Overview

Packages

  • CONTENIDO
  • Core
    • Authentication
    • Backend
    • Cache
    • CEC
    • Chain
    • ContentType
    • Database
    • Debug
    • Exception
    • Frontend
      • Search
      • URI
      • Util
    • GenericDB
      • Model
    • GUI
      • HTML
    • I18N
    • LayoutHandler
    • Log
    • Security
    • Session
    • Util
    • Validation
    • Versioning
    • XML
  • Module
    • ContentRssCreator
    • ContentSitemapHtml
    • ContentSitemapXml
    • ContentUserForum
    • NavigationTop
    • ScriptCookieDirective
  • mpAutoloaderClassMap
  • None
  • Plugin
    • ContentAllocation
    • CronjobOverview
    • FormAssistant
    • FrontendLogic
    • FrontendUsers
    • Linkchecker
    • ModRewrite
    • Newsletter
    • Repository
      • FrontendNavigation
      • KeywordDensity
    • SearchSolr
    • SmartyWrapper
    • UrlShortener
    • UserForum
    • Workflow
  • PluginManager
  • Setup
    • Form
    • GUI
    • Helper
      • Environment
      • Filesystem
      • MySQL
      • PHP
    • UpgradeJob

Classes

  • cAuth
  • cAuthHandlerAbstract
  • cAuthHandlerBackend
  • cAuthHandlerFrontend
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  • Todo 
  1: <?php
  2: 
  3: /**
  4:  * This file contains the global authentication class.
  5:  *
  6:  * @package Core
  7:  * @subpackage Authentication
  8:  * @author Dominik Ziegler
  9:  * @copyright four for business AG <www.4fb.de>
 10:  * @license http://www.contenido.org/license/LIZENZ.txt
 11:  * @link http://www.4fb.de
 12:  * @link http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: /**
 18:  * This class contains functions for global authentication in CONTENIDO.
 19:  *
 20:  * @package Core
 21:  * @subpackage Authentication
 22:  */
 23: class cAuth {
 24: 
 25:     /**
 26:      * Authentification user ID for nobody.
 27:      *
 28:      * @var string
 29:      */
 30:     const AUTH_UID_NOBODY = 'nobody';
 31: 
 32:     /**
 33:      * Authentification user ID for calling login form.
 34:      *
 35:      * @var string
 36:      */
 37:     const AUTH_UID_FORM = 'form';
 38: 
 39:     /**
 40:      * The global auth information array.
 41:      *
 42:      * @var array
 43:      */
 44:     public $auth = array();
 45: 
 46:     /**
 47:      * Lifetime for authenticated users in minutes.
 48:      * After that time the authentication expires.
 49:      *
 50:      * @var int
 51:      */
 52:     protected $_lifetime = 15;
 53: 
 54:     /**
 55:      * Automatic authentication as nobody.
 56:      *
 57:      * @var bool
 58:      */
 59:     protected $_defaultNobody = false;
 60: 
 61:     /**
 62:      * The "in flag".
 63:      * Nobody knows, for which reason it exists.
 64:      *
 65:      * @var bool
 66:      */
 67:     private $_in = false;
 68: 
 69:     /**
 70:      * Magic getter function for outdated variable names.
 71:      *
 72:      * @param string $name
 73:      *         name of the variable
 74:      * @return mixed
 75:      */
 76:     public function __get($name) {
 77:         if ($name == 'lifetime') {
 78:             return $this->_lifetime;
 79:         }
 80: 
 81:         if ($name == 'persistent_slots') {
 82:             return array(
 83:                 "auth"
 84:             );
 85:         }
 86: 
 87:         if ($name == 'classname') {
 88:             return get_class($this);
 89:         }
 90:     }
 91: 
 92:     /**
 93:      * Starts the authentication process.
 94:      */
 95:     public function start() {
 96:         $sess = cRegistry::getSession();
 97:         if (!$this->_in) {
 98:             $sess->register('auth');
 99:             $this->_in = true;
100:         }
101: 
102:         if ($this->isAuthenticated()) {
103:             $authInfo = $this->getAuthInfo();
104:             $userId = $authInfo['uid'];
105:             if ($userId == self::AUTH_UID_FORM) {
106:                 $userId = $this->validateCredentials();
107:                 if ($userId !== false) {
108:                     $this->_setAuthInfo($userId);
109:                     $this->logSuccessfulAuth();
110:                 } else {
111:                     $this->_fetchLoginForm();
112:                 }
113:             } elseif ($userId != self::AUTH_UID_NOBODY) {
114:                 $this->_setExpiration();
115:             }
116:         } else {
117:             $this->resetAuthInfo();
118: 
119:             $userId = $this->preAuthorize();
120:             if ($userId !== false) {
121:                 $this->_setAuthInfo($userId);
122: 
123:                 return;
124:             }
125: 
126:             if ($this->_defaultNobody == true) {
127:                 $this->_setAuthInfo(self::AUTH_UID_NOBODY, 0x7fffffff);
128:             } else {
129:                 $this->_fetchLoginForm();
130:             }
131:         }
132:     }
133: 
134:     /**
135:      * Restarts the authentication process.
136:      */
137:     public function restart() {
138:         $this->resetAuthInfo();
139:         $this->_defaultNobody = false;
140:         $this->start();
141:     }
142: 
143:     /**
144:      * Resets the global authentication information.
145:      *
146:      * @param bool $nobody [optional]
147:      *         If flag set to true, the default authentication is
148:      *         switched to nobody. (optional, default: false)
149:      */
150:     public function resetAuthInfo($nobody = false) {
151:         $this->auth['uid'] = ($nobody == false? '' : self::AUTH_UID_NOBODY);
152:         $this->auth['perm'] = '';
153: 
154:         $this->_setExpiration($nobody == false? 0 : 0x7fffffff);
155:     }
156: 
157:     /**
158:      * Logs out the current user, resets the auth information and
159:      * freezes the session.
160:      *
161:      * @param bool $nobody [optional]
162:      *         If flag set to true, nobody is recreated as user.
163:      * @return bool true
164:      */
165:     public function logout($nobody = false) {
166:         $sess = cRegistry::getSession();
167: 
168:         $sess->unregister('auth');
169:         unset($this->auth['uname']);
170: 
171:         $this->resetAuthInfo($nobody == false? $this->_defaultNobody : $nobody);
172:         $sess->freeze();
173: 
174:         return true;
175:     }
176: 
177:     /**
178:      * Getter for the auth information.
179:      *
180:      * @return array
181:      */
182:     public function getAuthInfo() {
183:         return $this->auth;
184:     }
185: 
186:     /**
187:      * Checks, if user is authenticated (NOT logged in!).
188:      *
189:      * @return bool
190:      */
191:     public function isAuthenticated() {
192:         $authInfo = $this->getAuthInfo();
193: 
194:         if (isset($authInfo['uid']) && $authInfo['uid'] && (($this->_lifetime <= 0) || (time() < $authInfo['exp']))) {
195:             return $authInfo['uid'];
196:         } else {
197:             return false;
198:         }
199:     }
200: 
201:     /**
202:      * Checks, if user is currently in login form mode.
203:      *
204:      * @return bool
205:      */
206:     public function isLoginForm() {
207:         $authInfo = $this->getAuthInfo();
208: 
209:         return isset($authInfo['uid']) && $authInfo['uid'] == self::AUTH_UID_FORM;
210:     }
211: 
212:     /**
213:      * Returns the user id of the currently authenticated user
214:      *
215:      * @return string
216:      */
217:     public function getUserId() {
218:         $authInfo = $this->getAuthInfo();
219: 
220:         return $authInfo['uid'];
221:     }
222: 
223:     /**
224:      * Returns the user name of the currently authenticated user
225:      *
226:      * @return string
227:      */
228:     public function getUsername() {
229:         $authInfo = $this->getAuthInfo();
230: 
231:         return $authInfo['uname'];
232:     }
233: 
234:     /**
235:      * Returns the permission string of the currently authenticated user
236:      *
237:      * @return string
238:      */
239:     public function getPerms() {
240:         $authInfo = $this->getAuthInfo();
241: 
242:         return $authInfo['perm'];
243:     }
244: 
245:     /**
246:      * Sets or refreshs the expiration of the authentication.
247:      *
248:      * @param int $expiration [optional]
249:      *         new expiration (optional, default: NULL = current time plus lifetime minutes)
250:      */
251:     protected function _setExpiration($expiration = NULL) {
252:         if ($expiration === NULL) {
253:             $expiration = time() + (60 * $this->_lifetime);
254:         }
255: 
256:         $this->auth['exp'] = $expiration;
257:     }
258: 
259:     /**
260:      * Fetches the login form.
261:      */
262:     protected function _fetchLoginForm() {
263:         $sess = cRegistry::getSession();
264: 
265:         $this->_setAuthInfo(self::AUTH_UID_FORM, 0x7fffffff);
266: 
267:         // TODO Method displayLoginForm() is declared in cAuthHandlerAbstract
268:         // which is extending this class! Better declare it in this class and
269:         // make it abstract!
270:         $this->displayLoginForm();
271: 
272:         $sess->freeze();
273:         exit();
274:     }
275: 
276:     /**
277:      * Sets the authentication info for a user.
278:      *
279:      * @param string $userId
280:      *         user ID to set
281:      * @param int $expiration [optional]
282:      *         expiration (optional, default: NULL)
283:      */
284:     protected function _setAuthInfo($userId, $expiration = NULL) {
285:         $this->auth['uid'] = $userId;
286:         $this->_setExpiration($expiration);
287:     }
288: }
289:
CMS CONTENIDO 4.9.11 API documentation generated by ApiGen 2.8.0