|
|
@@ -2,60 +2,61 @@
|
|
|
use lithium\storage\Session;
|
|
|
use lithium\security\Auth;
|
|
|
use lithium\util\String;
|
|
|
-use app\models\User;
|
|
|
+use app\models\User;
|
|
|
use lithium\core\Libraries;
|
|
|
use lithium\action\Dispatcher;
|
|
|
use lithium\net\http\Router;
|
|
|
use lithium\action\Response;
|
|
|
use lithium\security\Password;
|
|
|
|
|
|
-
|
|
|
Session::config(array(
|
|
|
'cookie' => array('adapter' => 'Cookie'),
|
|
|
- 'default' => array('adapter' => 'Php'),
|
|
|
- 'flash_message' => array('adapter' => 'Php')
|
|
|
+ 'default' => array('adapter' => 'Php'),
|
|
|
+ 'flash_message' => array('adapter' => 'Php')
|
|
|
));
|
|
|
|
|
|
Auth::config(array(
|
|
|
- 'default' => array(
|
|
|
- 'adapter' => 'Form',
|
|
|
- 'model' => 'User',
|
|
|
- 'cookie' => '',
|
|
|
- 'fields' => array('username', 'password'),
|
|
|
- //'scope' => array('active' => 'true'), //The active field must be true otherwise they can't auth, though we need
|
|
|
- //to eventually send them to a page that explains they are banned.
|
|
|
- 'session' => array('options' => array('name' => 'default')),
|
|
|
- 'filters' => array(
|
|
|
- 'password' => function($password) {
|
|
|
- return $password; //prevents li3 from hashing the password before hand.
|
|
|
- },
|
|
|
-
|
|
|
- function($data) {
|
|
|
- if(isset($data['username']))
|
|
|
- {
|
|
|
- //Gett the user from the database
|
|
|
- $user = User::find('first', array('conditions' => array('username' => $data['username'])));
|
|
|
-
|
|
|
- //Hash the submitted password with the stored salt.
|
|
|
- $data['password'] = Password::hash($data['password'], $user->salt);
|
|
|
-
|
|
|
- }
|
|
|
- return $data;
|
|
|
-
|
|
|
- })
|
|
|
- )
|
|
|
-));
|
|
|
+ 'default' => array(
|
|
|
+ 'adapter' => 'Form',
|
|
|
+ 'model' => 'User',
|
|
|
+ 'cookie' => '',
|
|
|
+ 'fields' => array('username', 'password'),
|
|
|
+ //'scope' => array('active' => 'true'), //The active field must be true otherwise they can't auth, though we need
|
|
|
+ //to eventually send them to a page that explains they are banned.
|
|
|
+ 'session' => array('options' => array('name' => 'default')),
|
|
|
+ 'filters' => array(
|
|
|
+ 'password' => function($password)
|
|
|
+ {
|
|
|
+ return $password; //prevents li3 from hashing the password before hand.
|
|
|
+ },
|
|
|
+ function($data) {
|
|
|
+ if(isset($data['username']))
|
|
|
+ {
|
|
|
+ //Get the user from the database
|
|
|
+ $user = User::find('first', array('conditions' => array('username' => $data['username'])));
|
|
|
+ //Hash the submitted password with the stored salt.
|
|
|
+ $data['password'] = Password::hash($data['password'], $user->salt);
|
|
|
+ }
|
|
|
+ return $data;
|
|
|
+ }
|
|
|
+ )
|
|
|
+ )
|
|
|
+ )
|
|
|
+);
|
|
|
|
|
|
$secret = "cake";
|
|
|
|
|
|
// Adds remember feature for form-based authentications.
|
|
|
-Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
|
|
|
+Auth::applyFilter('check', function($self, $params, $chain) use ($secret)
|
|
|
+{
|
|
|
$query = 'first';
|
|
|
$scope = array();
|
|
|
extract($self::invokeMethod('_config', array($params['name'])));
|
|
|
- if ($result = $chain->next($self, $params, $chain)) {
|
|
|
+ if ($result = $chain->next($self, $params, $chain))
|
|
|
+ {
|
|
|
$request = $params['credentials'];
|
|
|
- if ($request && $adapter == 'Form' && !empty($request->data['remember'])) {
|
|
|
+ if ($request && $adapter == 'Form' && !empty($request->data['remember']))
|
|
|
+ {
|
|
|
$data = array_intersect_key($result, array_combine($fields, $fields));
|
|
|
$data = serialize($data);
|
|
|
Session::write(
|
|
|
@@ -66,12 +67,15 @@ Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
|
|
|
}
|
|
|
return $result;
|
|
|
}
|
|
|
- if ($adapter == 'Form') {
|
|
|
+ if ($adapter == 'Form')
|
|
|
+ {
|
|
|
$data = Session::read("Auth.{$params['name']}", array('name' => 'cookie'));
|
|
|
- if ($data) {
|
|
|
+ if ($data)
|
|
|
+ {
|
|
|
$data = base64_decode($data);
|
|
|
$data = unserialize($data);
|
|
|
- if (array_keys($data) == $fields) {
|
|
|
+ if (array_keys($data) == $fields)
|
|
|
+ {
|
|
|
$model = Libraries::locate('models', $model);
|
|
|
$data = array_map('strval', $data);
|
|
|
$user = $model::$query($scope + $data);
|
|
|
@@ -85,10 +89,13 @@ Auth::applyFilter('check', function($self, $params, $chain) use ($secret) {
|
|
|
});
|
|
|
|
|
|
// Removes remember cookie after sign out.
|
|
|
-Auth::applyFilter('clear', function($self, $params, $chain) {
|
|
|
+Auth::applyFilter('clear', function($self, $params, $chain)
|
|
|
+{
|
|
|
$config = $self::invokeMethod('_config', array($params['name']));
|
|
|
- if ($config['adapter'] == 'Form') {
|
|
|
- if (Session::read("Auth.{$params['name']}", array('name' => 'cookie'))) {
|
|
|
+ if ($config['adapter'] == 'Form')
|
|
|
+ {
|
|
|
+ if (Session::read("Auth.{$params['name']}", array('name' => 'cookie')))
|
|
|
+ {
|
|
|
Session::delete("Auth.{$params['name']}", array('name' => 'cookie'));
|
|
|
}
|
|
|
}
|
|
|
@@ -96,45 +103,44 @@ Auth::applyFilter('clear', function($self, $params, $chain) {
|
|
|
});
|
|
|
|
|
|
//So that we can filter a bunch of methods in one
|
|
|
-Dispatcher::applyFilter('_callable', function($self, $params, $chain) {
|
|
|
-
|
|
|
- //Invoke the _callable method, then execute the logic below
|
|
|
- $ctrl = $chain->next($self, $params, $chain);
|
|
|
+Dispatcher::applyFilter('_callable', function($self, $params, $chain)
|
|
|
+{
|
|
|
+ //Invoke the _callable method, then execute the logic below
|
|
|
+ $ctrl = $chain->next($self, $params, $chain);
|
|
|
+
|
|
|
+ //if the user is logged in
|
|
|
+ $user = Auth::check('default');
|
|
|
+ if($user)
|
|
|
+ {
|
|
|
+ //check if they are accessing an admin function
|
|
|
+ if ($ctrl->request->controller == 'admin' && !($user['level'] == 'root' || $user['level'] == 'admin'))
|
|
|
+ {
|
|
|
+ return function() use ($request)
|
|
|
+ {
|
|
|
+ //Users / index isn't public derp.
|
|
|
+ return new Response(compact('request') + array('location' => '/'));
|
|
|
+ };
|
|
|
+ }
|
|
|
|
|
|
- //if the user is logged in
|
|
|
- $user = Auth::check('default');
|
|
|
- if($user)
|
|
|
- {
|
|
|
- //check if they are accessing an admin function
|
|
|
- if ($ctrl->request->controller == 'admin' && !($user['level'] == 'root' || $user['level'] == 'admin'))
|
|
|
- {
|
|
|
- return function() use ($request) {
|
|
|
-
|
|
|
- //Users / index isn't public derp.
|
|
|
- return new Response(compact('request') + array('location' => '/'));
|
|
|
- };
|
|
|
- }
|
|
|
-
|
|
|
- //If they aren't trying to access admin, return
|
|
|
- return $ctrl;
|
|
|
- }
|
|
|
- //If they are performing a public action continue,
|
|
|
- if (isset($ctrl->publicActions) && in_array($params['request']->action, $ctrl->publicActions)) {
|
|
|
- return $ctrl;
|
|
|
- }
|
|
|
+ //If they aren't trying to access admin, return
|
|
|
+ return $ctrl;
|
|
|
+ }
|
|
|
+ //If they are performing a public action continue,
|
|
|
+ if (isset($ctrl->publicActions) && in_array($params['request']->action, $ctrl->publicActions))
|
|
|
+ {
|
|
|
+ return $ctrl;
|
|
|
+ }
|
|
|
|
|
|
- //Save the location they are going to
|
|
|
+ //Save the location they are going to
|
|
|
$value = array('controller' => $ctrl->request->controller, 'action' => $ctrl->request->action, 'args' => $ctrl->request->args);
|
|
|
Session::write('url', $value);
|
|
|
- //Redirect them to the login page
|
|
|
- return function() use ($request) {
|
|
|
- return new Response(compact('request') + array('location' => '/login'));
|
|
|
- };
|
|
|
+ //Redirect them to the login page
|
|
|
+ return function() use ($request)
|
|
|
+ {
|
|
|
+ return new Response(compact('request') + array('location' => '/login'));
|
|
|
+ };
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-?>
|
|
|
+?>
|
raylu