alice
/
MOZAMBICO
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Actividad
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Rama
Árbol: 4cbb450bbc
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde '4cbb450bbc'
${ noResults }
MOZAMBICO/App/Controllers/loginController.php

loginController.php 6.1KB
Original Blame Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. <?php

  2. 	

  3. 	class loginController extends mainController {

  4. 				

  5. 		function __construct() {

  6. 			parent::__construct();

  7. 			

  8. 			//To change for every Controller

  9. 			$this->viewDir = 'Login';

  10. 		}

  11. 		

  12. 		//Do not show the Disclaimer in this controller actions (see mainController)

  13. 		public function beforeRender($content=null) {

  14. 			return false;

  15. 		}

  16. 		

  17. 		public function index($args=null) {

  18. 			

  19. 			$jsRedirect = isset($args['jsRedirect']) ? $args['jsRedirect'] : '/';

  20. 			

  21. 			//Avoid to show the login form if the user is logged in

  22. 			if ($this->user->isLogged()) {

  23. 				return $this->redirect('login', 'indexLogged');

  24. 			}

  25. 						

  26. 			$this->view->appTitle = $this->config['settings']['app-title'];

  27. 			$this->view->languageList = $this->locale->getLanguageStringList();

  28. 			$this->view->token = $this->security->setCSRFToken();

  29. 			

  30. 			return $this->setJsonView('index', true, $jsRedirect);

  31. 			

  32. 		}

  33. 		

  34. 		public function indexLogged($args=null) {

  35. 			$this->view->appTitle = $this->config['settings']['app-title'];

  36. 			return $this->setJsonView('indexLogged');

  37. 		}

  38. 		

  39. 		public function access($args=null) {

  40. 						

  41. 			$data = $this->getPost('data');

  42. 			$hr = new HandleRequest();

  43. 						

  44. 			if ($data !== false) {

  45. 				

  46. 				$username = trim($data['username']);

  47. 				$passwd  = trim($data['password']);

  48. 				$token = $data['token'];

  49. 				//$keep_connected = $data['keep_connected'];

  50. 								

  51. 				//if ($this->security->compareCSRFToken($token)) {

  52. 				//$user = $this->db->where('status', 0, '<>')->where('username', $username, 'like')->getOne('users');

  53. 				

  54. 				$user = $this->user->getValidUserData($username);

  55. 				

  56. 				if (isset($user['id'])) {

  57. 					if ($user['password'] == md5($passwd)) {

  58. 						

  59. 						$user = $this->user->setUserMeta($user);

  60. 						

  61. 						$this->user->logout();

  62. 						

  63. 						//Log the user (create user's session)

  64. 						if ($this->user->login($user)) {

  65. 							

  66. 							//Associate user id to the current session

  67. 							$updateSession = $this->user->setUserIdSessionField();

  68. 							

  69. 							$this->logger->logUserAccess($user, 1, 'Login');

  70. 							

  71. 							$hr->setActivityLog($this->user->getUserId(), 'USR_LOGGED_IN', ['userId'=>$this->user->getUserId()]);

  72. 							

  73. 							return $this->setRawJsonResponse('ok', null);

  74. 						} else {

  75. 							$hr->setActivityLog(0, 'USR_LOGIN_FAILED', ['username'=>$username]);

  76. 							$this->logger->logUserAccess($user, 0, 'User session error', ['Username'=>$username]);

  77. 							return $this->setJsonError(_('An error occurred creating user session. Please try again in a few minutes.'));

  78. 						}

  79. 													

  80. 					} else {

  81. 						$hr->setActivityLog(0, 'USR_LOGIN_FAILED', ['username'=>$username]);

  82. 						$this->logger->logUserAccess(null, 0, 'Password', ['Username'=>$username]);

  83. 						return $this->setJsonError(_('The Password provided is not valid.'));

  84. 					}

  85. 				} else {

  86. 					$hr->setActivityLog(0, 'USR_LOGIN_FAILED', ['username'=>$username]);

  87. 					$this->logger->logUserAccess(null, 0, 'Username', ['Username'=>$username]);

  88. 					return $this->setJsonError(_('The Username provided is not valid.'));

  89. 				}

  90. 					

  91. 				/*} else {

  92. 					$this->logger->logUserAccess(null, 0, 'CSRFT', ['Username'=>$username]);

  93. 					return $this->setJsonError(_('The provided login information are not valid.'));

  94. 				}*/

  95. 				

  96. 			} else {

  97. 				$hr->setActivityLog(0, 'USR_LOGIN_FAILED', ['username'=>$username]);

  98. 				$this->logger->logUserAccess(null, 0, 'POST', ['Username'=>$username]);

  99. 				return $this->setJsonError(_('Login information data are empty.'));

  100. 			}

  101. 		}

  102. 		

  103. 		public function autoLogin() {

  104. 			$token = $this->getPost('autologinToken', null);

  105. 			$requestID = $this->getPost('requestId', null);

  106. 			$expireDays = $this->config['settings']['autologin-expire-days'];

  107. 			$hr = new HandleRequest();

  108. 			

  109. 			$userInfo = $this->db

  110. 				->where('autologin_token', $token)

  111. 				->where('DATEDIFF(NOW(), autologin_expires_at)', $expireDays, '<=')

  112. 				->getOne('users');

  113. 				

  114. 			if (is_array($userInfo) && !empty($userInfo)) {

  115. 				$user = $this->user->getValidUserData($userInfo['username']);

  116. 				

  117. 				if (is_array($user) && !empty($user)) {

  118. 					$user = $this->user->setUserMeta($user);

  119. 					

  120. 					$this->user->logout();

  121. 					

  122. 					if ($this->user->login($user)) {

  123. 						//Associate user id to the current session

  124. 						$updateSession = $this->user->setUserIdSessionField();

  125. 						

  126. 						$hr->setActivityLog($this->user->getUserId(), 'USR_AUTO_LOGGED_IN', ['userId'=>$this->user->getUserId()]);

  127. 						$this->logger->logUserAccess($user, 1, 'Login', ['Auto'=>true, 'RequestID'=>$requestID]);

  128. 						return $this->setRawJsonResponse('ok', null, ['RequestID'=>$requestID, 'ts'=>time()]);

  129. 					} else {

  130. 						

  131. 						$hr->setActivityLog(0, 'USR_AUTO_LOGIN_FAILED', ['username'=>$userInfo['username']]);

  132. 						$this->logger->logUserAccess($user, 0, 'Auto Login Error', ['Username'=>$username]);

  133. 						return $this->setRawJsonResponse('ok', null, []);

  134. 					}

  135. 					

  136. 				} else {

  137. 					$hr->setActivityLog(0, 'USR_AUTO_LOGIN_FAILED', ['username'=>'']);

  138. 					$this->logger->logUserAccess($user, 0, 'Auto Login Not Valid User', ['Username'=>$username, 'RequestID'=>$requestID]);

  139. 					return $this->setRawJsonResponse('ok', null, []);

  140. 				}

  141. 			} else {

  142. 				$hr->setActivityLog(0, 'USR_AUTO_LOGIN_FAILED', ['username'=>'']);

  143. 				$this->logger->logUserAccess($user, 0, 'Auto Login Not Valid User Info', ['Username'=>$username, 'RequestID'=>$requestID]);

  144. 				return $this->setRawJsonResponse('ok', null, []);

  145. 			}

  146. 						

  147. 		}

  148. 		

  149. 		public function permissionDenied() {

  150. 			//return $this->setJsonView('permissionDenied');

  151. 			return $this->setRawJsonResponse('err', _('Session expired or permission denied. Please try to log in again.'), [], ['button'=>'login', 'dialogType'=>'sessionExpired']);

  152. 		}

  153. 		

  154. 		public function changeLang() {

  155. 			$passedLng = $this->getPost('passedLng');

  156. 			

  157. 			if ($passedLng !== false) {

  158. 				$this->locale->setCurrentLanguage($passedLng);

  159. 			}

  160. 			

  161. 			return $this->setRawJsonResponse('ok', null);

  162. 		}

  163. 		

  164. 		public function logout() {

  165. 			$result = $this->user->logout();

  166. 			

  167. 			if ($result) {

  168. 				$status = 'ok';

  169. 				$msg = '';

  170. 			} else {

  171. 				$status = 'err';

  172. 				$msg = _('Logout failed. Please try again in a few minutes.');

  173. 			}

  174. 			

  175. 			return $this->setRawJsonResponse($status, $msg);

  176. 		}

  177. 

  178. 	}