public function actionLogin() { // instantitate the login tracker $userLogin = new Synergixe\Services\SSO\UserLoginSignOn(); // get the control point of Sentry 2 throttling functionality (Providers) $t_provider = Sentry::getThrottleProvider(); // enable login throttling... // a228b23ad9afe0151ca82dd721b77032c9983c37 $t_provider->enable(); // default results for validation $vld_result = FALSE; // placeholder for error reason {string} $vld_error = ""; // status of user login process.. $userLoginSuccess = FALSE; // sanitize form input values... $credentials = array('email' => Synergixe\StrRoutines::sanitize_input(Input::get('email'), Synergixe\StrRoutines::FILTER_AS_EMAIL), 'password' => Synergixe\StrRoutines::sanitize_input(Input::get('password'), Synergixe\StrRoutines::FILTER_SPECIAL_STR)); // santize 'remember_me' as boolean $remember = Synergixe\StrRoutines::sanitize_input(Input::has('remember_me'), Synergixe\StrRoutines::FILTER_AS_BOOLEAN); // setup validation rules... Synergixe\Services\Validation\PostDataValidator::resetRules(array('email' => 'required|email|min:5', 'password' => 'required|min:6')); // validate form input values... $validator = new Synergixe\Services\Validation\PostDataValidator($credentials); try { $validator->setValidationType('POSTDATA'); $vld_result = $validator->passes(); } catch (Exception $ex) { $vld_error = $ex->getMessage(); Log::error('Validator Internal Error: ' . $vld_error); // for debugging purposes... } if (!$vld_result) { // if we have validation errors... // we can't proceed beyond this point (however, report these back to the client) $userLogin->problemMessages["validation.problems"] = empty($validator->errors) ? array('auth.validation-error' => $vld_error) : $validator->errors; } else { // we don't have validation errors, so // setup throttling settings... (@chris, it would be nice if you found out ) $throttle = $t_provider->findByUserLogin($credentials['email'], Request::ip()); // Synergixe\App\Models\Throttle::with('user')->where('user_id', '=', $user->id); $throttle->setAttemptLimit(4); // 4 counts $throttle->setSuspensionTime(5); // 5 minutes try { // authenticate the user $user = Sentry::authenticate($credentials, $remember); // get the organization the user belongs to // --- This isn't important as this point! --- $org = Organization::where('id', '=', $user->organization_id)->firstOrFail(); // setup argument data for 'UserLoginSignOn' $specialData = array("backend_url" => Input::get('redirect_piece'), "secret_key" => Request::header('X-Authorize-Key')); if (is_object($user)) { $userLoginSuccess = $userLogin->trackLoginOnRequest($user, $specialData); } } catch (Exception $e) { $exception_class_name = get_class($e); // get the class name!! switch ($exception_class_name) { case "Cartalyst\\Sentry\\Users\\LoginRequiredException": case "Cartalyst\\Sentry\\Users\\PasswordRequiredException": case "Cartalyst\\Sentry\\Users\\WrongPasswordException": case "Cartalyst\\Sentry\\Users\\UserNotFoundException": case "Cartalyst\\Sentry\\Users\\UserNotActivatedException": case "Cartalyst\\Sentry\\Throttling\\UserSuspendedException": $userLogin->problemMessages["auth.problems"] = $e->getMessage(); break; default: $userLogin->problemMessages["auth.problems"] = 'Unknown Login Problem'; break; } $userLogin->recordThrottle($throttle); } } if ($userLogin->hasProblem) { Event::fire('synlogin.failure', $userLogin); // fire failure event and send details to server side logging point } else { Event::fire('synlogin.success', $userLogin); // fire success event and send details to server side logging point } $response = Response::make(json_encode($userLogin->toArray()), $userLogin->getTrackingCode()); $response->header('Content-Type', 'application/json'); if ($userLoginSuccess) { $response->header('X-Authorize-Value', $userLogin->getAuthorizeValue()); /*if($userLogin->isSigningSet()){ $response->withCookie($userLogin->getTrackingCookie()); }*/ } return $response; /*if (!Sentry::check()){ //checks if a user is logged in. $user_details= array('email'=>Input::get('email'), 'password'=>Input::get('password')); $remember_me= Input::has('remember_me'); if ($user_details) { try{ $userauth= Sentry::authenticate($user_details,$remember_me); $token= hash('sha256',Str::random(10),false); $userauth->api_token= $token; $userauth->save(); return Response::json(array('token'=>$token, 'userauth'=>$userauth->toArray())); } catch (Cartalyst\Sentry\Users\LoginRequiredException $e) { return Response::json(array('errorMessage'=>'Login Required!')); } catch(Cartalyst\Sentry\Users\UserNotFoundException $e) { return Response::json(array('errorMessage'=>'User Not Found!')); } catch(Cartalyst\Sentry\Users\UserNotActivatedException $e) { return Response::json(array('errorMessage'=>'User Not Activated!')); } }else{ return Response::json(array('errorMessage'=>'User Already Logged in!')); } }*/ }
| Auth Remember Filter |----------------------------------------------------------------------------- | | | | | */ Route::filter('auth.remember', function () { $userLogin = NULL; if (Sentry::check()) { $userLogin = new Synergixe\Services\SSO\UserLoginSignOn(); $loggedUser = Sentry::getUser(); // get the current user!! if ($loggedUser) { $userLoginSucess = $userLogin->trackLoginOnRequest($loggedUser, array("backend_url" => "http://app.synergixe.ng", "secret_key" => "werkp34i-23wekse5-wj3v47ud-4ys6qa27")); if (!$userLogin->hasProblem and $userLoginSuccess) { Event::fire('synlogin.success', $userLogin); $response = Response::view('sso.remembered', array('user' => $loggedUser, 'payload' => json_encode($userLogin->toArray()))); $response->with(array('user' => $loggedUser)); return $response; } } } }); /* |-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against