Mibew/mibew
1
0
Fork 0
mirror of https://github.com/Mibew/mibew.git synced 2025-03-04 02:48:32 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extract SessionAuthenticationManager

Browse Source
This commit is contained in:
Dmitriy Simushev 2014-11-13 11:19:53 +00:00
parent 47851c9ed2
commit a43d46f5f5
2 changed files with 155 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php
View File

@ -28,33 +28,17 @@ use Symfony\Component\HttpFoundation\Response;
/**
* Controls operator's authentication.
*
* This is the base authentication manager for the system.
*/
class AuthenticationManager implements AuthenticationManagerInterface, CookieFactoryAwareInterface
class AuthenticationManager extends SessionAuthenticationManager implements CookieFactoryAwareInterface
{
/**
* Indicates if the operator is logged in.
* @var boolean
*/
protected $loggedIn = false;
/**
* Indicates if the operator should be remembered after login.
* @var boolean
*/
protected $remember = false;
/**
* Indicates if the current operator is logged out.
* @var boolean
*/
protected $loggedOut = false;
/**
* The current operator.
* @var array|null
*/
protected $operator = null;
/**
* @var CookieFactory|null
*/
@ -89,9 +73,7 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
public function setOperatorFromRequest(Request $request)
{
// Try to get operator from session.
if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
$this->operator = $_SESSION[SESSION_PREFIX . 'operator'];
if (parent::setOperatorFromRequest($request)) {
return true;
}
@ -106,8 +88,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
&& calculate_password_hash($op['vclogin'], $op['vcpassword']) == $pwd
&& !operator_is_disabled($op);
if ($can_login) {
// Cache operator in the session data
$_SESSION[SESSION_PREFIX . 'operator'] = $op;
$this->operator = $op;
return true;
@ -123,8 +103,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$dispatcher->triggerEvent(Events::OPERATOR_AUTHENTICATE, $args);
if (!empty($args['operator'])) {
// Cache operator in the session
$_SESSION[SESSION_PREFIX . 'operator'] = $args['operator'];
$this->operator = $args['operator'];
return true;
@ -139,11 +117,9 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/
public function attachOperatorToResponse(Response $response)
{
if ($this->loggedOut) {
// An operator is logged out. Clean up session data.
unset($_SESSION[SESSION_PREFIX . 'operator']);
unset($_SESSION['backpath']);
parent::attachOperatorToResponse($response);
if ($this->loggedOut) {
// Clear remember cookie.
$cookie_factory = $this->getCookieFactory();
$response->headers->clearCookie(
@ -152,9 +128,6 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$cookie_factory->getDomain()
);
} elseif ($this->loggedIn) {
// An operator is logged in. Update operator in the session.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
// Set remember me cookie if needed
if ($this->remember) {
$password_hash = calculate_password_hash(
@ -170,38 +143,21 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
$response->headers->setCookie($remember_cookie);
}
} elseif ($this->operator) {
// Update the current operator.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
}
}
/**
* {@inheritdoc}
*/
public function getOperator()
{
return $this->operator;
}
/**
* {@inheritdoc}
*/
public function setOperator($operator)
{
$operator_updated = $operator
&& $this->operator
&& ($this->operator['operatorid'] == $operator['operatorid']);
if (!$operator_updated) {
if ($this->isOperatorChanged($operator)) {
// If the current operator is changed (not updated) we should
// reset all login/logout flags.
$this->loggedIn = false;
$this->loggedOut = false;
// reset remember flag.
$this->remember = false;
}
// Update the current operator
$this->operator = $operator;
parent::setOperator($operator);
}
/**
@ -211,10 +167,8 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/
public function loginOperator($operator, $remember)
{
$this->loggedIn = true;
parent::loginOperator($operator, $remember);
$this->remember = $remember;
$this->loggedOut = false;
$this->operator = $operator;
// Trigger login event
$args = array(
@ -232,12 +186,9 @@ class AuthenticationManager implements AuthenticationManagerInterface, CookieFac
*/
public function logoutOperator()
{
$this->loggedOut = true;
$this->loggedIn = false;
parent::logoutOperator();
$this->remember = false;
$this->operator = null;
// Trigger logout event
$dispatcher = EventDispatcher::getInstance();
$dispatcher->triggerEvent(Events::OPERATOR_LOGOUT);

144
src/mibew/libs/classes/Mibew/Authentication/SessionAuthenticationManager.php Normal file
View File

@ -0,0 +1,144 @@
<?php
/*
* This file is a part of Mibew Messenger.
*
* Copyright 2005-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Mibew\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
/**
* Controls operator's authentication.
*
* This manager stores operator only within session and does not provide a way
* to remember him.
*/
class SessionAuthenticationManager implements AuthenticationManagerInterface
{
/**
* Indicates if the operator is logged in.
* @var boolean
*/
protected $loggedIn = false;
/**
* Indicates if the current operator is logged out.
* @var boolean
*/
protected $loggedOut = false;
/**
* The current operator.
* @var array|null
*/
protected $operator = null;
/**
* {@inheritdoc}
*/
public function setOperatorFromRequest(Request $request)
{
// Try to get operator from session.
if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
$this->operator = $_SESSION[SESSION_PREFIX . 'operator'];
return true;
}
// Operator's data cannot be extracted from the request.
return false;
}
/**
* {@inheritdoc}
*/
public function attachOperatorToResponse(Response $response)
{
if ($this->loggedOut) {
// An operator is logged out. Clean up session data.
unset($_SESSION[SESSION_PREFIX . 'operator']);
unset($_SESSION['backpath']);
} elseif ($this->loggedIn) {
// An operator is logged in. Update operator in the session.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
} elseif ($this->operator) {
// Update the current operator.
$_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
}
}
/**
* {@inheritdoc}
*/
public function getOperator()
{
return $this->operator;
}
/**
* {@inheritdoc}
*/
public function setOperator($operator)
{
if ($this->isOperatorChanged($operator)) {
// If the current operator is changed (not updated) we should
// reset all login/logout flags.
$this->loggedIn = false;
$this->loggedOut = false;
}
// Update the current operator
$this->operator = $operator;
}
/**
* {@inheritdoc}
*/
public function loginOperator($operator, $remember)
{
$this->loggedIn = true;
$this->loggedOut = false;
$this->operator = $operator;
}
/**
* {@inheritdoc}
*/
public function logoutOperator()
{
$this->loggedOut = true;
$this->loggedIn = false;
$this->operator = null;
}
/**
* Checks if the operator changed.
*
* @param array $operator Operator's data.
* @return boolean
*/
protected function isOperatorChanged($operator)
{
// Check if the operator is the same but has been updated.
$same_operator = $operator
&& $this->operator
&& ($this->operator['operatorid'] == $operator['operatorid']);
return !$same_operator;
}
}