From 523e29fd1b8f8aab0ce4291a1dab317781780847 Mon Sep 17 00:00:00 2001 From: Michael Neves Date: Mon, 27 Feb 2012 13:18:46 +0100 Subject: yend auth used for authentication after certificate check --- .../modules/fbgui/controllers/AuthController.php | 25 +++++++++++++++------- setup/pbs.sql | 2 +- setup/pbs.sql~ | 18 ++++++++++++++++ 3 files changed, 36 insertions(+), 9 deletions(-) diff --git a/application/modules/fbgui/controllers/AuthController.php b/application/modules/fbgui/controllers/AuthController.php index b39d899..28d13dc 100644 --- a/application/modules/fbgui/controllers/AuthController.php +++ b/application/modules/fbgui/controllers/AuthController.php @@ -31,19 +31,28 @@ class Fbgui_AuthController extends Zend_Controller_Action { $issuerdn = $_SERVER['SSL_CLIENT_I_DN']; $certificatemapper = new Application_Model_CertificateMapper(); $certificate = $certificatemapper->findBy(array('serial' => $serial, 'issuerdn' => $issuerdn)); + $certificate = array_shift($certificate); if(isset($certificate)){ - print_a($certificate); - print_a(time()); if (!$certificate->getRevoked() && !$certificate->getGuestcert() && ($certificate->getExpiredate() - time()) > 0){ $person = $this->personmapper->find($certificate->getPersonID()); - $date = new DateTime(); - $person->setLogindate($date->getTimestamp()); - $this->personmapper->save($person); - $this->_helper->redirector('selectmembership', 'person'); - return; + + $auth = Zend_Auth::getInstance(); + $adapter = new Zend_Auth_Adapter_DbTable($this->db, 'pbs_person', 'email', 'password'); + $adapter->setIdentity($person->getEmail()); + $adapter->setCredential($person->getPassword()); + $result = $auth->authenticate($adapter); + + if ($result->isValid()) { + $person->setLogindate(time()); + $this->personmapper->save($person); + $this->_helper->redirector('selectmembership', 'person'); + return; + } else { + echo "Wrong Email or Password."; + } } } -// $this->_redirect('/fbgui/index/error/certresult/forbidden'); + $this->_redirect('/fbgui/index/error/certresult/forbidden'); } else { diff --git a/setup/pbs.sql b/setup/pbs.sql index 0c1a63a..4c68ea6 100644 --- a/setup/pbs.sql +++ b/setup/pbs.sql @@ -379,7 +379,7 @@ ALTER TABLE `pbs_passwordrecovery` ADD CONSTRAINT `pbs_passwordrecovery_ibfk_1` FOREIGN KEY (`personID`) REFERENCES `pbs_person` (`personID`) ON DELETE CASCADE; -CREATE TABLE IF NOT EXISTS `pbs_certificates` ( +CREATE TABLE IF NOT EXISTS `pbs_certificate` ( `certificateID` int(11) NOT NULL AUTO_INCREMENT, `personID` int(11), `serial` varchar(32) COLLATE utf8_unicode_ci NOT NULL, diff --git a/setup/pbs.sql~ b/setup/pbs.sql~ index 296356d..0c1a63a 100644 --- a/setup/pbs.sql~ +++ b/setup/pbs.sql~ @@ -378,6 +378,24 @@ CREATE TABLE IF NOT EXISTS `pbs_passwordrecovery` ( ALTER TABLE `pbs_passwordrecovery` ADD CONSTRAINT `pbs_passwordrecovery_ibfk_1` FOREIGN KEY (`personID`) REFERENCES `pbs_person` (`personID`) ON DELETE CASCADE; + +CREATE TABLE IF NOT EXISTS `pbs_certificates` ( + `certificateID` int(11) NOT NULL AUTO_INCREMENT, + `personID` int(11), + `serial` varchar(32) COLLATE utf8_unicode_ci NOT NULL, + `issuedate` varchar(14) COLLATE utf8_unicode_ci NOT NULL, + `expiredate` varchar(14) COLLATE utf8_unicode_ci NOT NULL, + `issuerdn` varchar(1024) COLLATE utf8_unicode_ci NOT NULL, + `guestcert` tinyint(1) NOT NULL, + `revoked` tinyint(1) NOT NULL, + PRIMARY KEY (`certificateID`), + KEY `personID` (`personID`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ; + +ALTER TABLE `pbs_certificates` + ADD CONSTRAINT `pbs_certificates_ibfk_1` FOREIGN KEY (`personID`) REFERENCES `pbs_person` (`personID`); + + -- Insert Filtertypes INSERT INTO `pbs_filtertype` (`filtertypeID`, `filtertypename`) VALUES (1, 'IP'), -- cgit v1.2.3-55-g7522