application/controllers/LoginController.php

   1 <?php
   2 /*  This file is part of Syj, Copyright (c) 2010 Arnaud Renevier,
   3     and is published under the AGPL license. */
   4
   5 class LoginController extends Zend_Controller_Action
   6 {
   7     public function init() {
   8         $this->view->headTitle($this->view->translate("login"));
   9         $this->view->headScript()->appendFile('js/prototype.js');
  10         $this->view->headScript()->appendFile('js/forms.js');
  11         $this->view->headScript()->appendFile('js/highlight.js');
  12         $this->view->headScript()->appendFile('js/login.js');
  13         $this->view->headLink()->appendStylesheet('css/generic.css');
  14         $this->view->headLink()->appendStylesheet('css/login.css');
  15     }
  16
  17     public function loginAction() {
  18         $form = new Syj_Form_Login(array('name' => 'loginform'));
  19         $request = $this->getRequest();
  20         $formData = $request->getPost();
  21         $this->view->form = $form;
  22         $httprequest = $request->isXmlHttpRequest();
  23
  24         if (!$httprequest) {
  25             $this->_jsLocaleStrings();
  26         }
  27
  28         if (empty ($formData) or !$form->isValid($formData)) {
  29             if ($httprequest) {
  30                 throw new Syj_Exception_Request();
  31             } else {
  32                 return;
  33             }
  34         }
  35
  36         /* form has been filled */
  37
  38         $adapter = Zend_Db_Table_Abstract::getDefaultAdapter();
  39         $authAdapter = new Zend_Auth_Adapter_DbTable($adapter, 'users', 'pseudo', 'password');
  40         $authAdapter->setIdentity($formData['login_user'])
  41                 ->setCredential(sha1($formData['login_password']));
  42
  43         $auth = Zend_Auth::getInstance();
  44         $result = $auth->authenticate($authAdapter);
  45         if (!$result->isValid()) {
  46             if ($httprequest) {
  47                 throw new Syj_Exception_Forbidden();
  48             } else {
  49                 $form->addError('Wrong login/password');
  50                 return;
  51             }
  52         }
  53
  54         $userid = $authAdapter->getResultRowObject('id')->id;
  55         $auth->getStorage()->write(array('user' => $userid));
  56         Zend_Session::rememberMe(); // zend default expiration delay is 2 weeks. Ok, use that value
  57
  58
  59         if ($httprequest) {
  60             $api = $this->_helper->SyjApi->setCode(200);
  61
  62             $login_geom_id = $formData['login_geom_id'];
  63             if ($login_geom_id) {
  64                 $path = new Syj_Model_Path();
  65                 $pathMapper = new Syj_Model_PathMapper();
  66                 if (!$pathMapper->find((int)$login_geom_id, $path)) {
  67                     throw new Syj_Exception_Request();
  68                 }
  69                 if ($path->owner->id === $userid) {
  70                     $api->setBody("1"); // owner of displayed geometry
  71                 } else {
  72                     $api->setBody("0");
  73                 }
  74             } else {
  75                 $api->setBody("1"); // no geometry displayed: owner of the (future) geometry
  76             }
  77         } else {
  78             $this->redirect();
  79         }
  80     }
  81
  82     public function logoutAction() {
  83         Zend_Session::start();
  84         Zend_Session::destroy();
  85         $this->redirect();
  86     }
  87
  88     protected function redirect($target = null) {
  89         if (!isset($target)) {
  90             $target = $this->getRequest()->getQuery('redirect');
  91         }
  92
  93         if (!isset($target)) {
  94             $target = $this->view->baseUrl();
  95         }
  96         if (!$target) {
  97             $target = '/';
  98         }
  99
 100         $this->_helper->Redirector->gotoURL($target, array('prependBase' => false));
 101     }
 102
 103     protected function _jsLocaleStrings() {
 104         $this->view->jslocales = array(
 105             'userEmptyWarn' => __("you must enter a login name"));
 106     }
 107 }