/** * Log into the application */ public function loginAction() { $icinga = Icinga::app(); if (($requiresSetup = $icinga->requiresSetup()) && $icinga->setupTokenExists()) { $this->redirectNow(Url::fromPath('setup')); } $form = new LoginForm(); if ($this->Auth()->isAuthenticated()) { $this->redirectNow($form->getRedirectUrl()); } if (!$requiresSetup) { if (!$this->getRequest()->hasCookieSupport()) { $this->getResponse()->setBody("Cookies must be enabled to run this application.\n")->setHttpResponseCode(403)->sendResponse(); exit; } $form->handleRequest(); } $this->view->form = $form; $this->view->title = $this->translate('Icinga Web 2 Login'); $this->view->requiresSetup = $requiresSetup; }
/** * Log into the application */ public function loginAction() { $icinga = Icinga::app(); if ($icinga->setupTokenExists() && $icinga->requiresSetup()) { $this->redirectNow(Url::fromPath('setup')); } $triedOnlyExternalAuth = null; $auth = $this->Auth(); $this->view->form = $form = new LoginForm(); $this->view->title = $this->translate('Icingaweb Login'); try { $redirectUrl = $this->view->form->getValue('redirect'); if ($redirectUrl) { $redirectUrl = Url::fromPath($redirectUrl); } else { $redirectUrl = Url::fromPath('dashboard'); } if ($auth->isAuthenticated()) { $this->rerenderLayout()->redirectNow($redirectUrl); } try { $config = Config::app('authentication'); } catch (NotReadableError $e) { throw new ConfigurationError($this->translate('Could not read your authentication.ini, no authentication methods are available.'), 0, $e); } $chain = new AuthChain($config); $request = $this->getRequest(); if ($request->isPost() && $this->view->form->isValid($request->getPost())) { $user = new User($this->view->form->getValue('username')); $password = $this->view->form->getValue('password'); $backendsTried = 0; $backendsWithError = 0; $redirectUrl = $form->getValue('redirect'); if ($redirectUrl) { $redirectUrl = Url::fromPath($redirectUrl); } else { $redirectUrl = Url::fromPath('dashboard'); } foreach ($chain as $backend) { if ($backend instanceof ExternalBackend) { continue; } ++$backendsTried; try { $authenticated = $backend->authenticate($user, $password); } catch (AuthenticationException $e) { Logger::error($e); ++$backendsWithError; continue; } if ($authenticated === true) { $auth->setAuthenticated($user); $this->rerenderLayout()->redirectNow($redirectUrl); } } if ($backendsTried === 0) { $this->view->form->addError($this->translate('No authentication methods available. Did you create' . ' authentication.ini when setting up Icinga Web 2?')); } else { if ($backendsTried === $backendsWithError) { $this->view->form->addError($this->translate('All configured authentication methods failed.' . ' Please check the system log or Icinga Web 2 log for more information.')); } elseif ($backendsWithError) { $this->view->form->addError($this->translate('Please note that not all authentication methods were available.' . ' Check the system log or Icinga Web 2 log for more information.')); } } if ($backendsTried > 0 && $backendsTried !== $backendsWithError) { $this->view->form->getElement('password')->addError($this->translate('Incorrect username or password')); } } elseif ($request->isGet()) { $user = new User(''); foreach ($chain as $backend) { $triedOnlyExternalAuth = $triedOnlyExternalAuth === null; if ($backend instanceof ExternalBackend) { $authenticated = $backend->authenticate($user); if ($authenticated === true) { $auth->setAuthenticated($user); $this->rerenderLayout()->redirectNow(Url::fromPath(Url::fromRequest()->getParam('redirect', 'dashboard'))); } } else { $triedOnlyExternalAuth = false; } } } } catch (Exception $e) { $this->view->form->addError($e->getMessage()); } $this->view->requiresExternalAuth = $triedOnlyExternalAuth && !$auth->isAuthenticated(); $this->view->requiresSetup = Icinga::app()->requiresSetup(); }