diff options
author | mattab <matthieu.aubry@gmail.com> | 2014-06-02 07:19:37 +0400 |
---|---|---|
committer | mattab <matthieu.aubry@gmail.com> | 2014-06-02 07:19:37 +0400 |
commit | c18c274c6aebdead9e09d22e7b0b1e023608a96d (patch) | |
tree | c8c7af171779608317f2ee5798c41b12ee645cc7 /plugins | |
parent | 6b6444f3a3b0994c4a0cc7b90eeb12775f479584 (diff) |
Small refactor of the Login/Auth object.
Refs https://github.com/piwik/piwik/pull/299 - instead of creating loginFlow object, maybe we can throw events from the methods `processFailedSession()` and `processSuccessfullSession()`
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/Login/Auth.php | 92 |
1 files changed, 70 insertions, 22 deletions
diff --git a/plugins/Login/Auth.php b/plugins/Login/Auth.php index 97c2a374ea..8407e26cc6 100644 --- a/plugins/Login/Auth.php +++ b/plugins/Login/Auth.php @@ -76,32 +76,15 @@ class Auth implements \Piwik\Auth */ public function initSession($login, $md5Password, $rememberMe) { - Session::regenerateId(); - - $tokenAuth = API::getInstance()->getTokenAuth($login, $md5Password); + $this->regenerateSessionId(); - $this->setLogin($login); - $this->setTokenAuth($tokenAuth); - $authResult = $this->authenticate(); + $authResult = $this->doAuthenticateSession($login, $md5Password); - $authCookieName = Config::getInstance()->General['login_cookie_name']; - $authCookieExpiry = $rememberMe ? time() + Config::getInstance()->General['login_cookie_expire'] : 0; - $authCookiePath = Config::getInstance()->General['login_cookie_path']; - $cookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath); if (!$authResult->wasAuthenticationSuccessful()) { - $cookie->delete(); - throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect')); + $this->processFailedSession($rememberMe); + } else { + $this->processSuccessfullSession($login, $authResult->getTokenAuth(), $rememberMe); } - - $cookie->set('login', $login); - $cookie->set('token_auth', $this->getHashTokenAuth($login, $authResult->getTokenAuth())); - $cookie->setSecure(ProxyHttp::isHttps()); - $cookie->setHttpOnly(true); - $cookie->save(); - - - // remove password reset entry if it exists - Login::removePasswordResetInfo($login); } /** @@ -135,4 +118,69 @@ class Auth implements \Piwik\Auth { return md5($login . $token_auth); } + + /** + * @param $login + * @param $md5Password + * @return AuthResult + * @throws \Exception + */ + protected function doAuthenticateSession($login, $md5Password) + { + $tokenAuth = API::getInstance()->getTokenAuth($login, $md5Password); + + $this->setLogin($login); + $this->setTokenAuth($tokenAuth); + $authResult = $this->authenticate(); + return $authResult; + } + + /** + * @param $rememberMe + * @return Cookie + */ + protected function getAuthCookie($rememberMe) + { + $authCookieName = Config::getInstance()->General['login_cookie_name']; + $authCookieExpiry = $rememberMe ? time() + Config::getInstance()->General['login_cookie_expire'] : 0; + $authCookiePath = Config::getInstance()->General['login_cookie_path']; + $cookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath); + return $cookie; + } + + /** + * Executed when the session could not authenticate + * @param $rememberMe + * @throws \Exception + */ + protected function processFailedSession($rememberMe) + { + $cookie = $this->getAuthCookie($rememberMe); + $cookie->delete(); + throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect')); + } + + /** + * Executed when the session was successfully authenticated + * @param $login + * @param $tokenAuth + * @param $rememberMe + */ + protected function processSuccessfullSession($login, $tokenAuth, $rememberMe) + { + $cookie = $this->getAuthCookie($rememberMe); + $cookie->set('login', $login); + $cookie->set('token_auth', $this->getHashTokenAuth($login, $tokenAuth)); + $cookie->setSecure(ProxyHttp::isHttps()); + $cookie->setHttpOnly(true); + $cookie->save(); + + // remove password reset entry if it exists + Login::removePasswordResetInfo($login); + } + + protected function regenerateSessionId() + { + Session::regenerateId(); + } } |