* @license PHP License * @package WB * @subpackage content */ /** * Load classes */ WBClass::load( 'WBUser' ); /** * User * * * * @version 0.3.2 * @package WB * @subpackage content */ class WBUser_Auth extends WBUser { /** * singleton * @var WBUser_Auth */ static private $current; /** * session object * @var patSession_Storage */ protected $sess; /** * logger * @var WBLog */ protected $log; /** * Private constructor * * Load authenticated user from session */ private function __construct() { WBClass::load('WBLog'); $this->log = WBLog::start(__CLASS__); $this->sess = WBClass::create('patSession'); $id = $this->sess->get('wb.user.auth.id'); $log = array( 'action' => 'continue', 'id' => $id ); if ($id) { $this->id = $id; $this->data = $this->sess->get('wb.user.auth.data'); $this->group = $this->sess->get('wb.user.auth.group'); $storage = $this->getStorageModule(); $storage->populate($this->id, $this->data, $this->group); } $this->log->notice( $log ); } /** * get instance * * Implements global access method of singleton pattern * * @return WBUser_Auth */ static public function getCurrent() { if(self::$current) { return self::$current; } self::$current = new WBUser_Auth(); return self::$current; } /** * check whether user is logged in * * Use this to see if current user is well known * * @return bool true in case the user is logged in, false otherwise */ public function isAuthenticated() { if ($this->id === null) { return false; } return true; } /** * login user * * Allows annonymous user to log in. Provide login data to log in. * Login data usually contains username (nickname) and a password. * Still, this method is just a wrapper for the actual authentication * module. Therefore it simply passes authentication data to the module. * * @see isAuthenticated() * @see logout() * @todo implement authentication module * @param array anything to log in with * @return string|null either the user id on success, or null * @see WBUser_Session::onLogin() */ public function login($data) { // already logged in if ($this->id !== null) { return $this->id; } // check credentials if (!isset($data['password'])) { return null; } $log = array( 'action' => 'login', 'status' => 'user_not_found', 'id' => '', 'nickname' => '', 'email' => '', 'approved' => 0, 'enabled' => 0 ); // login with e-mail address or nickname if (isset($data['nicknameoremail'])) { if (strstr($data['nicknameoremail'], '@')) { $data['email'] = $data['nicknameoremail']; $log['email'] = $data['email']; } else { $data['nickname'] = $data['nicknameoremail']; $log['nickname'] = $data['nickname']; } } // as concrete storage class for to authenticate user $storage = $this->getStorageModule(); $id = $storage->find($data); if (!$id) { $this->log->notice($log); return null; } $this->id = $id; $this->data = $storage->get(); $log['id'] = $this->id; $log['nickname'] = $this->data['nickname']; $log['email'] = $this->data['email']; $log['approved'] = $this->data['approved']; $log['enabled'] = $this->data['enabled']; // check approved flags if (!$log['enabled'] || ! $log['approved']) { $this->id = null; $this->data = array(); $log['status'] = 'user_not_allowed'; $this->log->notice($log); return null; } // verfiy password $hash = $storage->getPasswordHash($data['password']); if ($this->data['password'] != $hash) { $this->id = null; $this->data = array(); $log['status'] = 'wrong_password'; $this->log->notice($log); return null; } $this->group = $storage->getGroup(); // fork session to separate between loged in and anonymous session $this->sess->fork(); // store everything in session $this->sess->set('wb.user.auth.id', $this->id); $this->sess->set('wb.user.auth.data', $this->data); $this->sess->set('wb.user.auth.group', $this->group); $storage->set(array('lastlogin' => gmdate('Y-m-d H:i:s'))); $sess = WBClass::create('WBUser_Session'); $sess->onLogin(); return $this->id; } /** * logout current user * * Well in case current user is authenticated, she will be logged * out. * * @see login * @return bool - always true * @see WBUser_Session::onLogin() */ public function logout() { if( !$this->id ) { return true; } $log = array( 'action' => 'logout', 'id' => $this->id ); // log out $storage = $this->getStorageModule(); $storage->clear(); $sess = WBClass::create('WBUser_Session'); $sess->onLogout(); $this->id = null; $this->data = null; $this->group = null; $this->sess->clear( 'wb.user.auth.id' ); $this->sess->clear( 'wb.user.auth.data' ); $this->sess->clear( 'wb.user.auth.group' ); $this->log->notice( $log ); return true; } /** * load user and automatically log in * * This is like the "su" command * * @todo not done yet * @param string $id user's id * @return true on success, false otherwise */ public function load( $id ) { if( !parent::load( $id ) ) { return false; } } /** * Save user information * * Save user data also in session * * @param array $data */ public function set($data) { if (!$this->id) { return; } parent::set($data); $data = $this->getEditableData($data); $this->data = array_merge($this->data, $data); $this->sess->set('wb.user.auth.data', $this->data); } /** * check group membership * * Checks if user is in specified group * * @param string $name group name to validate * @param bool $id whether $name is the group's id * @return bool true in case user is member of given group */ public function isInGroup($name, $id = false) { // user must be logged in if (!$this->isAuthenticated()) { return false; } return parent::isInGroup($name, $id); } /** * update user data * * store changed user data in session and table * @param array $data * @return bool true on success, false otherwise */ public function setData( $data ) { if( !$this->id ) { return false; } // hash password if( isset( $data['password'] ) ) { $data['password'] = md5( $this->id . ':' . $data['password'] ); } // see what needs to be saved $saveable = array( 'forename', 'surname', 'password' ); $save = array(); foreach( $saveable as $s ) { if( !isset( $data[$s] ) || $data[$s] == $this->data[$s] ) { continue; } $save[$s] = $data[$s]; } // nothing to save if( empty( $save ) ) { return true; } // store in DB $table = WBClass::create( 'WBDatasource_Table' ); $table->save( 'user', $this->id, $save ); foreach( $save as $k => $v ) { $this->data[$k] = $v; } // store in session $this->sess->set( 'wb.user.auth.data', $this->data ); return true; } } ?>