*
* @author Roland Haeder <webmaster@ship-simu.org>
* @version 0.0.0
- * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
* @license GNU GPL 3.0 or any newer version
* @link http://www.ship-simu.org
*
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
class ShipSimuUserLogin extends BaseFrameworkSystem implements LoginableUser {
+ /**
+ * The hashed password
+ */
+ private $hashedPassword = "";
+
/**
* Protected constructor
*
* @param $requestInstance An instance of a Requestable class
* @param $responseInstance An instance of a Responseable class
* @return void
- * @throws UserAuthMethodException If wether username nor email login
- * was detected
- * @throws MissingMethodException If a method was not found in the
- * User class
* @throws UserPasswordMismatchException If the supplied password did not
* match with the stored password
+ * @todo We need to add something here which will make more than one
+ * @todo guest logins, users who are online but based on the same
+ * @todo user account.
*/
public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
// By default no method is selected
$method = null;
$data = "";
- // Detect login method (username or email) and try to get a userinstance
- if (!is_null($requestInstance->getRequestElement('username'))) {
- // Username found!
- $method = "createUserByUsername";
- $data = $requestInstance->getRequestElement('username');
- } elseif (!is_null($requestInstance->getRequestElement('email'))) {
- // Email found!
- $method = "createUserByEmail";
- $data = $requestInstance->getRequestElement('email');
- }
-
- // Is a method detected?
- if (is_null($method)) {
- // Then abort here
- throw new UserAuthMethodException($this, self::EXCEPTION_MISSING_METHOD);
- } elseif (!method_exists($this->getConfigInstance()->readConfig('user_class'), $method)) {
- // The method is invalid!
- throw new MissingMethodException(array($this, $method), self::EXCEPTION_MISSING_METHOD);
- }
-
// Get a instance of the registry
$userInstance = Registry::getRegistry()->getInstance('user');
// Is there an instance?
if (is_null($userInstance)) {
// Get a user instance
- $userInstance = call_user_func_array(array($this->getConfigInstance()->readConfig('user_class'), $method), array($data));
+ $userInstance = Member::createMemberByRequest($requestInstance);
// Remember this new instance in registry
Registry::getRegistry()->addInstance($userInstance);
// Is the password correct?
if (!$userInstance->ifPasswordHashMatches($requestInstance)) {
// Mismatching password
- throw new UserPasswordMismatchException(array($this, $userInstance), User::EXCEPTION_USER_PASS_MISMATCH);
+ throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
} // END - if
+ // ToDo place
+
// Now do the real login. This can be cookie- or session-based login
// which depends on the admins setting then on the user's taste.
// 1) Get a login helper instance
// Return the result
return $loginDone;
}
+
+ /**
+ * Encrypt the given request key or throw an exception if the key was not
+ * found in the request
+ *
+ * @param $requestKey Key in request class
+ * @return void
+ */
+ public function encryptPassword ($requestKey) {
+ // Check if the password is found in the request
+ if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
+ // So encrypt the password and store it for later usage in
+ // the request:
+
+ // Get the plain password
+ $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);
+
+ // Get user instance
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Get a crypto helper and hash the password
+ $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());
+
+ // Store the hash back in the request
+ $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
+ } // END - if
+ }
}
// [EOF]