Commit 3b9086927cda25861639739db2bdc714ccb7833d
1 parent
4caa5663
Use the new authentication framework to authenticate the user into
KnowledgeTree. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4238 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
35 additions
and
57 deletions
presentation/login.php
| @@ -6,6 +6,7 @@ require_once(KT_LIB_DIR . '/templating/templating.inc.php'); | @@ -6,6 +6,7 @@ require_once(KT_LIB_DIR . '/templating/templating.inc.php'); | ||
| 6 | require_once(KT_LIB_DIR . '/session/control.inc'); | 6 | require_once(KT_LIB_DIR . '/session/control.inc'); |
| 7 | require_once(KT_LIB_DIR . '/session/Session.inc'); | 7 | require_once(KT_LIB_DIR . '/session/Session.inc'); |
| 8 | require_once(KT_LIB_DIR . '/users/User.inc'); | 8 | require_once(KT_LIB_DIR . '/users/User.inc'); |
| 9 | +require_once(KT_LIB_DIR . '/authentication/authenticationutil.inc.php'); | ||
| 9 | 10 | ||
| 10 | /** | 11 | /** |
| 11 | * $Id$ | 12 | * $Id$ |
| @@ -53,6 +54,7 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -53,6 +54,7 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 53 | setcookie("CookieTestCookie", $cookietest, false); | 54 | setcookie("CookieTestCookie", $cookietest, false); |
| 54 | 55 | ||
| 55 | $errorMessage = KTUtil::arrayGet($_REQUEST, 'errorMessage'); | 56 | $errorMessage = KTUtil::arrayGet($_REQUEST, 'errorMessage'); |
| 57 | + $redirect = KTUtil::arrayGet($_REQUEST, 'redirect'); | ||
| 56 | 58 | ||
| 57 | $oTemplating = new KTTemplating; | 59 | $oTemplating = new KTTemplating; |
| 58 | $oTemplate = $oTemplating->loadTemplate("ktcore/login"); | 60 | $oTemplate = $oTemplating->loadTemplate("ktcore/login"); |
| @@ -60,6 +62,7 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -60,6 +62,7 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 60 | "context" => $this, | 62 | "context" => $this, |
| 61 | 'cookietest' => $cookietest, | 63 | 'cookietest' => $cookietest, |
| 62 | 'errorMessage' => $errorMessage, | 64 | 'errorMessage' => $errorMessage, |
| 65 | + 'redirect' => $redirect, | ||
| 63 | ); | 66 | ); |
| 64 | return $oTemplate->render($aTemplateData); | 67 | return $oTemplate->render($aTemplateData); |
| 65 | } | 68 | } |
| @@ -82,7 +85,7 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -82,7 +85,7 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 82 | 85 | ||
| 83 | if ($redirect !== null) { | 86 | if ($redirect !== null) { |
| 84 | $queryParams[] = 'redirect='. urlencode($redirect); | 87 | $queryParams[] = 'redirect='. urlencode($redirect); |
| 85 | - } | 88 | + } |
| 86 | 89 | ||
| 87 | 90 | ||
| 88 | $cookieTest = KTUtil::arrayGet($_COOKIE, "CookieTestCookie", null); | 91 | $cookieTest = KTUtil::arrayGet($_COOKIE, "CookieTestCookie", null); |
| @@ -103,65 +106,40 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -103,65 +106,40 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 103 | if (empty($password)) { | 106 | if (empty($password)) { |
| 104 | $this->simpleRedirectToMain('Please enter your username.', $url, $params); | 107 | $this->simpleRedirectToMain('Please enter your username.', $url, $params); |
| 105 | } | 108 | } |
| 106 | - | ||
| 107 | - $dbAuth = new $default->authenticationClass; // $default. urk. | ||
| 108 | - $userDetails = $dbAuth->login($username, $password); | ||
| 109 | - | ||
| 110 | - | ||
| 111 | - switch ($userDetails["status"]) { | ||
| 112 | - case 0: // bad credentials | 109 | + |
| 110 | + $oUser =& User::getByUsername($username); | ||
| 111 | + if (PEAR::isError($oUser) || ($oUser === false)) { | ||
| 112 | + $this->simpleRedirectToMain('Login failed. Please check your username and password, and try again.', $url, $params); | ||
| 113 | + exit(0); | ||
| 114 | + } | ||
| 115 | + $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password); | ||
| 116 | + | ||
| 117 | + if ($authenticated === false) { | ||
| 113 | $this->simpleRedirectToMain('Login failed. Please check your username and password, and try again.', $url, $params); | 118 | $this->simpleRedirectToMain('Login failed. Please check your username and password, and try again.', $url, $params); |
| 114 | - break; | ||
| 115 | - case 1: // successfully authenticated | ||
| 116 | - // start the session | ||
| 117 | - $session = new Session(); | ||
| 118 | - $sessionID = $session->create($userDetails["userID"]); | 119 | + exit(0); |
| 120 | + } | ||
| 121 | + | ||
| 122 | + if (PEAR::isError($authenticated)) { | ||
| 123 | + print "<pre>"; | ||
| 124 | + var_dump($authenticated); | ||
| 125 | + $this->simpleRedirectToMain('Authentication failure. Please try again.', $url, $params); | ||
| 126 | + exit(0); | ||
| 127 | + } | ||
| 119 | 128 | ||
| 120 | - // DEPRECATED initialise page-level authorisation array | ||
| 121 | - $_SESSION["pageAccess"] = NULL; | 129 | + $session = new Session(); |
| 130 | + $sessionID = $session->create($oUser->getId()); | ||
| 122 | 131 | ||
| 123 | - // check for a location to forward to | ||
| 124 | - if ($redirect !== null) { | ||
| 125 | - // remove any params from redirect before looking up from sitemap | ||
| 126 | - if (strstr($redirect, "?")) { | ||
| 127 | - $queryString = substr($redirect, strpos($redirect, "?")+1, strlen($redirect)); | ||
| 128 | - $redirect = substr($redirect, 0, strpos($redirect, "?")); | ||
| 129 | - } | 132 | + // DEPRECATED initialise page-level authorisation array |
| 133 | + $_SESSION["pageAccess"] = NULL; | ||
| 130 | 134 | ||
| 131 | - // need to strip rootUrl off $redirect | ||
| 132 | - if (strlen($default->rootUrl) > 0) { | ||
| 133 | - $redirect = substr($redirect, strpos($redirect, $default->rootUrl)+strlen($default->rootUrl), strlen($redirect)); | ||
| 134 | - } | ||
| 135 | - $action = $default->siteMap->getActionFromPage($redirect); | ||
| 136 | - if ($action) { | ||
| 137 | - $url = generateControllerUrl($action); | ||
| 138 | - } else { | ||
| 139 | - // default to the dashboard | ||
| 140 | - $url = generateControllerUrl("dashboard"); | ||
| 141 | - } | ||
| 142 | - // else redirect to the dashboard if there is none | ||
| 143 | - } else { | ||
| 144 | - $url = generateControllerUrl("dashboard"); | ||
| 145 | - } | ||
| 146 | - exit(redirect($url)); | ||
| 147 | - break; | ||
| 148 | - // login disabled | ||
| 149 | - case 2: | ||
| 150 | - $this->simpleRedirectToMain("Account has been DISABLED, contact the System Adminstrator", $url, $params); | ||
| 151 | - break; | ||
| 152 | - // too many sessions | ||
| 153 | - case 3 : | ||
| 154 | - $this->simpleRedirectToMain(_("Maximum sessions for user reached.<br>Contact the System Administrator"), $url, $params); | ||
| 155 | - break; | ||
| 156 | - // not a unit user | ||
| 157 | - case 4 : | ||
| 158 | - $this->simpleRedirectToMain(_("This user does not belong to a group and is therefore not allowed to log in."), $url, $params);; | ||
| 159 | - break; | ||
| 160 | - default : | ||
| 161 | - $this->simpleRedirectToMain(_("Login failure"), $url, $params); | ||
| 162 | - } | ||
| 163 | - // we should not get here. | ||
| 164 | - $this->simpleRedirectToMain(_("Unable to start session. Please contact the administrator."), $url, $params); | 135 | + // check for a location to forward to |
| 136 | + if ($redirect !== null) { | ||
| 137 | + $url = $redirect; | ||
| 138 | + // else redirect to the dashboard if there is none | ||
| 139 | + } else { | ||
| 140 | + $url = generateControllerUrl("dashboard"); | ||
| 141 | + } | ||
| 142 | + exit(redirect($url)); | ||
| 165 | } | 143 | } |
| 166 | } | 144 | } |
| 167 | 145 | ||
| @@ -169,4 +147,4 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -169,4 +147,4 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 169 | $dispatcher =& new LoginPageDispatcher(); | 147 | $dispatcher =& new LoginPageDispatcher(); |
| 170 | $dispatcher->dispatch(); | 148 | $dispatcher->dispatch(); |
| 171 | 149 | ||
| 172 | -?> | ||
| 173 | \ No newline at end of file | 150 | \ No newline at end of file |
| 151 | +?> |