Fix password reset issues
This commit is contained in:
Deon George
@@ -20,17 +20,21 @@ class Auth_OSB extends Auth_ORM {
|
||||
* @param boolean If authentication should be done for this module:method (ie: controller:action).
|
||||
* @return boolean
|
||||
*/
|
||||
public function logged_in($role = NULL, $debug = NULL) {
|
||||
public function logged_in($role=NULL,$debug=NULL) {
|
||||
static $status = NULL;
|
||||
|
||||
if (! is_null($status))
|
||||
return $status;
|
||||
|
||||
$status = FALSE;
|
||||
|
||||
// Get the user from the session
|
||||
$user = $this->get_user(FALSE);
|
||||
$uo = $this->get_user();
|
||||
|
||||
// If we are not a valid user object, then we are not logged in
|
||||
if (is_object($user) AND $user instanceof Model_Account AND $user->loaded()) {
|
||||
|
||||
if (Config::sitemode() == Kohana::DEVELOPMENT && Kohana::$config->load('debug')->site)
|
||||
SystemMessage::add(array('title'=>'Debug','type'=>'debug','body'=>Kohana::debug(array('user'=>$user->username,'r'=>$role))));
|
||||
if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded()) {
|
||||
if (Config::sitemode() == Kohana::DEVELOPMENT)
|
||||
SystemMessage::add(array('title'=>'Debug','type'=>'debug','body'=>Debug::vars(array('user'=>$uo->username,'r'=>$role))));
|
||||
|
||||
if (! empty($role)) {
|
||||
// Get the module details
|
||||
@@ -67,7 +71,7 @@ class Auth_OSB extends Auth_ORM {
|
||||
$roles .= ($roles ? '|' : '').$gm->group->name;
|
||||
|
||||
// $gm->group->id == 0 means all users.
|
||||
if ($gm->group->id == 0 OR $user->has_any('group',$gm->group->list_childgrps(TRUE))) {
|
||||
if ($gm->group->id == 0 OR $uo->has_any('group',$gm->group->list_childgrps(TRUE))) {
|
||||
$status = TRUE;
|
||||
$roles = '';
|
||||
|
||||
@@ -80,7 +84,7 @@ class Auth_OSB extends Auth_ORM {
|
||||
SystemMessage::add(array(
|
||||
'title'=>'User is not authorised in Database',
|
||||
'type'=>'debug',
|
||||
'body'=>sprintf('Role(s) checked: %s<br/>User: %s</br>Module: %s<br/>Method: %s',$roles,$user->username,$mo->name,$mmo->name),
|
||||
'body'=>sprintf('Role(s) checked: %s<br/>User: %s</br>Module: %s<br/>Method: %s',$roles,$uo->username,$mo->name,$mmo->name),
|
||||
));
|
||||
}
|
||||
}
|
||||
@@ -90,8 +94,8 @@ class Auth_OSB extends Auth_ORM {
|
||||
SystemMessage::add(array(
|
||||
'title'=>'Debug',
|
||||
'type'=>'debug',
|
||||
'body'=>sprintf('A-User: <b>%s</b>, Module: <b>%s</b>, Method: <b>%s</b>, Role: <b>%s</b>, Status: <b>%s</b>, Data: <b>%s</b>',
|
||||
$user->username,Request::current()->controller(),Request::current()->action(),$role,$status,$debug)));
|
||||
'body'=>sprintf('User: <b>%s</b>, Module: <b>%s</b>, Method: <b>%s</b>, Role: <b>%s</b>, Status: <b>%s</b>, Data: <b>%s</b>',
|
||||
$uo->username,Request::current()->controller(),Request::current()->action(),$role,$status,$debug)));
|
||||
|
||||
// There is no role, so the method should be allowed to run as anonymous
|
||||
} else {
|
||||
@@ -99,15 +103,15 @@ class Auth_OSB extends Auth_ORM {
|
||||
SystemMessage::add(array(
|
||||
'title'=>'Debug',
|
||||
'type'=>'debug',
|
||||
'body'=>sprintf('B-User: <b>%s</b>, Module: <b>%s</b>, Method: <b>%s</b>, Status: <b>%s</b>, Data: <b>%s</b>',
|
||||
$user->username,Request::current()->controller(),Request::current()->action(),'No Role Default Access',$debug)));
|
||||
'body'=>sprintf('User: <b>%s</b>, Module: <b>%s</b>, Method: <b>%s</b>, Status: <b>%s</b>, Data: <b>%s</b>',
|
||||
$uo->username,Request::current()->controller(),Request::current()->action(),'No Role Default Access',$debug)));
|
||||
|
||||
$status = TRUE;
|
||||
}
|
||||
|
||||
// Check and see if we have a token to login and run the method
|
||||
} elseif ((! empty($_REQUEST['token']) AND $token = $_REQUEST['token']) OR $token=Session::instance()->get('token')) {
|
||||
if ($user=$this->_get_token_user($token) AND $user !== FALSE)
|
||||
if (! is_null($this->_get_token_user($token)))
|
||||
$status = TRUE;
|
||||
|
||||
} else {
|
||||
@@ -120,19 +124,19 @@ class Auth_OSB extends Auth_ORM {
|
||||
|
||||
/**
|
||||
* Gets the currently logged in user from the session.
|
||||
* Returns FALSE if no user is currently logged in.
|
||||
* Returns NULL if no user is currently logged in.
|
||||
*
|
||||
* @param boolean Check token users too
|
||||
* @return mixed
|
||||
*/
|
||||
public function get_user($tokenuser=TRUE) {
|
||||
$user = parent::get_user();
|
||||
public function get_user($default=NULL,$tokenuser=TRUE) {
|
||||
$uo = parent::get_user($default);
|
||||
|
||||
// If we are not logged in, see if there is token for the user
|
||||
if ($tokenuser AND $user === NULL AND $token=Session::instance()->get('token'))
|
||||
$user = $this->_get_token_user($token);
|
||||
if (is_null($uo) AND $tokenuser AND $token=Session::instance()->get('token'))
|
||||
$uo = $this->_get_token_user($token);
|
||||
|
||||
return $user;
|
||||
return $uo;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -141,17 +145,16 @@ class Auth_OSB extends Auth_ORM {
|
||||
* This will check that the token is valid (not expired and for the request)
|
||||
*
|
||||
* @param $token The token
|
||||
* @return mixed The user
|
||||
* @return Model_Account|NULL The user that the token is valid for.
|
||||
*/
|
||||
private function _get_token_user($token) {
|
||||
// This has been implemented, as we sometimes we seem to come here twice
|
||||
static $user = NULL;
|
||||
static $uo = NULL;
|
||||
|
||||
if (! is_null($user))
|
||||
return $user;
|
||||
if (! is_null($uo))
|
||||
return $uo;
|
||||
|
||||
$mmto = ORM::factory('Module_Method_Token',array('token'=>$token));
|
||||
$user = FALSE;
|
||||
|
||||
// Ignore the token if it doesnt exist.
|
||||
if ($mmto->loaded()) {
|
||||
@@ -195,13 +198,13 @@ class Auth_OSB extends Auth_ORM {
|
||||
|
||||
Session::instance()->set('token',$token);
|
||||
|
||||
$user = ORM::factory('Account',$mmto->account_id);
|
||||
$user->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->name(),Request::current()->param('id')));
|
||||
$uo = ORM::factory('Account',$mmto->account_id);
|
||||
$uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->name(),Request::current()->param('id')));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $user;
|
||||
return $uo;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -212,28 +215,28 @@ class Auth_OSB extends Auth_ORM {
|
||||
* @param boolean enable autologin
|
||||
* @return boolean
|
||||
*/
|
||||
protected function _login($user, $password, $remember)
|
||||
{
|
||||
if ( ! is_object($user))
|
||||
{
|
||||
protected function _login($user,$password,$remember) {
|
||||
if (! is_object($user)) {
|
||||
$username = $user;
|
||||
|
||||
// Load the user
|
||||
$user = ORM::factory('Account');
|
||||
$user->where('username','=',$username)->find();
|
||||
|
||||
// If no user loaded, return
|
||||
if (! $user->loaded())
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// Create a hashed password
|
||||
if (is_string($password))
|
||||
{
|
||||
// Create a hashed password
|
||||
$password = $this->hash($password);
|
||||
}
|
||||
|
||||
// If the passwords match, perform a login
|
||||
if ($user->status AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND $user->password === $password)
|
||||
{
|
||||
if ($remember === TRUE)
|
||||
{
|
||||
if ($user->status AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND $user->password === $password) {
|
||||
|
||||
// @todo This is not currently used.
|
||||
if ($remember === TRUE) {
|
||||
// Create a new autologin token
|
||||
$token = ORM::factory('User_Token');
|
||||
|
||||
@@ -272,7 +275,6 @@ class Auth_OSB extends Auth_ORM {
|
||||
* Determine if a user is authorised to view an account
|
||||
*
|
||||
* @param Model_Account Account Ojbect to validate if the current user has access
|
||||
*
|
||||
* @return boolean TRUE if authorised, FALSE if not.
|
||||
*/
|
||||
public function authorised(Model_Account $ao) {
|
||||
|
||||
Reference in New Issue
Block a user