public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); $env = sfContext::getInstance()->getConfiguration()->getEnvironment(); if ($env != 'test') { $this->checkPermissions(); $this->resetPasswordCheck(); // here? $this->checkDatabase(); $this->checkHtaccess(); $this->performTests(); } $request = sfContext::getInstance()->getRequest(); if (!$this->isAuthenticated()) { if ($request->getPostParameter('password') == '' && $request->getCookie($this->cookie_name) != '' && $request->getMethod() != sfRequest::POST) { $params = array(); $params['password'] = $request->getCookie($this->cookie_name); $form = new LoginForm($this, true, array(), array(), false); // no csrf $form->bind($params); if ($form->isValid()) { $this->setAuthenticated(true); } } } }
/** * Initializes the sfGuardSecurityUser object. * * @param sfEventDispatcher $dispatcher The event dispatcher object * @param sfStorage $storage The session storage object * @param array $options An array of options */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if (!$this->isAuthenticated()) { $this->user = null; } }
public function initialize($context, $parameters = null) { if (sfConfig::get('sf_timeout') == 0) { // session will expire if window is open for a day sfConfig::set('sf_timeout', 86400); } return parent::initialize($context, $parameters); }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); $adminUserId = Doctrine::getTable('AdminUser')->find($this->getId()); if (!$adminUserId) { $this->logout(); } }
public function initialize($context, $parameters = array()) { parent::initialize($context, $parameters); if (!$this->isAuthenticated()) { // remove user if timeout $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser'); $this->user = null; } }
/** * Initializes the sfGuardSecurityUser object. * * @param sfEventDispatcher $dispatcher The event dispatcher object * @param sfStorage $storage The session storage object * @param array $options An array of options */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if (!$this->isAuthenticated()) { // remove user if timeout $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser'); $this->user = null; } }
/** * Init */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); // remove user if timeout if (!$this->isAuthenticated()) { $this->getAttributeHolder()->removeNamespace('open_auth'); $this->_user = null; } }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if (sfConfig::get('app_sf_object_guard_plugin_persistent_credentials', true)) { $this->credentialsLoadedFor = $storage->read(self::CREDENTIAL_TABLES_NAMESPACE); if (!$this->isAuthenticated()) { $this->credentialsLoadedFor = array(); } } }
public function initialize($context, $parameters = array()) { parent::initialize($context, $parameters); $this->prefix = sfConfig::get('app_phpbb_prefix', 'Phpbb'); if (!$this->isAuthenticated()) { // remove user if timeout $this->getAttributeHolder()->removeNamespace('avrPhpbbSecurityUser'); $this->user = null; } }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); $request = sfContext::getInstance()->getRequest(); // check auth by api_secret and get parameters $isAuth = md5(implode('_', array($request->getParameter('api_id'), $request->getParameter('viewer_id'), sfConfig::get('sf_vkontakte_secret_key')))) == $request->getParameter('auth_key'); $this->setAuthenticated($isAuth); if ($isAuth) { $this->id = $request->getParameter('viewer_id'); } }
/** * Initializes the current user. * * @see sfBasicSecurityUser */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); $request = sfContext::getInstance()->getRequest(); $authMode = $request->getUrlParameter('authMode'); if ($authMode) { $this->setCurrentAuthMode($authMode); } $this->createAuthAdapter($this->getCurrentAuthMode()); $this->initializeCredentials(); }
/** * Initializes the DmSecurityUser object. * * @param sfEventDispatcher $dispatcher The event dispatcher object * @param sfStorage $storage The session storage object * @param array $options An array of options */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if (!$this->isAuthenticated()) { // remove user if timeout $this->getAttributeHolder()->removeNamespace('dmSecurityUser'); $this->user = null; } elseif ($user = $this->getUser()) { $this->isSuperAdmin = $user->get('is_super_admin'); } }
/** * Initializes the current user. * * @see sfBasicSecurityUser */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if ($this->getMemberId() && $this->isTimedOut()) { $this->getAttributeHolder()->removeNamespace('opSecurityUser'); } $request = sfContext::getInstance()->getRequest(); $authMode = $request->getUrlParameter('authMode'); if ($authMode) { $this->setCurrentAuthMode($authMode); } $this->createAuthAdapter($this->getCurrentAuthMode()); }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { if (!isset($options['session_namespaces'])) { $options['session_namespaces'] = array(self::SITE_IDENTIFIER_NAMESPACE, self::LAST_REQUEST_NAMESPACE, self::AUTH_NAMESPACE, self::CREDENTIAL_NAMESPACE, self::ATTRIBUTE_NAMESPACE); } parent::initialize($dispatcher, $storage, $options); if (!$this->isValidSiteIdentifier()) { // This session is not for this site. $this->logout(); // So we need to clear all data of the current session because they might be tainted by attacker. // If OpenPNE uses that tainted data, it may cause limited session fixation attack. $this->clearSessionData(); return null; } }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { // initialize parent parent::initialize($dispatcher, $storage, $options); // On timeout, remove *all* user credentials if ($this->isTimedOut()) { $this->signOut(); return; } if ($this->isAuthenticated()) { $this->user = QubitUser::getById($this->getUserID()); // If this user's account has been *deleted* or this user session is from a // different install of qubit on the same server (cross-site), then signout // user if (null === $this->user) { $this->signOut(); } } }
/** * @see sfBasicSecurityUser::initialize() */ public function initialize($context, $parameters = array()) { // if "temp_remember" cookie is set, update lastRequest time to now to make sure // that user session is not considered too old if (sfContext::getInstance()->getRequest()->getCookie('temp_remember')) { $this->lastRequest = time(); } // Dirty hack to avoid that too much code is executed in order to detect // the user culture at that point (in sfUser::initialize()) since a more // comprehensive detection is performed at the end of this method. $storage = $context->getStorage(); // Saves current culture retrieved from session (if any) $saved_culture = $storage->read(self::CULTURE_NAMESPACE); // and temporary writes a dummy one. $storage->write(self::CULTURE_NAMESPACE, $this->dummy_culture); parent::initialize($context, $parameters); // Restores previously saved culture $storage->write(self::CULTURE_NAMESPACE, $saved_culture); // before finally performing the real culture detection: $this->setCulture($this->detectCulture()); }
/** * Initializes the DmSecurityUser object. * * @param sfEventDispatcher $dispatcher The event dispatcher object * @param sfStorage $storage The session storage object * @param array $options An array of options */ public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { // initialize parent parent::initialize($dispatcher, $storage, $options); if (!array_key_exists('timeout', $this->options)) { $this->options['timeout'] = 1800; } // force the max lifetime for session garbage collector to be greater than timeout if (ini_get('session.gc_maxlifetime') < $this->options['timeout']) { ini_set('session.gc_maxlifetime', $this->options['timeout']); } // read data from storage $this->authenticated = $storage->read(self::AUTH_NAMESPACE); $this->credentials = $storage->read(self::CREDENTIAL_NAMESPACE); $this->lastRequest = $storage->read(self::LAST_REQUEST_NAMESPACE); $this->isSuperAdmin = $storage->read(self::SUPER_ADMIN_NAMESPACE); if (null === $this->authenticated) { $this->authenticated = false; $this->credentials = array(); } else { // Automatic logout logged in user if no request within timeout parameter seconds $timeout = $this->options['timeout']; if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout) { if ($this->options['logging']) { $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout'))); } $this->setTimedOut(); $this->setAuthenticated(false); } } $this->lastRequest = time(); if (!$this->isAuthenticated()) { // remove user if timeout $this->getAttributeHolder()->removeNamespace('dmSecurityUser'); $this->user = null; } elseif ($user = $this->getUser()) { $this->isSuperAdmin = $user->get('is_super_admin'); } }
// ->listCredentials() $t->diag('->listCredentials()'); $user->clearCredentials(); $user->addCredential('user'); $t->is($user->listCredentials(), array('user'), '->listCredentials() returns user credentials as an array'); // ->setAuthenticated() ->isAuthenticated() $t->diag('->setAuthenticated() ->isAuthenticated()'); $t->is($user->isAuthenticated(), false, '->isAuthenticated() returns false by default'); $user->setAuthenticated(true); $t->is($user->isAuthenticated(), true, '->isAuthenticated() returns true if the user is authenticated'); $user->setAuthenticated(false); $t->is($user->isAuthenticated(), false, '->setAuthenticated() accepts a boolean as its first parameter'); // ->setTimedOut() ->getTimedOut() sfConfig::set('sf_timeout', 86400); $user = new sfBasicSecurityUser(); $user->initialize($context); $t->diag('->setTimedOut() ->isTimedOut()'); $t->is($user->isTimedOut(), false, '->isTimedOut() returns false if the session is not timed out'); $user->setTimedOut(); $t->is($user->isTimedOut(), true, '->isTimedOut() returns true if the session is timed out'); // ->hasCredential() $t->diag('->hasCredential()'); $user->clearCredentials(); $t->is($user->hasCredential('admin'), false, '->hasCredential() returns false if user has not the credential'); $user->addCredential('admin'); $t->is($user->hasCredential('admin'), true, '->addCredential() takes a credential as its first argument'); // admin AND user $t->is($user->hasCredential(array('admin', 'user')), false, '->hasCredential() can takes an array of credential as a parameter'); // admin OR user $t->is($user->hasCredential(array(array('admin', 'user'))), true, '->hasCredential() can takes an array of credential as a parameter'); // (admin OR user) AND owner
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { parent::initialize($dispatcher, $storage, $options); if ($this->isTimedOut()) { $authService = new AuthenticationService(); $authService->clearCredentials(); $_SESSION = array(); } }