Updates from lnApp
This commit is contained in:
Deon George
209
application/classes/controller/lnapp/login.php
Normal file
209
application/classes/controller/lnapp/login.php
Normal file
@@ -0,0 +1,209 @@
|
||||
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||
|
||||
/**
|
||||
* This class provides login capability
|
||||
*
|
||||
* @package lnApp
|
||||
* @subpackage Page/Login
|
||||
* @category Controllers
|
||||
* @author Deon George
|
||||
* @copyright (c) 2010 Deon George
|
||||
* @license http://dev.leenooks.net/license.html
|
||||
* @also [logout]
|
||||
*/
|
||||
class Controller_lnApp_Login extends Controller_TemplateDefault {
|
||||
public function action_index() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// If there is a post and $_POST is not empty
|
||||
if ($_POST) {
|
||||
// Instantiate a new user
|
||||
$user = ORM::factory('account');
|
||||
|
||||
// Check Auth
|
||||
$status = $user->login($_POST);
|
||||
|
||||
// If the post data validates using the rules setup in the user model
|
||||
if ($status) {
|
||||
// Redirect to the user account
|
||||
if ($redir = Session::instance()->get('afterlogin')) {
|
||||
Session::instance()->delete('afterlogin');
|
||||
Request::instance()->redirect($redir);
|
||||
|
||||
} else
|
||||
Request::instance()->redirect('welcome/index');
|
||||
|
||||
} else {
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Invalid username or password'),
|
||||
'type'=>'error',
|
||||
'body'=>_('The username or password was invalid.')
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
Block::add(array(
|
||||
'title'=>_('Login to server'),
|
||||
'body'=>View::factory('login'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
|
||||
$this->template->control = HTML::anchor($this->request->uri(),'Login',array('id'=>'ajxbody'));
|
||||
$this->template->content = Block::factory();
|
||||
|
||||
Script::add(array('type'=>'stdin','data'=>'
|
||||
$(document).ready(function() {
|
||||
$("#ajxbody").click(function() {$("#ajBODY").load("'.$this->request->uri().'/"); return false;});
|
||||
});'
|
||||
));
|
||||
}
|
||||
|
||||
public function action_register() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// Instantiate a new user
|
||||
$account = ORM::factory('account');
|
||||
|
||||
// If there is a post and $_POST is not empty
|
||||
if ($_POST) {
|
||||
// Check Auth
|
||||
$status = $account->values($_POST)->check();
|
||||
|
||||
if (! $status) {
|
||||
foreach ($account->validate()->errors() as $f=>$r) {
|
||||
// $r[0] has our reason for validation failure
|
||||
switch ($r[0]) {
|
||||
// Generic validation reason
|
||||
default:
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Validation failed'),
|
||||
'type'=>'error',
|
||||
'body'=>sprintf(_('The defaults on your submission were not valid for field %s (%s).'),$f,$r[0])
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$ido = ORM::factory('module')
|
||||
->where('name','=','account')
|
||||
->find();
|
||||
|
||||
$account->id = $ido->record_id->next_id($ido->id);
|
||||
// Save the user details
|
||||
if ($account->save()) {}
|
||||
|
||||
}
|
||||
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Already have an account?'),
|
||||
'type'=>'info',
|
||||
'body'=>_('If you already have an account, please login..')
|
||||
));
|
||||
|
||||
Block::add(array(
|
||||
'title'=>_('Register'),
|
||||
'body'=>View::factory('bregister')
|
||||
->set('account',$account)
|
||||
->set('errors',$account->validate()->errors()),
|
||||
'style'=>array('css/bregister.css'=>'screen'),
|
||||
));
|
||||
|
||||
$this->template->control = HTML::anchor($this->request->uri(),'Register',array('id'=>'ajxbody'));
|
||||
$this->template->content = Block::factory();
|
||||
$this->template->left = HTML::anchor('login','Login').'...';
|
||||
}
|
||||
|
||||
/**
|
||||
* Enable user password reset
|
||||
*/
|
||||
public function action_reset() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// If the user posted their details to reset their password
|
||||
if ($_POST) {
|
||||
// If the email address is correct, create a method token
|
||||
if (! empty($_POST['email']) AND ($ao=ORM::factory('account',array('email'=>$_POST['email']))) AND $ao->loaded()) {
|
||||
$mt = ORM::factory('module_method_token');
|
||||
|
||||
// Find out our password reset method id
|
||||
// @todo move this to a more generic method, so that it can be called by other methods
|
||||
$mo = ORM::factory('module',array('name'=>'account'));
|
||||
$mmo = ORM::factory('module_method',array('name'=>'user_resetpassword','module_id'=>$mo->id));
|
||||
|
||||
// Check to see if there is already a token, if so, do nothing.
|
||||
if ($mt->where('account_id','=',$ao->id)->and_where('method_id','=',$mmo->id)->find()) {
|
||||
if ($mt->date_expire < time()) {
|
||||
$mt->delete();
|
||||
$mt->clear();
|
||||
}
|
||||
}
|
||||
|
||||
if (! $mt->loaded()) {
|
||||
$mt->account_id = $ao->id;
|
||||
$mt->method_id = $mmo->id;
|
||||
$mt->date_expire = time() + 15*3600;
|
||||
$mt->token = md5(sprintf('%s:%s:%s',$mt->account_id,$mt->method_id,$mt->date_expire));
|
||||
$mt->save();
|
||||
|
||||
// Send our email with the token
|
||||
$et = EmailTemplate::instance('account_reset_password');
|
||||
$et->to = array($mt->account->email=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name));
|
||||
$et->variables = array(
|
||||
'SITE'=>URL::base(TRUE,TRUE),
|
||||
'SITE_ADMIN'=>Config::sitename(),
|
||||
'SITE_NAME'=>Config::sitename(),
|
||||
'TOKEN'=>$mt->token,
|
||||
'USER_NAME'=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name),
|
||||
);
|
||||
$et->send();
|
||||
}
|
||||
|
||||
// Redirect to our password reset, the Auth will validate the token.
|
||||
} elseif (! empty($_REQUEST['token'])) {
|
||||
Request::instance()->redirect(sprintf('user/account/resetpassword?token=%s',$_REQUEST['token']));
|
||||
}
|
||||
|
||||
// Show our token screen even if the email was invalid.
|
||||
if (isset($_POST['email']))
|
||||
Block::add(array(
|
||||
'title'=>_('Reset your password'),
|
||||
'body'=>View::factory('login_reset_sent'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
else
|
||||
Request::instance()->redirect('login');
|
||||
|
||||
} else {
|
||||
Block::add(array(
|
||||
'title'=>_('Reset your password'),
|
||||
'body'=>View::factory('login_reset'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
}
|
||||
|
||||
$this->template->content = Block::factory();
|
||||
}
|
||||
|
||||
public function action_noaccess() {
|
||||
$this->template->content = ' ';
|
||||
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('No access to requested resource'),
|
||||
'type'=>'error',
|
||||
'body'=>_('You do not have access to the requested resource, please contact your administrator.')
|
||||
));
|
||||
}
|
||||
}
|
||||
?>
|
||||
@@ -61,9 +61,9 @@ abstract class Controller_lnApp_TemplateDefault extends Controller_Template {
|
||||
if (! Kohana::Config('config.method_security'))
|
||||
return FALSE;
|
||||
|
||||
return (($this->auth_required !== FALSE && Auth::instance()->logged_in() === FALSE) ||
|
||||
return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
|
||||
(is_array($this->secure_actions) && array_key_exists($this->request->action,$this->secure_actions) &&
|
||||
Auth::instance()->logged_in($this->secure_actions[$this->request->action]) === FALSE));
|
||||
Auth::instance()->logged_in($this->secure_actions[$this->request->action],get_class($this).'|'.__METHOD__) === FALSE));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -86,9 +86,10 @@ $(function () {
|
||||
* @param id
|
||||
*/
|
||||
public function action_json($id=null) {
|
||||
#if (! Auth::instance()->logged_in()) {
|
||||
if ($this->_auth_required()) {
|
||||
$this->treedata = array('attr'=>array('id'=>'a_login'),
|
||||
'data'=>array('title'=>_('Please Login').'...','attr'=>array('id'=>'login','href'=>URL::site('/login'))));
|
||||
'data'=>array('title'=>_('Please Login').'...','attr'=>array('id'=>'N_login','href'=>URL::site('/login'))));
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -1,209 +1,4 @@
|
||||
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||
|
||||
/**
|
||||
* This class provides login capability
|
||||
*
|
||||
* @package lnApp
|
||||
* @subpackage Page/Login
|
||||
* @category Controllers
|
||||
* @author Deon George
|
||||
* @copyright (c) 2010 Deon George
|
||||
* @license http://dev.leenooks.net/license.html
|
||||
* @also [logout]
|
||||
*/
|
||||
class Controller_Login extends Controller_TemplateDefault {
|
||||
public function action_index() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// If there is a post and $_POST is not empty
|
||||
if ($_POST) {
|
||||
// Instantiate a new user
|
||||
$user = ORM::factory('account');
|
||||
|
||||
// Check Auth
|
||||
$status = $user->login($_POST);
|
||||
|
||||
// If the post data validates using the rules setup in the user model
|
||||
if ($status) {
|
||||
// Redirect to the user account
|
||||
if ($redir = Session::instance()->get('afterlogin')) {
|
||||
Session::instance()->delete('afterlogin');
|
||||
Request::instance()->redirect($redir);
|
||||
|
||||
} else
|
||||
Request::instance()->redirect('welcome/index');
|
||||
|
||||
} else {
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Invalid username or password'),
|
||||
'type'=>'error',
|
||||
'body'=>_('The username or password was invalid.')
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
Block::add(array(
|
||||
'title'=>_('Login to server'),
|
||||
'body'=>View::factory('login'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
|
||||
$this->template->control = HTML::anchor($this->request->uri(),'Login',array('id'=>'ajxbody'));
|
||||
$this->template->content = Block::factory();
|
||||
|
||||
Script::add(array('type'=>'stdin','data'=>'
|
||||
$(document).ready(function() {
|
||||
$("#ajxbody").click(function() {$("#ajBODY").load("'.$this->request->uri().'/"); return false;});
|
||||
});'
|
||||
));
|
||||
}
|
||||
|
||||
public function action_register() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// Instantiate a new user
|
||||
$account = ORM::factory('account');
|
||||
|
||||
// If there is a post and $_POST is not empty
|
||||
if ($_POST) {
|
||||
// Check Auth
|
||||
$status = $account->values($_POST)->check();
|
||||
|
||||
if (! $status) {
|
||||
foreach ($account->validate()->errors() as $f=>$r) {
|
||||
// $r[0] has our reason for validation failure
|
||||
switch ($r[0]) {
|
||||
// Generic validation reason
|
||||
default:
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Validation failed'),
|
||||
'type'=>'error',
|
||||
'body'=>sprintf(_('The defaults on your submission were not valid for field %s (%s).'),$f,$r[0])
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$ido = ORM::factory('module')
|
||||
->where('name','=','account')
|
||||
->find();
|
||||
|
||||
$account->id = $ido->record_id->next_id($ido->id);
|
||||
// Save the user details
|
||||
if ($account->save()) {}
|
||||
|
||||
}
|
||||
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('Already have an account?'),
|
||||
'type'=>'info',
|
||||
'body'=>_('If you already have an account, please login..')
|
||||
));
|
||||
|
||||
Block::add(array(
|
||||
'title'=>_('Register'),
|
||||
'body'=>View::factory('bregister')
|
||||
->set('account',$account)
|
||||
->set('errors',$account->validate()->errors()),
|
||||
'style'=>array('css/bregister.css'=>'screen'),
|
||||
));
|
||||
|
||||
$this->template->control = HTML::anchor($this->request->uri(),'Register',array('id'=>'ajxbody'));
|
||||
$this->template->content = Block::factory();
|
||||
$this->template->left = HTML::anchor('login','Login').'...';
|
||||
}
|
||||
|
||||
/**
|
||||
* Enable user password reset
|
||||
*/
|
||||
public function action_reset() {
|
||||
// If user already signed-in
|
||||
if (Auth::instance()->logged_in()!= 0) {
|
||||
// Redirect to the user account
|
||||
Request::instance()->redirect('welcome/index');
|
||||
}
|
||||
|
||||
// If the user posted their details to reset their password
|
||||
if ($_POST) {
|
||||
// If the email address is correct, create a method token
|
||||
if (! empty($_POST['email']) AND ($ao=ORM::factory('account',array('email'=>$_POST['email']))) AND $ao->loaded()) {
|
||||
$mt = ORM::factory('module_method_token');
|
||||
|
||||
// Find out our password reset method id
|
||||
// @todo move this to a more generic method, so that it can be called by other methods
|
||||
$mo = ORM::factory('module',array('name'=>'account'));
|
||||
$mmo = ORM::factory('module_method',array('name'=>'user_resetpassword','module_id'=>$mo->id));
|
||||
|
||||
// Check to see if there is already a token, if so, do nothing.
|
||||
if ($mt->where('account_id','=',$ao->id)->and_where('method_id','=',$mmo->id)->find()) {
|
||||
if ($mt->date_expire < time()) {
|
||||
$mt->delete();
|
||||
$mt->clear();
|
||||
}
|
||||
}
|
||||
|
||||
if (! $mt->loaded()) {
|
||||
$mt->account_id = $ao->id;
|
||||
$mt->method_id = $mmo->id;
|
||||
$mt->date_expire = time() + 15*3600;
|
||||
$mt->token = md5(sprintf('%s:%s:%s',$mt->account_id,$mt->method_id,$mt->date_expire));
|
||||
$mt->save();
|
||||
|
||||
// Send our email with the token
|
||||
$et = EmailTemplate::instance('account_reset_password');
|
||||
$et->to = array($mt->account->email=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name));
|
||||
$et->variables = array(
|
||||
'SITE'=>URL::base(TRUE,TRUE),
|
||||
'SITE_ADMIN'=>Config::sitename(),
|
||||
'SITE_NAME'=>Config::sitename(),
|
||||
'TOKEN'=>$mt->token,
|
||||
'USER_NAME'=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name),
|
||||
);
|
||||
$et->send();
|
||||
}
|
||||
|
||||
// Redirect to our password reset, the Auth will validate the token.
|
||||
} elseif (! empty($_REQUEST['token'])) {
|
||||
Request::instance()->redirect(sprintf('user/account/resetpassword?token=%s',$_REQUEST['token']));
|
||||
}
|
||||
|
||||
// Show our token screen even if the email was invalid.
|
||||
if (isset($_POST['email']))
|
||||
Block::add(array(
|
||||
'title'=>_('Reset your password'),
|
||||
'body'=>View::factory('login_reset_sent'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
else
|
||||
Request::instance()->redirect('login');
|
||||
|
||||
} else {
|
||||
Block::add(array(
|
||||
'title'=>_('Reset your password'),
|
||||
'body'=>View::factory('login_reset'),
|
||||
'style'=>array('css/login.css'=>'screen'),
|
||||
));
|
||||
}
|
||||
|
||||
$this->template->content = Block::factory();
|
||||
}
|
||||
|
||||
public function action_noaccess() {
|
||||
$this->template->content = ' ';
|
||||
|
||||
SystemMessage::add(array(
|
||||
'title'=>_('No access to requested resource'),
|
||||
'type'=>'error',
|
||||
'body'=>_('You do not have access to the requested resource, please contact your administrator.')
|
||||
));
|
||||
}
|
||||
}
|
||||
class Controller_Login extends Controller_lnApp_Login {}
|
||||
?>
|
||||
|
||||
@@ -11,26 +11,6 @@
|
||||
* @license http://dev.leenooks.net/license.html
|
||||
*/
|
||||
class Controller_TemplateDefault extends Controller_lnApp_TemplateDefault {
|
||||
/**
|
||||
* Check and see if this controller needs authentication
|
||||
*
|
||||
* if $this->auth_required is TRUE, then the user must be logged in only.
|
||||
* if $this->auth_required is FALSE, AND $this->secure_actions has an array of
|
||||
* methods set to TRUE, then the user must be logged in AND a member of the
|
||||
* role.
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
protected function _auth_required() {
|
||||
// If our global configurable is disabled, then continue
|
||||
if (! Kohana::Config('config.method_security'))
|
||||
return FALSE;
|
||||
|
||||
return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
|
||||
(is_array($this->secure_actions) && array_key_exists($this->request->action,$this->secure_actions) &&
|
||||
Auth::instance()->logged_in($this->secure_actions[$this->request->action],get_class($this).'|'.__METHOD__) === FALSE));
|
||||
}
|
||||
|
||||
protected function _left() {
|
||||
if ($this->template->left)
|
||||
return $this->template->left;
|
||||
|
||||
@@ -24,7 +24,7 @@ class Controller_Tree extends Controller_lnApp_Tree {
|
||||
public function action_json($id=null) {
|
||||
if ($this->_auth_required()) {
|
||||
$this->treedata = array('attr'=>array('id'=>'a_login'),
|
||||
'data'=>array('title'=>_('Please Login').'...','attr'=>array('id'=>'N_login','href'=>URL::site('login'))));
|
||||
'data'=>array('title'=>_('Please Login').'...','attr'=>array('id'=>'N_login','href'=>URL::site('/login'))));
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -12,8 +12,7 @@
|
||||
*/
|
||||
class Controller_Welcome extends Controller_TemplateDefault {
|
||||
public function action_index() {
|
||||
$block = new block;
|
||||
$block->add(array(
|
||||
Block::add(array(
|
||||
'title'=>'Welcome to lnApp (public)!',
|
||||
'subtitle'=>'Using lnApp',
|
||||
'body'=>'Sample lnApp application',
|
||||
@@ -33,7 +32,7 @@ class Controller_Welcome extends Controller_TemplateDefault {
|
||||
));
|
||||
}
|
||||
|
||||
$this->template->content = $block;
|
||||
$this->template->content = Block::factory();
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user