}
public function run() {
- $sessionConfig = new Zend_Config_Ini(APPLICATION_PATH . '/configs/session.ini', APPLICATION_ENV);
- Zend_Session::setOptions($sessionConfig->toArray());
Zend_Controller_Action_HelperBroker::getStaticHelper('ViewRenderer')->initView(APPLICATION_PATH . '/views/', 'Syj_View');
-
parent::run();
}
+++ /dev/null
-; This file is part of Syj, Copyright (c) 2010-2011 Arnaud Renevier,
-; and is published under the AGPL license. */
-[production]
-name = syj_session
-use_cookies = on
-use_trans_sid = off
-use_only_cookies = on
-cookie_httponly = on
-
-[development:production]
{
public function init() {
- $this->_helper->SyjSession->needsLogin();
+ $this->_helper->SyjUserManager->needsLogin();
$this->_helper->SyjMedias->addScripts('account');
$this->view->headLink()->appendStylesheet('css/generic.css', 'all');
}
public function indexAction() {
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
$request = $this->getRequest();
$form = new Syj_Form_Account(array('name' => 'accountform'));
}
if (empty($formData)) {
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
if ($user) {
$form->contact_email->setValue($user->email)
->setAttrib('readonly', 'true');
$this->view->headTitle($title);
$this->view->headMeta()->appendName('description', $this->view->translate('website to share routes'));
- $this->view->loggedUser = $this->_helper->SyjSession->user();
+ $this->view->loggedUser = $this->_helper->SyjUserManager->current();
}
protected function _initForms() {
$this->view->headTitle("Show your journey");
$this->view->headMeta()->appendName('description', $this->view->translate('website to share routes'));
- $this->view->loggedUser = $this->_helper->SyjSession->user();
+ $this->view->loggedUser = $this->_helper->SyjUserManager->current();
$this->_helper->ViewRenderer->setViewScriptPathSpec(':controller/index.:suffix');
$error = $this->_getParam('error_handler');
protected function _jsLoggedInfo(Syj_Model_Path $path = null) {
$loggedinfo = new phptojs\JsObject('gLoggedInfo', array('connections' => 0));
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
if ($user) {
$loggedinfo->logged = true;
} else {
{
public function init() {
- $this->_helper->SyjSession->needsLogin();
+ $this->_helper->SyjUserManager->needsLogin();
$this->_helper->SyjMedias->addScripts('list');
}
public function indexAction() {
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
$pathMapper = new Syj_Model_PathMapper();
$list = $pathMapper->fetchByCreator($user);
$paginator = Zend_Paginator::factory($list);
}
/* form has been filled */
-
- $adapter = Zend_Db_Table_Abstract::getDefaultAdapter();
- $authAdapter = new Zend_Auth_Adapter_DbTable($adapter, 'users', 'pseudo', 'password');
- $authAdapter->setIdentity($formData['login_user'])
- ->setCredential(sha1($formData['login_password']));
-
- $auth = Zend_Auth::getInstance();
- $result = $auth->authenticate($authAdapter);
- if (!$result->isValid()) {
+ if (!$this->_helper->SyjUserManager->validate($formData['login_user'], sha1($formData['login_password']))) {
if ($httprequest) {
throw new Syj_Exception_Forbidden();
} else {
}
}
- $userid = $authAdapter->getResultRowObject('id')->id;
- $this->_helper->SyjSession->login($userid);
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
if ($httprequest) {
$api = $this->_helper->SyjApi->setCode(200);
}
public function logoutAction() {
- $this->_helper->SyjSession->logout();
+ $this->_helper->SyjUserManager->logout();
$this->redirect();
}
}
if (empty($formData)) {
- $loggeduser = $this->_helper->SyjSession->user();
+ $loggeduser = $this->_helper->SyjUserManager->current();
if ($loggeduser) {
$form->newpwd_email->setValue($loggeduser->email)
->setAttrib('readonly', 'true');
$user = new Syj_Model_User();
if ($userMapper->findByEmail($formData['newpwd_email'], $user)) {
// if no user exist with posted email, pretend everything went correct
- $loggeduser = isset($loggeduser) ? $loggeduser: $this->_helper->SyjSession->user();
+ $loggeduser = isset($loggeduser) ? $loggeduser: $this->_helper->SyjUserManager->current();
if ($loggeduser and ($loggeduser != $user)) {
throw new Syj_Exception_Request();
}
$formData = $this->_helper->SyjPostData->getPostData('Syj_Form_Geom');
$path = new Syj_Model_Path();
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
if (!$user and !$formData["geom_accept"]) {
throw new Syj_Exception_Request();
}
}
}
- $user = $this->_helper->SyjSession->user();
+ $user = $this->_helper->SyjUserManager->current();
if (!$path->isCreator($user)) {
throw new Syj_Exception_Forbidden();
}
$title = $this->view->translate("password changed");
$this->_helper->ViewRenderer->setViewScriptPathSpec(':controller/password_validate.:suffix');
- $this->_helper->SyjSession->logout();
+ $this->_helper->SyjUserManager->logout();
} else if (array_key_exists('pending_cancel', $formData)) {
if (!$pending->cancel()) {
}
}
- $this->_helper->SyjSession->login($user->id);
+ $this->_helper->SyjUserManager->validate($user->pseudo, $user->password);
$data = array('pseudo' => $user->pseudo);
$this->_helper->SyjApi->setBodyJson($data)->setCode(200);
+++ /dev/null
-<?php
-/* This file is part of Syj, Copyright (c) 2010-2011 Arnaud Renevier,
- and is published under the AGPL license. */
-
-class Syj_Controller_Action_Helper_SyjSession extends Zend_Controller_Action_Helper_Abstract
-{
- protected static $cache = array();
-
- static public function login($userid) {
- $userMapper = new Syj_Model_UserMapper();
- $user = new Syj_Model_User();
- if (!$userMapper->find($userid, $user)) {
- throw new Zend_Exception();
- }
-
- $storage = new Zend_Session_Namespace('userSettings');
- $storage->user = $user->id;
- Zend_Session::rememberMe();
- }
-
- static public function logout() {
- $storage = new Zend_Session_Namespace('userSettings');
- unset($storage->user);
- Zend_Session::rememberMe();
- }
-
- static public function user() {
- $storage = new Zend_Session_Namespace('userSettings');
- $id = $storage->user;
- if (!isset($id)) {
- return null;
- }
- if (isset (self::$cache[$id])) {
- return self::$cache[$id];
- }
-
- $userMapper = new Syj_Model_UserMapper();
- $user = new Syj_Model_User();
- if ($userMapper->find($id, $user)) {
- self::$cache[$id] = $user;
- return $user;
- } else {
- self::logout();
- return null;
- }
- }
-
- public function needsLogin() {
- $user = self::user();
- if ($user) {
- return;
- }
- $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
- $view = $viewRenderer->view;
- $request = $this->getRequest();
-
- $encodeduri = $view->UriPath(true);
- $loginurl = $view->addParamToUrl($view->baseUrl() . '/' . 'login', 'redirect', $encodeduri);
- $translator = Zend_Registry::get('Zend_Translate');
- $this->getActionController()->getHelper('Redirector')->gotoURL($loginurl, array('prependBase' => false));
- }
-}
--- /dev/null
+<?php
+/* This file is part of Syj, Copyright (c) 2010-2011 Arnaud Renevier,
+ and is published under the AGPL license. */
+
+class Syj_Controller_Action_Helper_SyjUserManager extends Zend_Controller_Action_Helper_Abstract
+{
+ // -1 for undeterminated, null for non logged, Syj_Model_User for a logged user
+ protected static $_current = -1;
+
+ static public function validate($username, $hash) {
+ // TODO: try to make only one sql request
+ $adapter = Zend_Db_Table_Abstract::getDefaultAdapter();
+ $authAdapter = new Zend_Auth_Adapter_DbTable($adapter, 'users', 'pseudo', 'password');
+ $authAdapter->setIdentity($username)->setCredential($hash);
+ $auth = Zend_Auth::getInstance();
+ $result = $auth->authenticate($authAdapter);
+ if (!$result->isValid()) {
+ self::$_current = null;
+ return false;
+ }
+ $userid = $authAdapter->getResultRowObject('id')->id;
+ $userMapper = new Syj_Model_UserMapper();
+ $user = new Syj_Model_User();
+ if (!$userMapper->find($userid, $user)) {
+ throw new Zend_Exception();
+ }
+
+ if (!isset ($_COOKIE['syj_user']) or (!isset ($_COOKIE['syj_hashpass']))) {
+ setcookie("syj_user", $username, 0, "", "", false, true);
+ setcookie("syj_hashpass", $hash, 0, "", "", false, true);
+ }
+ self::$_current = $user;
+ return true;
+ }
+
+ static public function logout() {
+ self::$_current = null;
+ if (isset ($_COOKIE['syj_user'])) {
+ setcookie ('syj_user', "", time() - 3600, "" , "",false, true);
+ }
+ if (isset ($_COOKIE['syj_hashpass'])) {
+ setcookie ('syj_hashpass', "", time() - 3600, "" , "",false, true);
+ }
+ }
+
+ static public function current() {
+ if (self::$_current === -1) {
+ if ((!isset ($_COOKIE['syj_user'])) || (!isset ($_COOKIE['syj_hashpass']))
+ || (!self::validate($_COOKIE['syj_user'], $_COOKIE['syj_hashpass']))) {
+ self::logout();
+ }
+ }
+ return self::$_current;
+ }
+
+ public function needsLogin() {
+ if (self::current()) {
+ return;
+ }
+
+ $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
+ $view = $viewRenderer->view;
+ $request = $this->getRequest();
+
+ $encodeduri = $view->UriPath(true);
+ $loginurl = $view->addParamToUrl($view->baseUrl() . '/' . 'login', 'redirect', $encodeduri);
+ $translator = Zend_Registry::get('Zend_Translate');
+ $this->getActionController()->getHelper('Redirector')->gotoURL($loginurl, array('prependBase' => false));
+ }
+
+}
public function postDispatch(Zend_Controller_Request_Abstract $request) {
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
$view = $viewRenderer->view;
- $sessionHelper = Zend_Controller_Action_HelperBroker::getStaticHelper('SyjSession');
- $view->loggedUser = $sessionHelper->user();
+ $helper = Zend_Controller_Action_HelperBroker::getStaticHelper('SyjUserManager');
+ $view->loggedUser = $helper->current();
}
}
*/5 * * * * /data/project/syj/scripts/cron.php
# every month, update geoip db
12 3 3 * * /data/project/syj/scripts/updategeoip.sh
-# every day, delete old sessions files
-47 4 * * * find /tmp/ -name "sess_*" -user syj -ctime +45 -exec rm -f '{}' \;
# every day, vacuum tables
48 4 * * * psql syj syj -c "VACUUM ANALYZE users" > /dev/null
48 4 * * * psql syj syj -c "VACUUM ANALYZE paths" > /dev/null