/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface
* If authentication cannot be performed
*/
public function authenticate()
{
/* Anti Injection de login */
$login1 = Security\AntiInjection::antiSqlInjection1($this->getIdentity());
$login2 = Security\AntiInjection::antiSqlInjection2($login1);
$identity = Security\AntiInjection::antiSqlInjection3($login2);
/* Anti Injection de senha */
$senha1 = Security\AntiInjection::antiSqlInjection1($this->getCredential());
$senha2 = Security\AntiInjection::antiSqlInjection2($senha1);
$senha3 = Security\AntiInjection::antiSqlInjection3($senha2);
/* Criptografa a senha */
$crypt = new Security\Crypt();
$credential = $crypt->encrypt($senha3);
//Define os dados para processar o login
$this->setIdentity($identity)->setCredential($credential);
//Faz inner join dos dados do perfil no SELECT do Auth_Adapter
$select = $this->getDbSelect();
$select->where("ind_status = 'A'");
//Efetua o login
$result = parent::authenticate();
//Verifica se o login foi efetuado com sucesso
if ($result->isValid()) {
//Recupera o objeto do usuário, sem a senha
$info = $this->getResultRowObject($this->returnColumns, $this->credentialColumn);
$storage = new SessionStorage();
$storage->write($info);
if ($result->getCode()) {
return new ResultValidation(ResultValidation::SUCCESS, (array) $info);
} else {
return new ResultValidation(ResultValidation::FAILURE, null);
}
} else {
return new ResultValidation(ResultValidation::FAILURE, null);
}
}
public function authenticate()
{
// connection
$dbAdapter = new DbAdapter(array('driverClass' => 'Doctrine\\DBAL\\Driver\\PDOMySql\\Driver', 'dbname' => 'RioVerdeShopping'));
// set identification
$authAdapter = new AuthAdapter($dbAdapter);
$authAdapter->setTableName($this->entity)->setIdentityColumn($this->identidade)->setCredentialColumn($this->credencial);
$authAdapter->setIdentity($this->login)->setCredential($this->senha);
//authenticate
$result = $authAdapter->authenticate();
switch ($result->getCode()) {
case Result::FAILURE_IDENTITY_NOT_FOUND:
$msg = "Login inexistente!";
break;
case Result::FAILURE_CREDENTIAL_INVALID:
$msg = "Senha inválida!";
break;
case Result::SUCCESS:
$registro = $result->getIdentity();
$msg = "Seja bem vindo(a) " . $registro['nome'];
break;
default:
$msg = "Falha na tentativa de autenticação!";
break;
}
return $msg;
}
/**
* Test to see same usernames with different passwords can authenticate when
* a flag is set
*
* @group ZF-7289
*/
public function testEqualUsernamesDifferentPasswordShouldAuthenticateWhenFlagIsSet()
{
$sqlInsert = 'INSERT INTO users (username, password, real_name) '
. 'VALUES ("my_username", "my_otherpass", "Test user 2")';
$this->_db->query($sqlInsert, DbAdapter::QUERY_MODE_EXECUTE);
// test if user 1 can authenticate
$this->_adapter->setIdentity('my_username')
->setCredential('my_password')
->setAmbiguityIdentity(true);
$result = $this->_adapter->authenticate();
$this->assertFalse(in_array('More than one record matches the supplied identity.',
$result->getMessages()));
$this->assertTrue($result->isValid());
$this->assertEquals('my_username', $result->getIdentity());
$this->_adapter = null;
$this->_setupAuthAdapter();
// test if user 2 can authenticate
$this->_adapter->setIdentity('my_username')
->setCredential('my_otherpass')
->setAmbiguityIdentity(true);
$result2 = $this->_adapter->authenticate();
$this->assertFalse(in_array('More than one record matches the supplied identity.',
$result->getMessages()));
$this->assertTrue($result2->isValid());
$this->assertEquals('my_username', $result2->getIdentity());
}
public function loginAction()
{
$entityManager = $this->getEntityManager();
$form = new LoginForm($entityManager);
$error = null;
$request = $this->getRequest();
if ($request->isPost()) {
$formInputFilter = new LoginFilter($entityManager);
$form->setInputFilter($formInputFilter->getInputFilter());
$form->setData($request->getPost());
if ($form->isValid()) {
$formData = $form->getData();
$authAdapter = new AuthAdapter($this->getServiceLocator()->get('Zend\\Db\\Adapter\\Adapter'), 'users', 'login', 'password', "MD5(?)");
$authAdapter->setIdentity($formData["loginutilisateur"])->setCredential($formData["passwordutilisateur"]);
$authResultat = $authAdapter->authenticate();
if ($authResultat->isValid()) {
$userData = $authAdapter->getResultRowObject();
if ($userData->acces == '4') {
$error = 'Votre compte a été supprimé';
} elseif ($userData->acces == '3') {
$authService = new AuthenticationService();
$authService->getStorage()->write($userData);
// TODO Redirections selon profil utilisateur
switch ($userData->type) {
default:
// $this->redirect()->toUrl($this->getBaseUrl());
$this->redirect()->toRoute("home");
}
} else {
$error = 'Votre compte est désactivé';
}
} else {
$error = 'Identifiants incorrects';
}
} else {
$error = 'Identifiants incorrects';
}
}
return new ViewModel(array('form' => $form, 'alertmessages' => array('error' => $error)));
}
/**
*
* @return \Zend\Authentication\Result
* @throws Exception
*/
public function authenticate()
{
$res = parent::authenticate();
return $res;
// try {
//
// if ($this->username == "seyfer" &&
// $this->password == "sessfsf") {
//
// $identity = "user";
// $code = Result::SUCCESS;
// return new Result($code, $identity);
// }
// else {
// throw new \Exception("Authentication Failed");
// }
// }
// catch (\Exception $e) {
// $code = Result::FAILURE;
// $identity = "guest";
// return new Result($code, $identity, array($e->getMessage()));
// }
}
public function userLogin($useremail, $password, $remember_me = 0)
{
$authAdapter = new AuthAdapter($this->getAdapter(), 'userlist', 'useremail', 'password', 'CONCAT(?,salt_key) and is_active=1 and is_delete=0');
$authAdapter->setIdentity(trim($useremail));
$authAdapter->setCredential(base64_encode(trim($password)));
$auth = new AuthenticationService();
$result = $authAdapter->authenticate($authAdapter);
if ($result->isValid()) {
if ($remember_me == 1) {
setcookie('discoveryCRMcookieEmail', $useremail, time() + 86400 * 365, "/");
setcookie('discoveryCRMcookiePswd', $password, time() + 86400 * 365, "/");
} else {
setcookie('discoveryCRMcookieEmail', $useremail, time() - 86400, "/");
setcookie('discoveryCRMcookiePswd', $password, time() - 86400, "/");
}
$data = $authAdapter->getResultRowObject();
$auth->getStorage()->write($data);
$identity = $auth->getIdentity();
$this->getModel()->generateOTP();
return 1;
} else {
return 0;
}
}
/**
* Ensure that exceptions are caught
*/
public function testCatchExceptionNoCredentialColumn()
{
$this->setExpectedException('Zend\\Authentication\\Adapter\\Exception\\RuntimeException', 'A credential column must be supplied');
$adapter = new Adapter\DbTable($this->_db, 'users', 'username');
$result = $adapter->authenticate();
}
/**
* Ensure that exceptions are caught
*
* @expectedException Zend\Authentication\Exception
*/
public function testCatchExceptionNoCredentialColumn()
{
$adapter = new Adapter\DbTable($this->_db, 'users', 'username');
$result = $adapter->authenticate();
// $this->assertEquals($e->getMessage(), 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.');
}
/**
* This action is called when a user is to be authenticated by their username and password
*
* @return \Zend\View\Model\ViewModel
*/
public function authenticateAction()
{
$Logform = new LoginForm();
//Gets the username
$email = $this->request->getPost('email');
//Get the password and encrypt it using md5
$password = md5($this->request->getPost('password'));
//Create a connection to the database
$db = $this->getServiceLocator()->get('dbcon');
if ($this->request->isPost()) {
//Perform a check to see if username and password are not empty
if ($email != null and $password != null) {
//Create an instance of the Auth Adapter
$auth = new AuthAdapter($db);
//Set the user name
$auth->setIdentity($email);
//Set the password
$auth->setCredential($password);
//Set the Table name
$auth->setTableName('users');
//Set the user name colum
$auth->setIdentityColumn('email');
//Set the password column
$auth->setCredentialColumn('password');
//Authenticate the user
$auth->authenticate();
//If authentication is valid
if ($auth->authenticate()->isValid()) {
//Convert the user credentials from an object into an array
$array = get_object_vars($auth->getResultRowObject());
//Set the username and store it in session
$this->session->offsetSet('email', $array['email']);
$this->session->offsetSet('username', $array['username']);
//Set the user id and store in session
$this->session->offsetSet('id', $array['id']);
//Set the user full name and store in session
$this->session->offsetSet('fullname', $array['full_name']);
$this->AuthenticationLogger("user logged in successfully at " . date('y-m-d H:i:s'));
$this->ActivityLogs("user logged in successfully at " . date('Y-m-d H:i:s'));
//Redirect the user to the admin page
$this->getUrl('ekontact', 'Ekontact', 'dashboard');
} else {
$msg = $this->flashMessenger()->addMessage(sprintf(" %s Invalid email or password %s", '<div class="error">', '</div>'));
return $this->redirect()->toRoute('authentication', array('controller' => 'Authentication', 'action' => 'login'));
}
} else {
$msg = $this->flashMessenger()->addMessage(sprintf(" %s Please make sure both email and password fields are not empty %s", '<div class="error">', '</div>'));
$this->getUrl('authentication', 'Authentication', 'login');
}
}
$view = new ViewModel(array('form' => $Logform));
$this->layout('layout/login_layout');
return $view;
}