summaryrefslogtreecommitdiffstats
path: root/application/controllers/AuthController.php
blob: 735547bd0a957ad72219c6cc90fcc6e5f33828d7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
/*
 * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
 * This program is free software distributed under the GPL version 2.
 * See http://gpl.openslx.org/
 *
 * If you have any feedback please consult http://feedback.openslx.org/ and
 * send your suggestions, praise, or complaints to feedback@openslx.org
 *
 * General information about OpenSLX can be found at http://openslx.org/
 */

class AuthController extends Zend_Controller_Action
{
	protected $config;
	protected $pbs2host;

	public function init()
	{
		$bootstrap = $this->getInvokeArg('bootstrap');
		$this->config = $bootstrap->getOptions();
		$this->pbs2host = $this->config['pbs2']['host'];
	}

	public function indexAction()
	{
		$this->_helper->redirector('login', 'auth');
	}

	public function loginAction()
	{
		if (Zend_Auth::getInstance()->hasIdentity()) {
			$this->_redirect('/');
		} else {
			if (!isset($_POST["login"])){
				$loginForm = new Application_Form_Login();
			} else {
				$loginForm = new Application_Form_Login($_POST);

				if ($loginForm->isValid($_POST)) {
					$loginquery = "email=" . $loginForm->getValue('email') . "&password=" . $loginForm->getValue('password');
					$loginApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['login'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', $loginquery);
					$loginXMLString = $loginApiResult['http-body'];
					if(strlen($loginXMLString) > 0) {
						$loginXML = new SimpleXMLElement($loginXMLString);
						$login = $loginXML->login;
						$success = sprintf("%s", $login->success);
						if ($success === "true") {
							$membershipSession = new Zend_Session_Namespace('memberships');
							$count = 0;
							foreach($login->membershiplist->membership as $membershipXML)
							{
								$membership['membershipID'] = sprintf("%s", $membershipXML->id);
								$membership['personID'] = sprintf("%s", $membershipXML->personid);
								$membership['groupID'] = sprintf("%s", $membershipXML->groupid);
								$membership['roleID'] = sprintf("%s", $membershipXML->roleid);
								$membership['apikey'] = sprintf("%s", $membershipXML->apikey);
								$membership['suspend'] = sprintf("%s", $membershipXML->suspend);
								$membershipID = $membership['membershipID'];
								$membershipSession->$membershipID = $membership;
								if($count == 0) {
									$apikey = sprintf("%s", $membershipXML->apikey);
								}
								$count++;
							}

							$personApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getperson'] . $apikey, 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
							$personXMLString = $personApiResult['http-body'];
							if(strlen($personXMLString) > 0) {
								$personXML = new SimpleXMLElement($personXMLString);
								$person = new Application_Model_Person();
								$person->setID(sprintf("%s", $personXML->person->id));
								$person->setCity(sprintf("%s", $personXML->person->city));
								$person->setEmail(sprintf("%s", $personXML->person->email));
								$person->setFirstname(sprintf("%s", $personXML->person->firstname));
								$person->setHousenumber(sprintf("%s", $personXML->person->housenumber));
								$person->setLogin(sprintf("%s", $personXML->person->login));
								$person->setLogindate(sprintf("%s", $personXML->person->logindate));
								$person->setName(sprintf("%s", $personXML->person->name));
								$person->setPostalcode(sprintf("%s", $personXML->person->postalcode));
								$person->setRegisterdate(sprintf("%s", $personXML->person->registerdate));
								$person->setStreet(sprintf("%s", $personXML->person->street));
								$person->setSuspend(sprintf("%s", $personXML->person->suspend));
								$person->setTitle(sprintf("%s", $personXML->person->title));
								$personSession = new Zend_Session_Namespace('persons');
								$personName = sprintf("%s", $login->personid);
								$personSession->$personName = $person;
							}

							$userSession = new Zend_Session_Namespace('userIDs');
							$userSession->personID = sprintf("%s", $login->personid);

							$authSession = new Zend_Session_Namespace('auth');
							$authSession->storage = $loginForm->getValue('email');

							$this->_helper->redirector('selectmembership', 'person');
							return;
						} else {
							$error = sprintf("%s", $login->error);
							if($error == "wrong email or password") {
								$poolctrlNotifier = new Poolctrl_Notifier();
								$this->view->notification = $poolctrlNotifier->notify('Wrong Email or Password', 'error');
							} else if($error == "person suspended") {
								$poolctrlNotifier = new Poolctrl_Notifier();
								$this->view->notification = $poolctrlNotifier->notify('Your Account is suspended', 'error');
							}
						}
					}
				}
			}
			$this->view->loginForm = $loginForm;
		}
	}

	public function logoutAction()
	{
		$this->_helper-> viewRenderer-> setNoRender();
		$auth = Zend_Auth::getInstance();
		$auth->clearIdentity();
		Zend_Session::namespaceUnset('userIDs');
		Zend_Session::namespaceUnset('memberships');
		Zend_Session::namespaceUnset('persons');
		Zend_Session::namespaceUnset('groups');
		Zend_Session::namespaceUnset('roles');
		Zend_Session::forgetMe();
		$this->_helper->redirector('login', 'auth');
		return;
	}
}