示例#1
0
 public function preDispatch()
 {
     Kwf_Util_Https::ensureHttps();
     if ($this->_getParam('applicationAssetsVersion') && $this->getHelper('ViewRenderer')->isJson()) {
         if (Kwf_Assets_Dispatcher::getAssetsVersion() != $this->_getParam('applicationAssetsVersion')) {
             $this->_forward('json-wrong-version', 'error', 'kwf_controller_action_error');
             return;
         }
     }
     $this->_validateSessionToken();
     $t = microtime(true);
     $allowed = $this->_isAllowedResource();
     if ($allowed) {
         $allowed = $this->_isAllowed($this->_getAuthData());
     }
     if (!$allowed) {
         $params = array('role' => $this->_getUserRole());
         if ($this->getHelper('ViewRenderer')->isJson()) {
             $this->_forward('json-login', 'login', 'kwf_controller_action_user', $params);
         } else {
             $params = array('location' => $this->getRequest()->getBaseUrl() . '/' . ltrim($this->getRequest()->getPathInfo(), '/'));
             $this->_forward('index', 'login', 'kwf_controller_action_user', $params);
         }
     }
     Kwf_Benchmark::subCheckpoint('check acl', microtime(true) - $t);
 }
示例#2
0
 public static function processCookies()
 {
     if (isset($_COOKIE['feAutologin']) && !Kwf_Auth::getInstance()->getStorage()->read()) {
         Kwf_Util_Https::ensureHttps();
         $feAutologin = explode('.', $_COOKIE['feAutologin']);
         if (count($feAutologin) == 2) {
             $adapter = new Kwf_Auth_Adapter_PasswordAuth();
             $adapter->setIdentity($feAutologin[0]);
             $adapter->setCredential($feAutologin[1]);
             $adapter->setUseCookieToken(true);
             $auth = Kwf_Auth::getInstance();
             $auth->clearIdentity();
             $result = $auth->authenticate($adapter);
             if (!$result->isValid()) {
                 self::clearCookies();
             }
         }
     } else {
         if (isset($_COOKIE['hasFeAutologin']) && !Kwf_Auth::getInstance()->getStorage()->read()) {
             //feAutologin cookie is set with https-only (for security reasons)
             //hasFeAutologin is seth without https-only
             Kwf_Util_Https::ensureHttps();
         }
     }
 }
示例#3
0
 public static function afterStart()
 {
     static $validatorsRegistered = false;
     if (!$validatorsRegistered) {
         Kwf_Util_Https::ensureHttps();
         if (isset($_SESSION['__KWF']['VALID'])) {
             self::_processValidators();
         }
         //sessions timeout after 15-20 minutes of inactivity
         //this is in addition to gc_maxlifetime (which isn't reliable enough)
         $sessionTimeout = 20 * 60;
         if (!isset($_SESSION['kwfTimeout'])) {
             $_SESSION['kwfTimeout'] = time() + $sessionTimeout;
         } else {
             if ($_SESSION['kwfTimeout'] - time() < 0) {
                 $_SESSION = array();
                 $_SESSION['kwfTimeout'] = time() + $sessionTimeout;
                 Zend_Session::regenerateId();
             } else {
                 if ($_SESSION['kwfTimeout'] - time() < $sessionTimeout - 5 * 60) {
                     //extend timeout every 5 minutes (not in every request for better performance)
                     $_SESSION['kwfTimeout'] = time() + $sessionTimeout;
                 }
             }
         }
         if (!isset($_SESSION['__KWF']['VALID'])) {
             Zend_Session::registerValidator(new Kwf_Session_Validator_HttpHost());
             if (Kwf_Setup::getBaseUrl()) {
                 Zend_Session::registerValidator(new Kwf_Session_Validator_BasePath());
             }
             Zend_Session::registerValidator(new Kwf_Session_Validator_RemoteAddr());
         }
         $validatorsRegistered = true;
     }
 }
示例#4
0
 public function sendContent($includeMaster)
 {
     $benchmarkEnabled = Kwf_Benchmark::isEnabled();
     if (Kwf_Util_Https::supportsHttps()) {
         $foundRequestHttps = Kwf_Util_Https::doesComponentRequestHttps($this->_data);
         if (isset($_SERVER['HTTPS'])) {
             //we are on https
             if (!$foundRequestHttps && isset($_COOKIE['kwcAutoHttps']) && !Zend_Session::sessionExists() && !Zend_Session::isStarted()) {
                 //we where auto-redirected to https but don't need https anymore
                 setcookie('kwcAutoHttps', '', 0, '/');
                 //delete cookie
                 Kwf_Util_Https::ensureHttp();
             }
         } else {
             //we are on http
             if ($foundRequestHttps) {
                 setcookie('kwcAutoHttps', '1', 0, '/');
                 Kwf_Util_Https::ensureHttps();
             }
         }
         if ($benchmarkEnabled) {
             Kwf_Benchmark::checkpoint('check requestHttps');
         }
     }
     if ($benchmarkEnabled) {
         $startTime = microtime(true);
     }
     $process = $this->_getProcessInputComponents($includeMaster);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::subCheckpoint('getProcessInputComponents', microtime(true) - $startTime);
     }
     self::_callProcessInput($process);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('processInput');
     }
     $hasDynamicParts = false;
     $out = $this->_render($includeMaster, $hasDynamicParts);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('render');
     }
     header('Content-Type: text/html; charset=utf-8');
     if (!$hasDynamicParts) {
         $lifetime = 60 * 60;
         header('Cache-Control: public, max-age=' . $lifetime);
         header('Expires: ' . gmdate("D, d M Y H:i:s \\G\\M\\T", time() + $lifetime));
         header('Pragma: public');
     }
     echo $out;
     self::_callPostProcessInput($process);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('postProcessInput');
     }
 }