1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
<?php
/*
* Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
* This program is free software distributed under the GPL version 2.
* See http://gpl.openslx.org/
*
* If you have any feedback please consult http://feedback.openslx.org/ and
* send your suggestions, praise, or complaints to feedback@openslx.org
*
* General information about OpenSLX can be found at http://openslx.org/
*/
class Fbgui_AuthController extends Zend_Controller_Action {
public function init() {
$this->db = Zend_Db_Table::getDefaultAdapter();
$this->personmapper = new Application_Model_PersonMapper();
}
public function indexAction() {
$this->_helper-> viewRenderer-> setNoRender();
$this->_helper->redirector('login', 'auth');
}
public function loginAction() {
if (Zend_Auth::getInstance()->hasIdentity()) {
$this->_redirect('/fbgui/');
}
elseif($_SERVER['SSL_CLIENT_VERIFY'] === 'SUCCESS'){
$serial = $_SERVER['SSL_CLIENT_M_SERIAL'];
$issuerdn = $_SERVER['SSL_CLIENT_I_DN'];
$certificatemapper = new Application_Model_CertificateMapper();
$certificate = $certificatemapper->findBy(array('serial' => $serial, 'issuerdn' => $issuerdn));
if(isset($certificate)){
if (!$certificate->getRevoked() && !$certificate->getGuestcert() && ($certificate->getExpiredate() - time()) > 0){
$person = $this->personmapper->find($certificate->getPersonID());
$date = new DateTime();
$person->setLogindate($date->getTimestamp());
$this->personmapper->save($person);
$this->_helper->redirector('selectmembership', 'person');
return;
}
}
$this->_redirect('/fbgui/index/error/certresult/forbidden');
}
else {
if (!isset($_POST["login"])) {
$loginForm = new fbgui_Form_Login();
} else {
$loginForm = new fbgui_Form_Login($_POST);
if ($loginForm->isValid($_POST)) {
$auth = Zend_Auth::getInstance();
$adapter = new Zend_Auth_Adapter_DbTable($this->db, 'pbs_person', 'email', 'password', 'MD5(CONCAT(?, password_salt))');
$adapter->setIdentity($loginForm->getValue('email'));
$adapter->setCredential($loginForm->getValue('password'));
$result = $auth->authenticate($adapter);
// TODO: erweiterte fehlerbeschreibung des Users
if ($result->isValid()) {
$this->personmapper = new Application_Model_PersonMapper();
$result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()), true);
$person = new Application_Model_Person($result[0]);
$person->setID($result[0]['personID']);
$date = new DateTime();
$person->setLogindate($date->getTimestamp());
$this->personmapper->save($person);
$this->_helper->redirector('selectmembership', 'person');
return;
} else {
echo "Wrong Email or Password.";
}
}
}
$this->view->loginForm = $loginForm;
}
}
public function logoutAction() {
$this->_helper-> viewRenderer-> setNoRender();
$auth = Zend_Auth::getInstance();
$auth->clearIdentity();
Zend_Session::namespaceUnset('userIDs');
Zend_Session::forgetMe();
$this->_redirect('/fbgui/index');
# $this->_helper->redirector('fbgui', 'index');
return;
}
}
|
