+++ /dev/null
-<?php
-/**
- * A special login class for administration area
- *
- * @author Roland Haeder <webmaster@shipsimu.org>
- * @version 0.0.0
- * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 Admin-Area Developer Team
- * @license GNU GPL 3.0 or any newer version
- * @link http://www.shipsimu.org
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-class AdminUserLogin extends BaseFrameworkSystem implements LoginableUser {
- /**
- * The hashed password
- */
- private $hashedPassword = "";
-
- /**
- * Protected constructor
- *
- * @return void
- */
- protected function __construct () {
- // Call parent constructor
- parent::__construct(__CLASS__);
- }
-
- /**
- * Creates an instance of this login class
- *
- * @return $loginInstance An instance of this login class
- */
- public static final function createAdminUserLogin () {
- // Get a new instance
- $loginInstance = new AdminUserLogin();
-
- // Return the instance
- return $loginInstance;
- }
-
- /**
- * Logins the user with the given request containing the credential. The
- * result of the login can be thrown by exception or, if prefered stored
- * in a boolean attribute which is then readable by a matching getter.
- *
- * @param $requestInstance An instance of a Requestable class
- * @param $responseInstance An instance of a Responseable class
- * @return void
- * @throws UserPasswordMismatchException If the supplied password did not
- * match with the stored password
- * @todo We need to add something here which will make more than one
- * @todo guest logins, users who are online but based on the same
- * @todo user account.
- */
- public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
- // By default no method is selected
- $method = null;
- $data = "";
-
- // Get member class
- $userClass = $this->getConfigInstance()->getConfigEntry('user_class');
-
- // Get a user instance
- $userInstance = call_user_func_array(array($userClass, 'createMemberByRequest'), array($requestInstance));
-
- // Remember this new instance in registry
- Registry::getRegistry()->addInstance('user', $userInstance);
-
- // Is the password correct?
- if ($userInstance->ifPasswordHashMatches($requestInstance) === false) {
- // Mismatching password
- throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
- } // END - if
-
- // ToDo place
-
- // Now do the real login. This can be cookie- or session-based login
- // which depends on the admins setting then on the user's taste.
- // 1) Get a login helper instance
- $helperInstance = ObjectFactory::createObjectByConfiguredName('login_helper_class', array($requestInstance));
-
- // 2) Execute the login. This will now login...
- $helperInstance->executeLogin($responseInstance);
- }
-
- /**
- * Determines wether the login was fine. This is done by checking if 'login' instance is in registry
- *
- * @return $loginDone Wether the login was fine or not
- */
- public function ifLoginWasSuccessfull () {
- // Is the registry key there?
- $loginDone = (Registry::getRegistry()->getInstance('login') instanceof Registerable);
-
- // Return the result
- return $loginDone;
- }
-
- /**
- * Encrypt given request key or throw an exception if key was not found in
- * request
- *
- * @param $requestKey Key in request class
- * @return void
- */
- public function encryptPassword ($requestKey) {
- // Check if password is found in request
- if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
- // So encrypt the password and store it for later usage in
- // the request:
-
- // Get the plain password
- $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);
-
- // Get user instance
- $userInstance = Registry::getRegistry()->getInstance('user');
-
- // Get a crypto helper and hash the password
- $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());
-
- // Store the hash back in request
- $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
- } // END - if
- }
-}
-
-// [EOF]
-?>
projects / admin.git / blobdiff