Moved token functions from OSB
This commit is contained in:
parent
33982a6cec
commit
3086fa2998
@ -66,7 +66,7 @@ abstract class lnAuth_Auth_ORM extends lnApp_Auth_ORM {
|
|||||||
|
|
||||||
Session::instance()->set('token',$token);
|
Session::instance()->set('token',$token);
|
||||||
|
|
||||||
$uo = ORM::factory($this->_model,$mmto->account_id);
|
$uo = ORM::factory('Account',$mmto->account_id);
|
||||||
$uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id')));
|
$uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id')));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -75,6 +75,92 @@ abstract class lnAuth_Auth_ORM extends lnApp_Auth_ORM {
|
|||||||
return $uo;
|
return $uo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Logs a user in.
|
||||||
|
*
|
||||||
|
* @param string username
|
||||||
|
* @param string password
|
||||||
|
* @param boolean enable autologin
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
protected function _login($user,$password,$remember) {
|
||||||
|
if (! is_object($user)) {
|
||||||
|
$username = $user;
|
||||||
|
|
||||||
|
// Load the user
|
||||||
|
$user = ORM::factory('Account');
|
||||||
|
$user->where('username','=',$username)->find();
|
||||||
|
|
||||||
|
// If no user loaded, return
|
||||||
|
if (! $user->loaded())
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a hashed password
|
||||||
|
if (is_string($password))
|
||||||
|
$password = $this->hash($password);
|
||||||
|
|
||||||
|
// If the passwords match, perform a login
|
||||||
|
if ($user->active AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND $user->password === $password) {
|
||||||
|
|
||||||
|
// @todo This is not currently used.
|
||||||
|
if ($remember === TRUE) {
|
||||||
|
// Create a new autologin token
|
||||||
|
$token = ORM::factory('User_Token');
|
||||||
|
|
||||||
|
// Set token data
|
||||||
|
$token->user_id = $user->id;
|
||||||
|
$token->expires = time() + $this->_config['lifetime'];
|
||||||
|
$token->save();
|
||||||
|
|
||||||
|
// Set the autologin cookie
|
||||||
|
Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Record our session ID, we may need to update our DB when we get a new ID
|
||||||
|
$oldsess = session_id();
|
||||||
|
|
||||||
|
// Finish the login
|
||||||
|
$this->complete_login($user);
|
||||||
|
|
||||||
|
// Do we need to update databases with our new sesion ID
|
||||||
|
$sct = Kohana::$config->load('config')->session_change_trigger;
|
||||||
|
if (session_id() != $oldsess AND count($sct))
|
||||||
|
foreach ($sct as $t => $c)
|
||||||
|
if (Config::module_exist($t))
|
||||||
|
foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o)
|
||||||
|
$o->set('session_id',session_id())
|
||||||
|
->update();
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Login failed
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets the currently logged in user from the session.
|
||||||
|
* Returns NULL if no user is currently logged in.
|
||||||
|
*
|
||||||
|
* @param boolean Check token users too
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function get_user($default=NULL,$tokenuser=TRUE) {
|
||||||
|
// If we are a CLI, we are not logged in
|
||||||
|
if (PHP_SAPI === 'cli')
|
||||||
|
throw new Kohana_Exception('Calling :method from the CLI is not allowed!',array(':method'=>__METHOD__));
|
||||||
|
|
||||||
|
// Get the current user
|
||||||
|
$uo = parent::get_user($default);
|
||||||
|
|
||||||
|
// If we are not logged in, see if there is token for the user
|
||||||
|
if (is_null($uo) AND $tokenuser AND ($token=Session::instance()->get('token')) OR ($token=Arr::get($_REQUEST,'token')))
|
||||||
|
$uo = $this->_get_token_user($token);
|
||||||
|
|
||||||
|
return $uo;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Authentication is controlled via database queries.
|
* Authentication is controlled via database queries.
|
||||||
*
|
*
|
||||||
|
Reference in New Issue
Block a user