00001 <?php
00002
00003
00004
00005
00006
00007
00008 class LoginUsersBaseCommand extends CommandChain {
00009
00010
00011
00012 public function get_name() {
00013 return 'login';
00014 }
00015
00016 protected function do_can_execute($user) {
00017 return empty($user);
00018 }
00019
00020 protected function do_execute() {
00021 $ret = new Status();
00022 $params = $this->get_params();
00023
00024 $user = $this->do_create_user_dao($params, $ret);
00025 if ($ret->is_error()) {
00026 return $ret;
00027 }
00028
00029 $this->do_prepare_user_dao($user);
00030
00031 if ($user->find(IDataObject::AUTOFETCH)) {
00032 $ret->merge($this->check_password_hash($user, $params));
00033 if ($ret->is_ok()) {
00034 $this->set_result($user);
00035 switch ($user->status) {
00036 case Users::STATUS_UNCONFIRMED;
00037 $ret->append(tr('Your account has not yet been activated', 'users'));
00038 break;
00039 case Users::STATUS_ACTIVE:
00040
00041 $this->append(CommandsFactory::create_command($user, 'restartsession', false));
00042 $this->append(CommandsFactory::create_command($user, 'loginknown', $params));
00043 break;
00044 default:
00045 $ret->append($this->do_get_default_error_message());
00046 break;
00047 }
00048 }
00049 }
00050 else {
00051 $ret->append($this->do_get_default_error_message());
00052 }
00053 return $ret;
00054 }
00055
00056
00057
00058
00059
00060
00061 protected function check_password_hash(DAOUsers $user, $params) {
00062 $ret = new Status();
00063 $password = $this->params_extract_password($params);
00064 if (!$user->password_match($password)) {
00065 $ret->append($this->do_get_default_error_message());
00066 }
00067 else if ($user->hash_type != Config::get_value(ConfigUsermanagement::HASH_TYPE)) {
00068 $user->hash_type = Config::get_value(ConfigUsermanagement::HASH_TYPE);
00069 $algo = Users::create_hash_algorithm($user->hash_type);
00070 $user->password = $algo->hash($password);
00071 $this->append(CommandsFactory::create_command($user, 'update', array()));
00072 }
00073 return $ret;
00074 }
00075
00076
00077
00078
00079
00080
00081 protected function params_extract_name($params) {
00082 return Cast::string(Arr::get_item($params, 'name', ''));
00083 }
00084
00085
00086
00087
00088
00089
00090 protected function params_extract_password($params) {
00091 return Cast::string(Arr::get_item($params, 'password', ''));
00092 }
00093
00094
00095
00096
00097
00098
00099
00100
00101 protected function do_create_user_dao($params, $err) {
00102 $err->merge($this->do_validate_params($params));
00103 $user = new DAOUsers();
00104 $user->name = $this->params_extract_name($params);
00105
00106 return $user;
00107 }
00108
00109
00110
00111
00112
00113
00114
00115 protected function do_validate_params($params) {
00116 $err = new Status();
00117 $name = $this->params_extract_name($params);
00118 $pwd = $this->params_extract_password($params);
00119
00120 if ($name == '') {
00121 $err->append(tr('Please provide a user name for login', 'users'));
00122 }
00123 if ($pwd == '') {
00124 $err->append(tr('Please provide a password for login', 'users'));
00125 }
00126
00127 return $err;
00128 }
00129
00130
00131
00132
00133
00134
00135 protected function do_prepare_user_dao(DAOUsers $user) {
00136 $user->add_where('status', DBWhere::OP_IN, array(Users::STATUS_ACTIVE, Users::STATUS_UNCONFIRMED));
00137 }
00138
00139
00140
00141
00142 protected function do_get_default_error_message() {
00143 return tr('Username or password are wrong. Please try again.', 'users');
00144 }
00145 }
