Página Principal Explorar Ajuda
Iniciar Sessão
other
/
bid
2
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: 684a8f1fdb
Ramos Etiquetas
bid
/
library
/
Ppb
/
Authentication
/
Adapter.php

Adapter.php 8.6 KB
Histórico Em bruto

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *
    5. 

  5.  * PHP Pro Bid $Id$ lcX9DZKUmd5ReaYidJVrAuBwc3jFCYKpWaSAQudG2OQ=
    6. 

  6.  *
    7. 

  7.  * @link        http://www.phpprobid.com
    8. 

  8.  * @copyright   Copyright (c) 2017 Online Ventures Software & CodeCube SRL
    9. 

  9.  * @license     http://www.phpprobid.com/license Commercial License
    10. 

  10.  *
    11. 

  11.  * @version     7.10 [rev.7.10.01]
    12. 

  12.  */
    13. 

  13. /**
    14. 

  14.  * authentication adapter
    15. 

  15.  */
    16. 

  16. 

  17. namespace Ppb\Authentication;
    18. 

  18. 

  19. use Cube\Authentication\Adapter\AdapterInterface,
    20. 

  20.     Cube\Authentication\Result as AuthenticationResult,
    21. 

  21.     Cube\Translate,
    22. 

  22.     Cube\Translate\Adapter\AbstractAdapter as TranslateAdapter,
    23. 

  23.     Cube\Controller\Front,
    24. 

  24.     Cube\Db\Expr,
    25. 

  25.     Ppb\Service\Users as UsersService,
    26. 

  26.     Ppb\Service\BlockedUsers as BlockedUsersService,
    27. 

  27.     Ppb\Db\Table\Row\BlockedUser as BlockedUserModel;
    28. 

  28. 

  29. class Adapter implements AdapterInterface
    30. 

  30. {
    31. 

  31. 

  32.     /**
    33. 

  33.      *
    34. 

  34.      * whether to check old v6.x passwords
    35. 

  35.      */
    36. 

  36.     const V6_HASHES = true;
    37. 

  37. 

  38.     /**
    39. 

  39.      *
    40. 

  40.      * user id
    41. 

  41.      *
    42. 

  42.      * @var int
    43. 

  43.      */
    44. 

  44.     protected $_id = null;
    45. 

  45.     /**
    46. 

  46.      *
    47. 

  47.      * username
    48. 

  48.      *
    49. 

  49.      * @var string
    50. 

  50.      */
    51. 

  51.     protected $_username = null;
    52. 

  52. 

  53.     /**
    54. 

  54.      *
    55. 

  55.      * password
    56. 

  56.      *
    57. 

  57.      * @var string
    58. 

  58.      */
    59. 

  59.     protected $_password = null;
    60. 

  60. 

  61.     /**
    62. 

  62.      *
    63. 

  63.      * email address
    64. 

  64.      *
    65. 

  65.      * @var string
    66. 

  66.      */
    67. 

  67.     protected $_email = null;
    68. 

  68. 

  69.     /**
    70. 

  70.      *
    71. 

  71.      * allowed roles
    72. 

  72.      *
    73. 

  73.      * @var array
    74. 

  74.      */
    75. 

  75.     protected $_allowedRoles = array();
    76. 

  76. 

  77.     /**
    78. 

  78.      *
    79. 

  79.      * denied roles
    80. 

  80.      *
    81. 

  81.      * @var array
    82. 

  82.      */
    83. 

  83.     protected $_deniedRoles = array();
    84. 

  84. 

  85.     /**
    86. 

  86.      *
    87. 

  87.      * check for blocked user / ip
    88. 

  88.      *
    89. 

  89.      * @var bool
    90. 

  90.      */
    91. 

  91.     protected $_checkBlockedUser = true;
    92. 

  92. 

  93.     /**
    94. 

  94.      *
    95. 

  95.      * translate adapter
    96. 

  96.      *
    97. 

  97.      * @var \Cube\Translate\Adapter\AbstractAdapter
    98. 

  98.      */
    99. 

  99.     protected $_translate;
    100. 

  100. 

  101.     public function __construct($params = array(), $id = null, $allowedRoles = array(), $deniedRoles = array())
    102. 

  102.     {
    103. 

  103.         if (array_key_exists('username', $params)) {
    104. 

  104.             $this->setUsername(
    105. 

  105.                 $params['username']);
    106. 

  106.         }
    107. 

  107.         if (array_key_exists('password', $params)) {
    108. 

  108.             $this->setPassword(
    109. 

  109.                 $params['password']);
    110. 

  110.         }
    111. 

  111.         if (array_key_exists('email', $params)) {
    112. 

  112.             $this->setEmail(
    113. 

  113.                 $params['email']);
    114. 

  114.         }
    115. 

  115. 

  116.         $this->setId($id)
    117. 

  117.             ->setAllowedRoles($allowedRoles)
    118. 

  118.             ->setDeniedRoles($deniedRoles);
    119. 

  119.     }
    120. 

  120. 

  121.     /**
    122. 

  122.      *
    123. 

  123.      * get id
    124. 

  124.      *
    125. 

  125.      * @return int
    126. 

  126.      */
    127. 

  127.     public function getId()
    128. 

  128.     {
    129. 

  129.         return $this->_id;
    130. 

  130.     }
    131. 

  131. 

  132.     /**
    133. 

  133.      *
    134. 

  134.      * set id
    135. 

  135.      *
    136. 

  136.      * @param int $id
    137. 

  137.      *
    138. 

  138.      * @return $this;
    139. 

  139.      */
    140. 

  140.     public function setId($id)
    141. 

  141.     {
    142. 

  142.         $this->_id = $id;
    143. 

  143. 

  144.         return $this;
    145. 

  145.     }
    146. 

  146. 

  147.     /**
    148. 

  148.      *
    149. 

  149.      * get username
    150. 

  150.      *
    151. 

  151.      * @return string
    152. 

  152.      */
    153. 

  153.     public function getUsername()
    154. 

  154.     {
    155. 

  155.         return $this->_username;
    156. 

  156.     }
    157. 

  157. 

  158.     /**
    159. 

  159.      *
    160. 

  160.      * set username
    161. 

  161.      *
    162. 

  162.      * @param string $username
    163. 

  163.      *
    164. 

  164.      * @return $this
    165. 

  165.      */
    166. 

  166.     public function setUsername($username)
    167. 

  167.     {
    168. 

  168.         $this->_username = $username;
    169. 

  169. 

  170.         return $this;
    171. 

  171.     }
    172. 

  172. 

  173.     /**
    174. 

  174.      *
    175. 

  175.      * get password
    176. 

  176.      *
    177. 

  177.      * @return string
    178. 

  178.      */
    179. 

  179.     public function getPassword()
    180. 

  180.     {
    181. 

  181.         return $this->_password;
    182. 

  182.     }
    183. 

  183. 

  184.     /**
    185. 

  185.      *
    186. 

  186.      * set password
    187. 

  187.      *
    188. 

  188.      * @param string $password
    189. 

  189.      *
    190. 

  190.      * @return $this
    191. 

  191.      */
    192. 

  192.     public function setPassword($password)
    193. 

  193.     {
    194. 

  194.         $this->_password = $password;
    195. 

  195. 

  196.         return $this;
    197. 

  197.     }
    198. 

  198. 

  199.     /**
    200. 

  200.      *
    201. 

  201.      * get email
    202. 

  202.      *
    203. 

  203.      * @return string
    204. 

  204.      */
    205. 

  205.     public function getEmail()
    206. 

  206.     {
    207. 

  207.         return $this->_email;
    208. 

  208.     }
    209. 

  209. 

  210.     /**
    211. 

  211.      *
    212. 

  212.      * set email
    213. 

  213.      *
    214. 

  214.      * @param string $email
    215. 

  215.      *
    216. 

  216.      * @return $this
    217. 

  217.      */
    218. 

  218.     public function setEmail($email)
    219. 

  219.     {
    220. 

  220.         $this->_email = $email;
    221. 

  221. 

  222.         return $this;
    223. 

  223.     }
    224. 

  224. 

  225.     /**
    226. 

  226.      *
    227. 

  227.      * get allowed roles
    228. 

  228.      *
    229. 

  229.      * @return array
    230. 

  230.      */
    231. 

  231.     public function getAllowedRoles()
    232. 

  232.     {
    233. 

  233.         return $this->_allowedRoles;
    234. 

  234.     }
    235. 

  235. 

  236.     /**
    237. 

  237.      *
    238. 

  238.      * set allowed roles
    239. 

  239.      *
    240. 

  240.      * @param array $allowedRoles
    241. 

  241.      *
    242. 

  242.      * @return $this
    243. 

  243.      */
    244. 

  244.     public function setAllowedRoles($allowedRoles)
    245. 

  245.     {
    246. 

  246.         $this->_allowedRoles = $allowedRoles;
    247. 

  247. 

  248.         return $this;
    249. 

  249.     }
    250. 

  250. 

  251.     /**
    252. 

  252.      *
    253. 

  253.      * get denied roles
    254. 

  254.      *
    255. 

  255.      * @return array
    256. 

  256.      */
    257. 

  257.     public function getDeniedRoles()
    258. 

  258.     {
    259. 

  259.         return $this->_deniedRoles;
    260. 

  260.     }
    261. 

  261. 

  262.     /**
    263. 

  263.      *
    264. 

  264.      * set denied roles
    265. 

  265.      *
    266. 

  266.      * @param array $deniedRoles
    267. 

  267.      *
    268. 

  268.      * @return $this
    269. 

  269.      */
    270. 

  270.     public function setDeniedRoles($deniedRoles)
    271. 

  271.     {
    272. 

  272.         $this->_deniedRoles = $deniedRoles;
    273. 

  273. 

  274.         return $this;
    275. 

  275.     }
    276. 

  276. 

  277.     /**
    278. 

  278.      * get check blocked user
    279. 

  279.      *
    280. 

  280.      * @return boolean
    281. 

  281.      */
    282. 

  282.     public function isCheckBlockedUser()
    283. 

  283.     {
    284. 

  284.         return $this->_checkBlockedUser;
    285. 

  285.     }
    286. 

  286. 

  287.     /**
    288. 

  288.      *
    289. 

  289.      * set check blocked user
    290. 

  290.      *
    291. 

  291.      * @param boolean $checkBlockedUser
    292. 

  292.      *
    293. 

  293.      * @return $this
    294. 

  294.      */
    295. 

  295.     public function setCheckBlockedUser($checkBlockedUser)
    296. 

  296.     {
    297. 

  297.         $this->_checkBlockedUser = $checkBlockedUser;
    298. 

  298. 

  299.         return $this;
    300. 

  300.     }
    301. 

  301. 

  302.     /**
    303. 

  303.      *
    304. 

  304.      * set translate adapter
    305. 

  305.      *
    306. 

  306.      * @param \Cube\Translate\Adapter\AbstractAdapter $translate
    307. 

  307.      *
    308. 

  308.      * @return $this
    309. 

  309.      */
    310. 

  310.     public function setTranslate(TranslateAdapter $translate)
    311. 

  311.     {
    312. 

  312.         $this->_translate = $translate;
    313. 

  313. 

  314.         return $this;
    315. 

  315.     }
    316. 

  316. 

  317.     /**
    318. 

  318.      *
    319. 

  319.      * get translate adapter
    320. 

  320.      *
    321. 

  321.      * @return \Cube\Translate\Adapter\AbstractAdapter
    322. 

  322.      */
    323. 

  323.     public function getTranslate()
    324. 

  324.     {
    325. 

  325.         if (!$this->_translate instanceof TranslateAdapter) {
    326. 

  326.             $translate = Front::getInstance()->getBootstrap()->getResource('translate');
    327. 

  327.             if ($translate instanceof Translate) {
    328. 

  328.                 $this->setTranslate(
    329. 

  329.                     $translate->getAdapter());
    330. 

  330.             }
    331. 

  331.         }
    332. 

  332. 

  333.         return $this->_translate;
    334. 

  334.     }
    335. 

  335. 

  336.     /**
    337. 

  337.      *
    338. 

  338.      * authenticate user by username and password or if id is set, authenticate directly
    339. 

  339.      *
    340. 

  340.      * @return AuthenticationResult
    341. 

  341.      */
    342. 

  342.     public function authenticate()
    343. 

  343.     {
    344. 

  344.         $usersService = new UsersService();
    345. 

  345. 

  346.         $user = null;
    347. 

  347. 

  348.         $id = $this->getId();
    349. 

  349.         $username = $this->getUsername();
    350. 

  350.         $email = $this->getEmail();
    351. 

  351.         $password = $this->getPassword();
    352. 

  352. 

  353.         if ($id !== null) {
    354. 

  354.             $user = $usersService->findBy('id', $id);
    355. 

  355.         }
    356. 

  356.         else if ($username !== null || $email !== null) {
    357. 

  357.             $user = $usersService->findBy('username', $username);
    358. 

  358.             if (!$user && $email !== null) {
    359. 

  359.                 $user = $usersService->findBy('email', $email);
    360. 

  360.             }
    361. 

  361.         }
    362. 

  362. 

  363.         $success = false;
    364. 

  364.         $blockedUser = null;
    365. 

  365. 

  366.         $translate = $this->getTranslate();
    367. 

  367. 

  368.         $messages = array(
    369. 

  369.             $translate->_('The login details you have submitted are invalid.'));
    370. 

  370. 

  371. 

  372.         if ($this->isCheckBlockedUser()) {
    373. 

  373.             $blockedUsersService = new BlockedUsersService();
    374. 

  374.             $blockedUser = $blockedUsersService->check(
    375. 

  375.                 BlockedUserModel::ACTION_REGISTER,
    376. 

  376.                 array(
    377. 

  377.                     'ip'       => $_SERVER['REMOTE_ADDR'],
    378. 

  378.                     'username' => $username,
    379. 

  379.                     'email'    => $email,
    380. 

  380.                 ));
    381. 

  381.         }
    382. 

  382. 

  383.         if ($blockedUser !== null) {
    384. 

  384.             $success = false;
    385. 

  385.             $messages = array($blockedUser->blockMessage());
    386. 

  386.         }
    387. 

  387.         else if (count($user) > 0) {
    388. 

  388.             $allowedRoles = $this->getAllowedRoles();
    389. 

  389.             $deniedRoles = $this->getDeniedRoles();
    390. 

  390. 

  391.             if ($id !== null) {
    392. 

  392.                 $success = true;
    393. 

  393.             }
    394. 

  394.             else if (strcmp($usersService->hashPassword($password, $user['salt']), $user['password']) === 0) {
    395. 

  395.                 $success = true;
    396. 

  396.             }
    397. 

  397.             else if (self::V6_HASHES && strcmp(md5(md5($password) . $user['salt']), $user['password']) === 0) {
    398. 

  398.                 $success = true;
    399. 

  399.             }
    400. 

  400. 

  401.             if (count($allowedRoles) > 0 && !array_key_exists($user['role'], $allowedRoles)) {
    402. 

  402.                 $success = false;
    403. 

  403.             }
    404. 

  404. 

  405.             if (array_key_exists($user['role'], $deniedRoles)) {
    406. 

  406.                 $success = false;
    407. 

  407.             }
    408. 

  408.         }
    409. 

  409. 

  410.         if ($success === true) {
    411. 

  411.             $usersService->save(array(
    412. 

  412.                 'last_login' => new Expr('now()'),
    413. 

  413.                 'ip_address' => (!empty($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '',
    414. 

  414.             ), $user['id']);
    415. 

  415. 

  416.             return new AuthenticationResult(true, array(
    417. 

  417.                 'id'       => $user['id'],
    418. 

  418.                 'username' => $user['username'],
    419. 

  419.                 'role'     => $user['role'],
    420. 

  420.             ));
    421. 

  421.         }
    422. 

  422.         else {
    423. 

  423.             return new AuthenticationResult(false, array(), $messages);
    424. 

  424.         }
    425. 

  425.     }
    426. 

  426. 

  427. }
    428. 

  428.