2019-07-17 20:08:50 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
|
|
|
|
* @license http://creativecommons.org/licenses/BSD/ BSD License
|
|
|
|
* @author Keyboard Monkey Ltd
|
|
|
|
* @since CommunityID 0.9
|
|
|
|
* @package CommunityID
|
|
|
|
* @packager Keyboard Monkeys
|
|
|
|
*/
|
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
/**
|
|
|
|
* We don't use the session with the login form to simplify the dynamic appearance of the captcha
|
|
|
|
*/
|
|
|
|
class Users_LoginController extends CommunityID_Controller_Action
|
2019-07-17 20:08:50 +00:00
|
|
|
{
|
|
|
|
public function indexAction()
|
|
|
|
{
|
2019-07-17 20:16:19 +00:00
|
|
|
$settings = new Model_Settings();
|
2019-07-17 20:08:50 +00:00
|
|
|
$this->view->maintenanceEnabled = $settings->isMaintenanceMode();
|
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
$authAttempts = new Users_Model_AuthAttempts();
|
|
|
|
$attempt = $authAttempts->get();
|
|
|
|
$this->view->useCaptcha = $attempt && $attempt->surpassedMaxAllowed();
|
|
|
|
$this->view->loginForm = new Users_Form_Login(null, $this->view->base, $this->view->useCaptcha);
|
2019-07-17 20:08:50 +00:00
|
|
|
|
|
|
|
if ($this->_config->SSL->enable_mixed_mode) {
|
|
|
|
$this->view->loginTargetBase = 'https://' . $_SERVER['HTTP_HOST'] . $this->view->base;
|
|
|
|
} else {
|
|
|
|
$this->view->loginTargetBase = $this->view->base;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->_helper->viewRenderer->setResponseSegment('sidebar');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function authenticateAction()
|
|
|
|
{
|
2019-07-17 20:16:19 +00:00
|
|
|
$authAttempts = new Users_Model_AuthAttempts();
|
|
|
|
$attempt = $authAttempts->get();
|
2019-07-17 20:08:50 +00:00
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
$form = new Users_Form_Login(null, $this->view->base, $attempt && $attempt->surpassedMaxAllowed());
|
2019-07-17 20:08:50 +00:00
|
|
|
$formData = $this->_request->getPost();
|
|
|
|
$form->populate($formData);
|
|
|
|
|
|
|
|
if (!$form->isValid($formData)) {
|
2019-07-17 20:16:19 +00:00
|
|
|
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
|
2019-07-17 20:08:50 +00:00
|
|
|
$this->_redirectToNormalConnection('');
|
|
|
|
}
|
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
$users = new Users_Model_Users();
|
|
|
|
$result = $users->authenticate($this->_request->getPost('username'),
|
|
|
|
$this->_request->getPost('password'));
|
2019-07-17 20:08:50 +00:00
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
if ($result) {
|
|
|
|
$user = $users->getUser();
|
2019-07-17 20:08:50 +00:00
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
if ($attempt) {
|
|
|
|
$attempt = $authAttempts->delete();
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($user->role != Users_Model_User::ROLE_ADMIN && $this->underMaintenance) {
|
2019-07-17 20:08:50 +00:00
|
|
|
Zend_Auth::getInstance()->clearIdentity();
|
|
|
|
|
2019-07-17 20:16:19 +00:00
|
|
|
return $this->_redirectForMaintenance(true);
|
2019-07-17 20:08:50 +00:00
|
|
|
}
|
|
|
|
} else {
|
2019-07-17 20:16:19 +00:00
|
|
|
if (!$attempt) {
|
|
|
|
$authAttempts->create();
|
|
|
|
} else {
|
|
|
|
$attempt->addFailure();
|
|
|
|
$attempt->save();
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->_helper->FlashMessenger->addMessage($this->view->translate('Invalid credentials'));
|
2019-07-17 20:08:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$this->_redirectToNormalConnection('');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function logoutAction()
|
|
|
|
{
|
|
|
|
Zend_Auth::getInstance()->clearIdentity();
|
|
|
|
|
|
|
|
$this->_redirect('');
|
|
|
|
}
|
|
|
|
}
|