information
if (!isset($options['group'])) {
$options['group'] = 'USERS';
}
// Check the user can login.
$result = $instance->authorise($options['action']);
if (!$result) {
$this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
return false;
}
// Mark the user as logged in
$instance->set('guest', 0);
// Register the needed session variables
$session = JFactory::getSession();
$session->set('user', $instance);
// Check to see the the session already exists.
$this->app->checkSession();
// Update the user related fields for the Joomla sessions table.
$query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
$this->db->setQuery($query)->execute();
// Hit the user last visit field
$instance->setLastVisit();
return true;
}
