summaryrefslogblamecommitdiffstats
path: root/application/modules/dev/controllers/AuthController.php
blob: bb590371e24d3f5d017d97ee1c8f26da1fd67771 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
     









                                                                           
 
                                                       
 
                                
                           








                                                                           
                                                              





                                                              
                                                  

                                                     
                                                                      
                                
                                                                            






                                                                                 




                                                                   










                                                                                                   
                                                                                                                                              




                                                                                           
                                                                  





                                                                        









                                                              
                                                                            
                                
                                                                                  




















                                                                                                                       
                                                                                                              



                                                                                    





                                                                  
                                                              

                                                 
                                                        
                                         
                                                            
                       



                                               
























                                                                                                                
                                                                                                                     

















                                                                                                                
                        




































                                                                                                                                                                                                                                        
                         
                 




                                                                        

                                                         
                                                                                                            
















                                                                                            

                                       


                                                                                 

                 
 
<?php
/*
 * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
 * This program is free software distributed under the GPL version 2.
 * See http://gpl.openslx.org/
 *
 * If you have any feedback please consult http://feedback.openslx.org/ and
 * send your suggestions, praise, or complaints to feedback@openslx.org
 *
 * General information about OpenSLX can be found at http://openslx.org/
 */

class dev_AuthController extends Zend_Controller_Action
{
	protected $personmapper;
	private $db = null;

	public function init()
	{
		$this->db = Zend_Db_Table::getDefaultAdapter();
		$this->personmapper = new Application_Model_PersonMapper();
	}

	public function indexAction()
	{
		$this->_helper-> viewRenderer-> setNoRender();
		$this->_helper->redirector('login', 'auth');
	}

	public function loginAction()
	{
		if (Zend_Auth::getInstance()->hasIdentity()) {
			$this->_redirect('/dev/');
		} else {
			if (!isset($_POST["login"])){
				$loginForm = new dev_Form_AuthLogin();
			} else {
				$loginForm = new dev_Form_AuthLogin($_POST);

				if ($loginForm->isValid($_POST)) {

					$auth = Zend_Auth::getInstance();

					$adapter = new Zend_Auth_Adapter_DbTable(
					$this->db,
        		            'pbs_person',
        		            'email',
        		            'password',
        		            'MD5(CONCAT(?, password_salt))'
        		            );
        		             

        		            $adapter->setIdentity($loginForm->getValue('email'));
        		            $adapter->setCredential($loginForm->getValue('password'));

        		            $result = $auth->authenticate($adapter);

        		            // TODO: erweiterte fehlerbeschreibung des Users

        		            if ($result->isValid()) {
        		            	$this->personmapper = new Application_Model_PersonMapper();
        		            	$result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()),true);
        		            	$person = new Application_Model_Person($result[0]);
        		            	$person->setID($result[0]['personID']);
        		            	$date = new DateTime();
        		            	$person->setLogindate($date->getTimestamp());
        		            	$this->personmapper->save($person);
        		            	$this->_redirect('/dev/');
        		            	return;
        		            } else {
        		            	echo "Wrong Email or Password.";
        		            }
				}
			}
			$this->view->loginForm = $loginForm;
		}
	}

	public function registerAction()
	{
		if (Zend_Auth::getInstance()->hasIdentity()) {
			print_a('Already logged in.');
		} else {
			if (!isset($_POST["register"])){
				$registerForm = new dev_Form_AuthRegister();
			} else {
				$registerForm = new dev_Form_AuthRegister($_POST);

				if ($registerForm->isValid($_POST)) {

					$person = new Application_Model_Person($_POST);
					$this->personmapper = new Application_Model_PersonMapper();

					$date = new DateTime();
					$person->setRegisterdate($date->getTimestamp());
					$person->setPasswordSalt(MD5($date->getTimestamp()));
					$person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
					print_a($person);
					try {
						$this->personmapper->save($person);
					}catch(Zend_Exception $e)
					{
						echo "Caught exception: " . get_class($e) . "<br/>";
						echo "Message: " . $e->getMessage() . "<br/>";
						echo "Email Address already existing..";
						return;
					}
					echo "Successfully registered. <br/>";
					echo "Continue to Login: <a href=\""."/dev/auth/login"."\">Login</a>";
					$this->_helper->redirector('login', 'auth');
					return;
				}
			}
			$this->view->registerForm = $registerForm;
		}
	}

	public function logoutAction()
	{
		$this->_helper-> viewRenderer-> setNoRender();
		$auth = Zend_Auth::getInstance();
		$auth->clearIdentity();
		Zend_Session::namespaceUnset('userIDs');
		Zend_Session::forgetMe();
		$this->_helper->redirector('login', 'auth');
		return;
	}

	public function recoverpasswordAction()
	{
		if (isset($_POST["savePassword"])){
			$personID = $_POST['personID'];
			$recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID, $_POST));
			if ($recoverPasswordForm->isValid($_POST)) {
				$this->personmapper = new Application_Model_PersonMapper();
				$person = $this->personmapper->find($personID);
				$date = new DateTime();
				$person->setPassword($_POST['password']);
				$person->setPasswordSalt(MD5($date->getTimestamp()));
				$person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
				try {
					$this->personmapper->save($person);
				} catch(Zend_Exception $e)
				{
					echo "Caught exception: " . get_class($e) . "<br/>";
					echo "Message: " . $e->getMessage() . "<br/>";
					echo "Email Address already existing.";
					return;
				}
				$this->_helper->redirector('login', 'auth');
				return;
			}
		} else if(isset($_GET['recoveryid'])) {
			$recoveryid = $_GET['recoveryid'];
			$passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
			$passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid),true);
			if(count($passwordRecovery) > 0) {
				$passwordRecoveryObject = new Application_Model_PasswordRecovery();
				$passwordRecoveryObject->setID($passwordRecovery[0]['personID']);
				$passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']);
				$personID = $passwordRecoveryObject->getID();
				$recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID));
				try {
					$passwordRecoveryMapper->delete($passwordRecoveryObject);
				} catch(Zend_Exception $e)
				{
					echo "Caught exception: " . get_class($e) . "<br/>";
					echo "Message: " . $e->getMessage() . "<br/>";
					return;
				}
			} else {
				$this->_helper->redirector('login', 'auth');
				return;
			}
		} else {
			if (!isset($_POST["recoverPassword"])){
				$recoverPasswordForm = new dev_Form_AuthRecoverPassword();
			} else {
				$recoverPasswordForm = new dev_Form_AuthRecoverPassword($_POST);
				if ($recoverPasswordForm->isValid($_POST)) {
					$recoverPasswordForm->getView()->url();
					$this->personmapper = new Application_Model_PersonMapper();
					$result = $this->personmapper->findBy('email', $_POST['email']);
					$person = new Application_Model_Person($result[0]);
					$person->setID($result[0]['personID']);
					$email = $person->getEmail();
					$name = $person->getFirstname() . ' ' . $person->getName();
					$url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url();
					$recoveryid = randomString(100);
					$mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>';		
					$mail = new Zend_Mail();
					$mail->setBodyHtml($mailbody, 'utf8');
					$mail->getBodyHtml()->getContent();
					$mail->setFrom('admin@local', 'Admin');
					$mail->addTo($email, $name);
					$mail->setSubject('Password Wiederherstellung Preboot Server');
					$passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
					$passwordRecoveryObject = new Application_Model_PasswordRecovery();
					$passwordRecoveryObject->setID($person->getID());
					$passwordRecoveryObject->setRecoveryID($recoveryid);
					try {
						$passwordRecoveryMapper->save($passwordRecoveryObject);
						$mail->send();
					}catch(Zend_Exception $e)
					{
						echo "Caught exception: " . get_class($e) . "<br/>";
						echo "Message: " . $e->getMessage() . "<br/>";
						return;
					}
					$this->_helper->redirector('login', 'auth');
					return;
				}
			}
		}
		$this->view->recoverPasswordForm = $recoverPasswordForm;
	}

	public function deleteAction()
	{
		if($_POST['confirmdelete']) {
			$auth = Zend_Auth::getInstance();
			$result = $this->personmapper->findBy(array('email' => $auth->getIdentity()), true);
			$person = $result[0];
			$personID = $person["personID"];
			if (isset($personID)){
				$this->personmapper = new Application_Model_PersonMapper();
				$person = $this->personmapper->find($personID);
				try {
					$this->personmapper->delete($person);
				}catch(Zend_Exception $e)
				{
					echo "Caught exception: " . get_class($e) . "<br/>";
					echo "Message: " . $e->getMessage() . "<br/>";
					return;
				}
				$auth->clearIdentity();
				Zend_Session::namespaceUnset('userIDs');
				Zend_Session::forgetMe();
				$this->_helper->redirector('login', 'auth');
				return;
			}
		} else {
			$deleteconfirmform = new dev_Form_ConfirmDeleteAccount();
			$this->view->deleteconfirmform = $deleteconfirmform;
		}
	}
}