示例#1
0
 /**
  * Function creates the login session entry to the database
  * TODO: Function does not produce any nice exceptions 
  */
 protected function create_login_session(array $tokens, $clientip = null)
 {
     if (is_null($clientip)) {
         if (isset($_SERVER['REMOTE_ADDR'])) {
             $clientip = $_SERVER['REMOTE_ADDR'];
         } else {
             // No place like home
             $clientip = '127.0.0.1';
         }
     }
     if (!$this->do_midgard_login($tokens)) {
         return false;
     }
     // Create session to DB
     midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core');
     $session = new midgardmvc_core_login_session();
     $session->userid = $this->user->guid;
     $session->username = $tokens['login'];
     if (isset($tokens['password'])) {
         $session->password = $this->_obfuscate_password($tokens['password']);
     }
     if (isset($tokens['authtype'])) {
         $session->authtype = $tokens['authtype'];
     }
     $session->clientip = $clientip;
     $session->timestamp = time();
     $session->trusted = $this->trusted_auth;
     // for trusted authentication
     if (!$session->create()) {
         midgardmvc_core::get_instance()->authorization->leave_sudo();
         midgardmvc_core::get_instance()->context->get_request()->set_data_item('midgardmvc_core_services_authentication_message', midgardmvc_core::get_instance()->i18n->get('authentication session creation failed', 'midgardmvc_core'));
         return false;
     }
     midgardmvc_core::get_instance()->authorization->leave_sudo();
     $result = array('session_id' => $session->guid, 'user' => $this->user->guid);
     $this->current_session_id = $session->guid;
     // By default the session expires when browser is closed
     $expire_session = 0;
     if (isset($_POST['remember_login'])) {
         $expire_session = time() + 24 * 3600 * 365;
     }
     $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid, $expire_session);
     return $result;
 }
示例#2
0
 /**
  * Function creates the login session entry to the database
  * TODO: Function does not produce any nice exceptions 
  *
  * @param username
  * @param password
  * @clientip determined automatically if not set
  */
 private function create_login_session($username, $password, $clientip = null)
 {
     midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core');
     if (is_null($clientip)) {
         if (isset($_SERVER['REMOTE_ADDR'])) {
             $clientip = $_SERVER['REMOTE_ADDR'];
         } else {
             // No place like home
             $clientip = '127.0.0.1';
         }
     }
     if (!$this->do_midgard_login($username, $password)) {
         return false;
     }
     $session = new midgardmvc_core_login_session();
     $session->userid = $this->user->guid;
     $session->username = $username;
     $session->password = $this->_obfuscate_password($password);
     $session->clientip = $clientip;
     $session->timestamp = time();
     $session->trusted = $this->trusted_auth;
     // for trusted authentication
     if (!$session->create()) {
         // TODO: Add some exception?
         return false;
     }
     $result = array('session_id' => $session->guid, 'user' => &$user);
     $this->current_session_id = $session->guid;
     if (isset($_POST['remember_login'])) {
         $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid, time() + 24 * 3600 * 365);
     } else {
         $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid);
     }
     midgardmvc_core::get_instance()->authorization->leave_sudo();
     return $result;
 }