1 files changed, 81 insertions, 75 deletions

diff --git a/config/bootstrap/auth.php b/config/bootstrap/auth.php
index a82d63a..87ee787 100644
--- a/config/bootstrap/auth.php
+++ b/config/bootstrap/auth.php
@@ -2,60 +2,61 @@
 use lithium\storage\Session;
 use lithium\security\Auth;
 use lithium\util\String;
-use app\models\User; 
+use app\models\User;
 use lithium\core\Libraries;
 use lithium\action\Dispatcher;
 use lithium\net\http\Router;
 use lithium\action\Response;
 use lithium\security\Password;
 
-
 Session::config(array(
 	'cookie' => array('adapter' => 'Cookie'),
-    'default' => array('adapter' => 'Php'),
-    'flash_message' => array('adapter' => 'Php')
+	'default' => array('adapter' => 'Php'),
+	'flash_message' => array('adapter' => 'Php')
 ));
 
 Auth::config(array(
-    'default' => array(
-        'adapter'  => 'Form',
-        'model'    => 'User',
-        'cookie'   => '',
-        'fields'   => array('username', 'password'),
-        //'scope'    => array('active' => 'true'), //The active field must be true otherwise they can't auth, though we need
-        										//to eventually send them to a page that explains they are banned. 
-        'session'  => array('options' => array('name' => 'default')),
-        'filters'  => array(
-	        'password' => function($password) {
-	        		return $password; //prevents li3 from hashing the password before hand. 
-	        	},
-
-		        function($data) {
-		        	if(isset($data['username'])) 
-		        	{
-		        		//Gett the user from the database 
-		        		$user = User::find('first', array('conditions' => array('username' => $data['username'])));
-
-		        		//Hash the submitted password with the stored salt. 
-		        		$data['password'] = Password::hash($data['password'], $user->salt);
-		        	
-		        	}
-		        	return $data;
-		        	
-	        })
-    )
-));
+	'default' => array(
+		'adapter'  => 'Form',
+		'model'    => 'User',
+		'cookie'   => '',
+		'fields'   => array('username', 'password'),
+		//'scope'    => array('active' => 'true'), //The active field must be true otherwise they can't auth, though we need
+		//to eventually send them to a page that explains they are banned.
+		'session'  => array('options' => array('name' => 'default')),
+		'filters'  => array(
+			'password' => function($password)
+				{
+					return $password; //prevents li3 from hashing the password before hand.
+				},
+				function($data) {
+					if(isset($data['username']))
+					{
+						//Get the user from the database
+						$user = User::find('first', array('conditions' => array('username' => $data['username'])));
+						//Hash the submitted password with the stored salt.
+						$data['password'] = Password::hash($data['password'], $user->salt);
+					}
+					return $data;
+				}
+			)
+		)
+	)
+);
 
 $secret = "cake";
 
 // Adds remember feature for form-based authentications.
-Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
+Auth::applyFilter('check', function($self, $params, $chain) use ($secret)
+{
 	$query = 'first';
 	$scope = array();
 	extract($self::invokeMethod('_config', array($params['name'])));
-	if ($result = $chain->next($self, $params, $chain)) {
+	if ($result = $chain->next($self, $params, $chain))
+	{
 		$request = $params['credentials'];
-		if ($request && $adapter == 'Form' && !empty($request->data['remember'])) {
+		if ($request && $adapter == 'Form' && !empty($request->data['remember']))
+		{
 			$data = array_intersect_key($result, array_combine($fields, $fields));
 			$data = serialize($data);
 			Session::write(
@@ -66,12 +67,15 @@ Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
 		}
 		return $result;
 	}
-	if ($adapter == 'Form') {
+	if ($adapter == 'Form')
+	{
 		$data = Session::read("Auth.{$params['name']}", array('name' => 'cookie'));
-		if ($data) {
+		if ($data)
+		{
 			$data = base64_decode($data);
 			$data = unserialize($data);
-			if (array_keys($data) == $fields) {
+			if (array_keys($data) == $fields)
+			{
 				$model = Libraries::locate('models', $model);
 				$data = array_map('strval', $data);
 				$user = $model::$query($scope + $data);
@@ -85,10 +89,13 @@ Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
 });
 
 // Removes remember cookie after sign out.
-Auth::applyFilter('clear', function($self, $params, $chain) {
+Auth::applyFilter('clear', function($self, $params, $chain)
+{
 	$config = $self::invokeMethod('_config', array($params['name']));
-	if ($config['adapter'] == 'Form') {
-		if (Session::read("Auth.{$params['name']}", array('name' => 'cookie'))) {
+	if ($config['adapter'] == 'Form')
+	{
+		if (Session::read("Auth.{$params['name']}", array('name' => 'cookie')))
+		{
 			Session::delete("Auth.{$params['name']}", array('name' => 'cookie'));
 		}
 	}
@@ -96,45 +103,44 @@ Auth::applyFilter('clear', function($self, $params, $chain) {
 });
 
 //So that we can filter a bunch of methods in one
-Dispatcher::applyFilter('_callable', function($self, $params, $chain) {
-   
-   //Invoke the _callable method, then execute the logic below
-    $ctrl = $chain->next($self, $params, $chain);
+Dispatcher::applyFilter('_callable', function($self, $params, $chain)
+{
+	//Invoke the _callable method, then execute the logic below
+	$ctrl = $chain->next($self, $params, $chain);
+
+	//if the user is logged in
+	$user = Auth::check('default');
+	if($user)
+	{
+		//check if they are accessing an admin function
+		if ($ctrl->request->controller == 'admin' && !($user['level'] == 'root' || $user['level'] == 'admin'))
+		{
+			return function() use ($request)
+			{
+				//Users / index isn't public derp.
+				return new Response(compact('request') + array('location' => '/'));
+			};
+		}
 
-    //if the user is logged in
-    $user = Auth::check('default');
-    if($user)
-    {
-    	//check if they are accessing an admin function
-    	if ($ctrl->request->controller == 'admin' && !($user['level'] == 'root' || $user['level'] == 'admin'))
-    	{
-    		return function() use ($request) {
-    				
-    				//Users / index isn't public derp.
-        			return new Response(compact('request') + array('location' => '/'));
-        		};
-    	}
-    	
-    	//If they aren't trying to access admin, return
-    	return $ctrl;
-    }
-    //If they are performing a public action continue,
-    if (isset($ctrl->publicActions) && in_array($params['request']->action, $ctrl->publicActions)) {
-        return $ctrl;
-    }
+		//If they aren't trying to access admin, return
+		return $ctrl;
+	}
+	//If they are performing a public action continue,
+	if (isset($ctrl->publicActions) && in_array($params['request']->action, $ctrl->publicActions))
+	{
+		return $ctrl;
+	}
 
-    //Save the location they are going to
+	//Save the location they are going to
 	$value = array('controller' => $ctrl->request->controller, 'action' => $ctrl->request->action, 'args' => $ctrl->request->args);
 	Session::write('url', $value);
-    //Redirect them to the login page 
-    return function() use ($request) {
-        return new Response(compact('request') + array('location' => '/login'));
-    };
+	//Redirect them to the login page
+	return function() use ($request)
+	{
+		return new Response(compact('request') + array('location' => '/login'));
+	};
 
 
 });
 
-
-
-
-?>
\ No newline at end of file
+?>