Updated 'core' + renamed 'main' -> 'classes'.

[shipsimu.git] / application / shipsimu / classes / login / class_ShipSimuUserLogin.php

<?php
/**
 * A special login class for Ship-Simu
 *
 * @author              Roland Haeder <webmaster@shipsimu.org>
 * @version             0.0.0
 * @copyright   Copyright (c) 2007, 2008 Roland Haeder, 2009 Ship-Simu Developer Team
 * @license             GNU GPL 3.0 or any newer version
 * @link                http://www.shipsimu.org
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
class ShipSimuUserLogin extends BaseFrameworkSystem implements LoginableUser, Registerable {
        /**
         * The hashed password
         */
        private $hashedPassword = '';

        /**
         * Protected constructor
         *
         * @return      void
         */
        protected function __construct () {
                // Call parent constructor
                parent::__construct(__CLASS__);
        }

        /**
         * Creates an instance of this login class
         *
         * @return      $loginInstance  An instance of this login class
         */
        public static final function createShipSimuUserLogin () {
                // Get a new instance
                $loginInstance = new ShipSimuUserLogin();

                // Return the instance
                return $loginInstance;
        }

        /**
         * Logins the user with the given request containing the credential. The
         * result of the login can be thrown by exception or, if prefered stored
         * in a boolean attribute which is then readable by a matching getter.
         *
         * @param       $requestInstance        An instance of a Requestable class
         * @param       $responseInstance       An instance of a Responseable class
         * @return      void
         * @throws      UserPasswordMismatchException   If the supplied password did not
         *                                                                              match with the stored password
         * @todo        We need to add something here which will make more than one
         * @todo        guest logins, users who are online but based on the same
         * @todo        user account.
         */
        public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
                // Get a user instance
                $userInstance = LoginFactory::createLoginObjectByRequest($requestInstance);

                // Remember this new instance in registry
                Registry::getRegistry()->addInstance('user', $userInstance);

                // Is the password correct?
                if ($userInstance->ifPasswordHashMatches($requestInstance) === false) {
                        // Mismatching password
                        throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
                } // END - if

                // ToDo place

                // Now do the real login. This can be cookie- or session-based login
                // which depends on the admins setting then on the user's taste.
                // 1) Get a login helper instance
                $helperInstance = ObjectFactory::createObjectByConfiguredName('login_helper_class', array($requestInstance));

                // 2) Execute the login. This will now login...
                $helperInstance->executeLogin($responseInstance);
        }

        /**
         * Determines wether the login was fine. This is done by checking if 'login' instance is in registry
         *
         * @return      $loginDone      Wether the login was fine or not
         */
        public function ifLoginWasSuccessfull () {
                // Is the registry key there?
                $loginDone = (Registry::getRegistry()->getInstance('login') instanceof Registerable);

                // Return the result
                return $loginDone;
        }

        /**
         * Encrypt given request key or throw an exception if key was not found in
         * request
         *
         * @param       $requestKey             Key in request class
         * @return      void
         */
        public function encryptPassword ($requestKey) {
                // Check if password is found in request
                if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
                        // So encrypt the password and store it for later usage in
                        // the request:

                        // Get the plain password
                        $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);

                        // Get user instance
                        $userInstance = Registry::getRegistry()->getInstance('user');

                        // Get a crypto helper and hash the password
                        $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());

                        // Store the hash back in request
                        $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
                } // END - if
        }
}

// [EOF]
?>