File indexing completed on 2024-12-22 05:33:40 

0001 <?php
0002 
0003 /**
0004  *  ocs-webserver
0005  *
0006  *  Copyright 2016 by pling GmbH.
0007  *
0008  *    This file is part of ocs-webserver.
0009  *
0010  *    This program is free software: you can redistribute it and/or modify
0011  *    it under the terms of the GNU Affero General Public License as
0012  *    published by the Free Software Foundation, either version 3 of the
0013  *    License, or (at your option) any later version.
0014  *
0015  *    This program is distributed in the hope that it will be useful,
0016  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
0017  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0018  *    GNU Affero General Public License for more details.
0019  *
0020  *    You should have received a copy of the GNU Affero General Public License
0021  *    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0022  *
0023  *    Created: 21.10.2016
0024  **/
0025 class Default_Plugin_RememberMe extends Zend_Controller_Plugin_Abstract
0026 {
0027 
0028     /** @var Zend_Auth */
0029     protected $_auth;
0030 
0031     public function __construct($auth)
0032     {
0033         $this->_auth = $auth;
0034     }
0035 
0036     /**
0037      * @inheritDoc
0038      *
0039      * @param Zend_Controller_Request_Abstract $request
0040      *
0041      * @throws Zend_Auth_Storage_Exception
0042      * @throws Zend_Exception
0043      * @throws Zend_Session_Exception
0044      */
0045     public function preDispatch(Zend_Controller_Request_Abstract $request)
0046     {
0047         // at this point the zend framework has already tested the session cookie and we should have an auth object.
0048         if ($this->_auth->hasIdentity()) {
0049             return;
0050         }
0051 
0052         // on login page we don't need a remember me check
0053         if ($request->getActionName() == 'login') {
0054             return;
0055         }
0056 
0057         //Check if rememberMe login cookie exists and authenticate user
0058         $modelRememberMe = new Default_Model_RememberMe();
0059         if (true === $modelRememberMe->hasValidCookie()) {
0060             $cookieData = $modelRememberMe->getCookieData();
0061             $authModel = new Default_Model_Authorization();
0062             $authResult = $authModel->authenticateUser($cookieData['member_id'], $cookieData['remember_me_id'], true,
0063                 Default_Model_Authorization::LOGIN_REMEMBER_ME);
0064             if (false === $authResult->isValid()) {
0065                 $modelRememberMe->deleteCookie();
0066                 Zend_Registry::get('logger')->warn(__METHOD__ . ' - "Remember Me" failed: Can not authenticate user ('
0067                     . $cookieData['member_id'] . ',' . $cookieData['remember_me_id'] . ')' . implode('; ', $authResult->getMessages()))
0068                 ;
0069             }
0070         }
0071     }
0072 
0073 }