Mibew/mibew
1
0
Fork 0
mirror of https://github.com/Mibew/mibew.git synced 2025-03-04 10:58:31 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extract SessionAuthenticationManager

Browse Source
This commit is contained in:
Dmitriy Simushev 2014-11-13 11:19:53 +00:00
parent 47851c9ed2
commit a43d46f5f5
2 changed files with 155 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php
View File

@ -28,33 +28,17 @@ use Symfony\Component\HttpFoundation\Response;
/** /**
* Controls operator's authentication. * Controls operator's authentication.
*
* This is the base authentication manager for the system.
*/ */
class AuthenticationManager implements AuthenticationManagerInterface, CookieFactoryAwareInterface class AuthenticationManager extends SessionAuthenticationManager implements CookieFactoryAwareInterface
{ {
/**
* Indicates if the operator is logged in.
* @var boolean
*/
protected $loggedIn = false;
/** /**
* Indicates if the operator should be remembered after login. * Indicates if the operator should be remembered after login.
* @var boolean * @var boolean
*/ */
protected $remember = false; protected $remember = false;
/**
* Indicates if the current operator is logged out.
* @var boolean
*/
protected $loggedOut = false;
/**
* The current operator.
* @var array|null
*/
protected $operator = null;
/** /**
* @var CookieFactory|null * @var CookieFactory|null
*/ */
@ -89,9 +73,7 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
public function setOperatorFromRequest(Request $request) public function setOperatorFromRequest(Request $request)
{ {
// Try to get operator from session. // Try to get operator from session.
if (isset($_SESSION[SESSION_PREFIX . 'operator'])) { if (parent::setOperatorFromRequest($request)) {
$this->operator = $_SESSION[SESSION_PREFIX . 'operator'];
return true; return true;
} }
@ -106,8 +88,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
&& calculate_password_hash($op['vclogin'], $op['vcpassword']) == $pwd && calculate_password_hash($op['vclogin'], $op['vcpassword']) == $pwd
&& !operator_is_disabled($op); && !operator_is_disabled($op);
if ($can_login) { if ($can_login) {
// Cache operator in the session data
$_SESSION[SESSION_PREFIX . 'operator'] = $op;
$this->operator = $op; $this->operator = $op;
return true; return true;
@ -123,8 +103,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$dispatcher->triggerEvent(Events::OPERATOR_AUTHENTICATE, $args); $dispatcher->triggerEvent(Events::OPERATOR_AUTHENTICATE, $args);
if (!empty($args['operator'])) { if (!empty($args['operator'])) {
// Cache operator in the session
$_SESSION[SESSION_PREFIX . 'operator'] = $args['operator'];
$this->operator = $args['operator']; $this->operator = $args['operator'];
return true; return true;
@ -139,11 +117,9 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/ */
public function attachOperatorToResponse(Response $response) public function attachOperatorToResponse(Response $response)
{ {
if ($this->loggedOut) { parent::attachOperatorToResponse($response);
// An operator is logged out. Clean up session data.
unset($_SESSION[SESSION_PREFIX . 'operator']);
unset($_SESSION['backpath']);
if ($this->loggedOut) {
// Clear remember cookie. // Clear remember cookie.
$cookie_factory = $this->getCookieFactory(); $cookie_factory = $this->getCookieFactory();
$response->headers->clearCookie( $response->headers->clearCookie(
@ -152,9 +128,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$cookie_factory->getDomain() $cookie_factory->getDomain()
); );
} elseif ($this->loggedIn) { } elseif ($this->loggedIn) {
// An operator is logged in. Update operator in the session.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
// Set remember me cookie if needed // Set remember me cookie if needed
if ($this->remember) { if ($this->remember) {
$password_hash = calculate_password_hash( $password_hash = calculate_password_hash(
@ -170,38 +143,21 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$response->headers->setCookie($remember_cookie); $response->headers->setCookie($remember_cookie);
} }
} elseif ($this->operator) {
// Update the current operator.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
} }
} }
/**
* {@inheritdoc}
*/
public function getOperator()
{
return $this->operator;
}
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setOperator($operator) public function setOperator($operator)
{ {
$operator_updated = $operator if ($this->isOperatorChanged($operator)) {
&& $this->operator
&& ($this->operator['operatorid'] == $operator['operatorid']);
if (!$operator_updated) {
// If the current operator is changed (not updated) we should // If the current operator is changed (not updated) we should
// reset all login/logout flags. // reset remember flag.
$this->loggedIn = false;
$this->loggedOut = false;
$this->remember = false; $this->remember = false;
} }
// Update the current operator parent::setOperator($operator);
$this->operator = $operator;
} }
/** /**
@ -211,10 +167,8 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/ */
public function loginOperator($operator, $remember) public function loginOperator($operator, $remember)
{ {
$this->loggedIn = true; parent::loginOperator($operator, $remember);
$this->remember = $remember; $this->remember = $remember;
$this->loggedOut = false;
$this->operator = $operator;
// Trigger login event // Trigger login event
$args = array( $args = array(
@ -232,12 +186,9 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/ */
public function logoutOperator() public function logoutOperator()
{ {
$this->loggedOut = true; parent::logoutOperator();
$this->loggedIn = false;
$this->remember = false; $this->remember = false;
$this->operator = null;
// Trigger logout event // Trigger logout event
$dispatcher = EventDispatcher::getInstance(); $dispatcher = EventDispatcher::getInstance();
$dispatcher->triggerEvent(Events::OPERATOR_LOGOUT); $dispatcher->triggerEvent(Events::OPERATOR_LOGOUT);

144
src/mibew/libs/classes/Mibew/Authentication/SessionAuthenticationManager.php Normal file
View File

@ -0,0 +1,144 @@
<?php
/*
* This file is a part of Mibew Messenger.
*
* Copyright 2005-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Mibew\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
/**
* Controls operator's authentication.
*
* This manager stores operator only within session and does not provide a way
* to remember him.
*/
class SessionAuthenticationManager implements AuthenticationManagerInterface
{
/**
* Indicates if the operator is logged in.
* @var boolean
*/
protected $loggedIn = false;
/**
* Indicates if the current operator is logged out.
* @var boolean
*/
protected $loggedOut = false;
/**
* The current operator.
* @var array|null
*/
protected $operator = null;
/**
* {@inheritdoc}
*/
public function setOperatorFromRequest(Request $request)
{
// Try to get operator from session.
if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
$this->operator = $_SESSION[SESSION_PREFIX . 'operator'];
return true;
}
// Operator's data cannot be extracted from the request.
return false;
}
/**
* {@inheritdoc}
*/
public function attachOperatorToResponse(Response $response)
{
if ($this->loggedOut) {
// An operator is logged out. Clean up session data.
unset($_SESSION[SESSION_PREFIX . 'operator']);
unset($_SESSION['backpath']);
} elseif ($this->loggedIn) {
// An operator is logged in. Update operator in the session.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
} elseif ($this->operator) {
// Update the current operator.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
}
}
/**
* {@inheritdoc}
*/
public function getOperator()
{
return $this->operator;
}
/**
* {@inheritdoc}
*/
public function setOperator($operator)
{
if ($this->isOperatorChanged($operator)) {
// If the current operator is changed (not updated) we should
// reset all login/logout flags.
$this->loggedIn = false;
$this->loggedOut = false;
}
// Update the current operator
$this->operator = $operator;
}
/**
* {@inheritdoc}
*/
public function loginOperator($operator, $remember)
{
$this->loggedIn = true;
$this->loggedOut = false;
$this->operator = $operator;
}
/**
* {@inheritdoc}
*/
public function logoutOperator()
{
$this->loggedOut = true;
$this->loggedIn = false;
$this->operator = null;
}
/**
* Checks if the operator changed.
*
* @param array $operator Operator's data.
* @return boolean
*/
protected function isOperatorChanged($operator)
{
// Check if the operator is the same but has been updated.
$same_operator = $operator
&& $this->operator
&& ($this->operator['operatorid'] == $operator['operatorid']);
return !$same_operator;
}
}