*
* @author Roland Haeder <webmaster@ship-simu.org>
* @version 0.0.0
- * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 Ship-Simu Developer Team
* @license GNU GPL 3.0 or any newer version
* @link http://www.ship-simu.org
*
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
class ShipSimuUserLogin extends BaseFrameworkSystem implements LoginableUser {
+ /**
+ * The hashed password
+ */
+ private $hashedPassword = "";
+
/**
* Protected constructor
*
// Call parent constructor
parent::__construct(__CLASS__);
- // Set part description
- $this->setObjectDescription("Login for Ship-Simu");
-
- // Create unique ID number
- $this->generateUniqueId();
-
// Clean up a little
$this->removeNumberFormaters();
$this->removeSystemArray();
* in a boolean attribute which is then readable by a matching getter.
*
* @param $requestInstance An instance of a Requestable class
+ * @param $responseInstance An instance of a Responseable class
* @return void
- * @throws UserLoginMethodException If wether username nor email login
- * was detected
- * @throws MissingMethodException If a method was not found in the
- * User class
- * @throws UserEmailMissingException If user with given email address was
- * not found in database
+ * @throws UserPasswordMismatchException If the supplied password did not
+ * match with the stored password
+ * @todo We need to add something here which will make more than one
+ * @todo guest logins, users who are online but based on the same
+ * @todo user account.
*/
- public function doLogin (Requestable $requestInstance) {
+ public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
// By default no method is selected
$method = null;
$data = "";
- // Detect login method (username or email) and try to get a userinstance
- if (!is_null($requestInstance->getRequestElement('username'))) {
- // Username found!
- $method = "createUserByUsername";
- $data = $requestInstance->getRequestElement('username');
- } elseif (!is_null($requestInstance->getRequestElement('email'))) {
- // Email found!
- $method = "createUserByEmail";
- $data = $requestInstance->getRequestElement('email');
- }
-
- // Is a method detected?
- if (is_null($method)) {
- // Then abort here
- throw new UserLoginMethodException($this, self::EXCEPTION_MISSING_METHOD);
- } elseif (!method_exists("User", $method)) {
- // The method is invalid!
- throw new MissingMethodException(array($this, $method), self::EXCEPTION_MISSING_METHOD);
- }
-
- // Get a instance of the registry
- $userInstance = Registry::getRegistry()->getInstance('user');
-
- // Is there an instance?
- if (is_null($userInstance)) {
- // Get a user instance
- $userInstance = call_user_func_array(array("User", $method), array($data));
- } // END - if
+ // Get member class
+ $userClass = $this->getConfigInstance()->readConfig('user_class');
+
+ // Get a user instance
+ $userInstance = call_user_func_array(array($userClass, 'createMemberByRequest'), array($requestInstance));
- // If we have email login then check if a user account with that email exists!
- if (($method == "createUserByEmail") && (!$userInstance->ifEmailAddressExists())) {
- // The user account is missing!
- throw new UserEmailMissingException(array($this, $data), User::EXCEPTION_USER_EMAIL_NOT_FOUND);
+ // Remember this new instance in registry
+ Registry::getRegistry()->addInstance('user', $userInstance);
+
+ // Is the password correct?
+ if ($userInstance->ifPasswordHashMatches($requestInstance) === false) {
+ // Mismatching password
+ $userInstance->debugInstance();
+ throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
} // END - if
- // Partially finished!
- $this->partialStub("userInstance set, continue with password verification");
+ // ToDo place
+
+ // Now do the real login. This can be cookie- or session-based login
+ // which depends on the admins setting then on the user's taste.
+ // 1) Get a login helper instance
+ $helperInstance = ObjectFactory::createObjectByConfiguredName('login_helper_class', array($requestInstance));
+
+ // 2) Execute the login. This will now login...
+ $helperInstance->executeLogin($responseInstance);
+ }
+
+ /**
+ * Determines wether the login was fine. This is done by checking if 'login' instance is in registry
+ *
+ * @return $loginDone Wether the login was fine or not
+ */
+ public function ifLoginWasSuccessfull () {
+ // Is the registry key there?
+ $loginDone = (Registry::getRegistry()->getInstance('login') instanceof Registerable);
+
+ // Return the result
+ return $loginDone;
+ }
+
+ /**
+ * Encrypt given request key or throw an exception if key was not found in
+ * request
+ *
+ * @param $requestKey Key in request class
+ * @return void
+ */
+ public function encryptPassword ($requestKey) {
+ // Check if password is found in request
+ if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
+ // So encrypt the password and store it for later usage in
+ // the request:
+
+ // Get the plain password
+ $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);
+
+ // Get user instance
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Get a crypto helper and hash the password
+ $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());
+
+ // Store the hash back in request
+ $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
+ } // END - if
}
}
projects / shipsimu.git / blobdiff