PageRenderTime 31ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/Controller/UsersController.php

http://github.com/rsmartin/NiceAuth
PHP | 204 lines | 176 code | 13 blank | 15 comment | 38 complexity | 7206e1933593411fce6e5a7a24edb1ad MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * User Controller for NiceAuth Plugin
    5. 

  5.  *
    6. 

  6.  * NiceAuth : User Authentication and Authorization Plugin for CakePHP
    7. 

  7.  * Copyright 2011, R.S.Martin (http://rsmartin.me)
    8. 

  8.  *
    9. 

  9.  * Licensed under The MIT License
    10. 

  10.  * Redistributions of files must retain the above copyright notice.
    11. 

  11.  *
    12. 

  12.  * @author RSMartin
    13. 

  13.  * @copyright Copyright (c) 2011, RSMartin (http://rsmartin.me)
    14. 

  14.  * @license http://www.opensource.org/licenses/mit-license.php MIT
    15. 

  15.  */
    16. 

  16. 

  17. App::uses('NiceAuthAppController', 'NiceAuth.Controller');
    18. 

  18. App::uses('Controller', 'Controller');
    19. 

  19. App::uses('ComponentCollection', 'Controller');
    20. 

  20. App::uses('AclComponent', 'Controller/Component');
    21. 

  21. App::uses('DbAcl', 'Model');
    22. 

  22. App::uses('CakeEmail', 'Network/Email');
    23. 

  23. App::import('NiceAuth.Vendor', 'Lightopenid');
    24. 

  24. App::import('NiceAuth.Vendor', 'recaptchalib');
    25. 

  25. 

  26. class UsersController extends NiceAuthAppController {
    27. 

  27. 	public $name = "Users";
    28. 

  28. 	public $uses = array("Aro", "NiceAuth.Group", "NiceAuth.User");
    29. 

  29. 	public $components = array(
    30. 

  30. 		'Auth' => array(
    31. 

  31. 			'authenticate' => array(
    32. 

  32. 				'Form',
    33. 

  33. 				'NiceAuth.Openid'
    34. 

  34. 				)
    35. 

  35. 			),
    36. 

  36. 		'Acl'
    37. 

  37. 		);
    38. 

  38. 	
    39. 

  39. 	public function index() {
    40. 

  40. 		if ($this->Auth->user('id')) {
    41. 

  41. 			$user = $this->User->findById($this->Auth->user());
    42. 

  42. 			$this->set('user', $user);
    43. 

  43. 			if ($this->request->is('post')) {
    44. 

  44. 				$req = $this->request->data;
    45. 

  45. 				if ($user['User']['password'] == AuthComponent::password($req['User']['old_password'])) {
    46. 

  46. 					if ($req['User']['password'] == $req['User']['password_verify']) {
    47. 

  47. 						$user['User']['password'] = $req['User']['password'];
    48. 

  48. 		        		if($this->User->save($user)) {
    49. 

  49. 		        			$this->Session->setFlash('New Password Saved!');
    50. 

  50. 		        			}
    51. 

  51. 		        		else {
    52. 

  52. 		        			$this->Session->setFlash('The new passwords didn\'t match.');
    53. 

  53. 		        			}
    54. 

  54. 						}
    55. 

  55. 					else {
    56. 

  56. 						$this->Session->setFlash('The new passwords didn\'t match.');
    57. 

  57. 						}
    58. 

  58. 					}
    59. 

  59. 				else {
    60. 

  60. 					$this->Session->setFlash('The old password you entered was incorrect');
    61. 

  61. 					}
    62. 

  62. 				}
    63. 

  63. 			}
    64. 

  64. 		else {
    65. 

  65. 			$this->redirect('/login');
    66. 

  66. 			}
    67. 

  67. 		}
    68. 

  68. 	
    69. 

  69. 	public function beforeFilter() {
    70. 

  70. 		parent::beforeFilter();
    71. 

  71. 		$this->Auth->userModel = 'User';
    72. 

  72. 		$this->Auth->allow('*');
    73. 

  73. 		//Custom Layout for User Controller
    74. 

  74. 		$this->layout = 'user';
    75. 

  75. 		}
    76. 

  76. 

  77. 	private function fixAlias() {
    78. 

  78. 		$user = $this->User->read();
    79. 

  79. 		$this->Aro->findByForeignKey($user['User']['id']);
    80. 

  80. 		$this->Aro->save(array('alias' => $user['User']['username']));
    81. 

  81. 				}
    82. 

  82. 	
    83. 

  83. 	private function sendEmail($type, $to, $vars = null) {
    84. 

  84. 		if ($type == "registration" && Configure::read('NiceAuth.regEmail') == true) {
    85. 

  85. 			$email = new CakeEmail('default');
    86. 

  86. 			$email->to($to)
    87. 

  87. 				->emailFormat('html')
    88. 

  88. 				->subject(Configure::read('NiceAuth.regSubject'))
    89. 

  89. 				->template('NiceAuth.register')
    90. 

  90. 				->viewVars($vars)
    91. 

  91. 				->send();
    92. 

  92. 			}
    93. 

  93. 		elseif ($type == "reset") {
    94. 

  94. 			$email = new CakeEmail('default');
    95. 

  95. 			$email->to($to)
    96. 

  96. 				->emailFormat('html')
    97. 

  97. 				->subject(Configure::read('NiceAuth.resetSubject'))
    98. 

  98. 				->template('NiceAuth.reset')
    99. 

  99. 				->viewVars($vars)
    100. 

  100. 				->send();			
    101. 

  101. 			}
    102. 

  102. 		}
    103. 

  103. 	
    104. 

  104. 	public function passwordReset() {
    105. 

  105.         if ($this->request->is('post')) {
    106. 

  106.         	if ($user = $this->User->findByEmail($this->request->data['User']['email'])) {
    107. 

  107.         		$newPass = uniqid(rand());
    108. 

  108.         		$user['User']['password'] = $newPass;
    109. 

  109.         		if($this->User->save($user)) {
    110. 

  110.         			$pass = array('password' => $newPass);
    111. 

  111.         			$this->sendEmail('reset', $this->request->data['User']['email'], $pass);
    112. 

  112.         			}
    113. 

  113.         		$this->Session->setFlash('You will receive an email shortly!');
    114. 

  114.         		//$this->redirect('/');
    115. 

  115.         		}
    116. 

  116.         	else {
    117. 

  117.         		$this->Session->setFlash('The email address you entered could not be found.');
    118. 

  118.         		}
    119. 

  119. 			}		
    120. 

  120. 		}
    121. 

  121. 

  122.     public function register(){
    123. 

  123.     	$this->set('groups', $this->Group->find('list'));
    124. 

  124.         if ($this->request->is('post')) {
    125. 

  125.         	$resp = recaptcha_check_answer(Configure::read('NiceAuth.recaptchaPrivate'), $_SERVER["REMOTE_ADDR"], $this->request->data["recaptcha_challenge_field"], $this->request->data["recaptcha_response_field"]);
    126. 

  126.         	if ($resp->is_valid) {
    127. 

  127. 	        	$this->User->create();
    128. 

  128. 	        	$this->User->set(array(
    129. 

  129. 	        		'group_id' => Configure::read('NiceAuth.defaultGroup')
    130. 

  130. 	        		));
    131. 

  131. 	            if ($this->User->save($this->request->data)) {
    132. 

  132. 	            	$this->fixAlias();
    133. 

  133. 	                $this->Session->setFlash(__('You\'r account has been setup.'));
    134. 

  134. 	                $newUser = $this->User->read();
    135. 

  135. 	                $emailVars = array('username' => $newUser['User']['username']);
    136. 

  136. 	                $this->sendEmail('register', $newUser['User']['email'], $emailVars);
    137. 

  137. 	                $this->redirect('/me');
    138. 

  138. 	            	}
    139. 

  139. 	            else {
    140. 

  140. 	            	$this->Session->setFlash('Unable to create your\'re account. Please try again.');
    141. 

  141. 	            	}
    142. 

  142. 				}
    143. 

  143. 			else {
    144. 

  144. 				$this->Session->setFlash('The Verification Captcha you entered did not match, please try again.');
    145. 

  145. 				}
    146. 

  146.         	}
    147. 

  147.         elseif ($this->request->is('get')) {
    148. 

  148.         	if (isset($this->request->query['openid_mode'])) {
    149. 

  149.         		$openid = new Lightopenid($_SERVER['SERVER_NAME']);
    150. 

  150. 				$ret = $openid->getAttributes();
    151. 

  151. 	    		$data = $openid->data;
    152. 

  152. 				if ($this->User->findByEmail($ret['contact/email']) == false) {
    153. 

  153. 					$this->User->create();
    154. 

  154. 					$newUser = array('username' => $ret['contact/email'], 'email' => $ret['contact/email'], 'password' => $data['openid_identity'], 'group_id' => Configure::read('NiceAuth.defaultGroup'));
    155. 

  155. 					$this->User->save($newUser);
    156. 

  156. 					$user = $this->User->read();
    157. 

  157. 					$this->fixAlias();
    158. 

  158.     	            $emailVars = array('username' => $user['User']['username']);
    159. 

  159. 	                $this->sendEmail('register', $user['User']['email'], $emailVars);
    160. 

  160. 					$this->Auth->login($user['User']);
    161. 

  161. 					$this->Session->setFlash('Your account has been created.');
    162. 

  162. 					$this->redirect('/me');
    163. 

  163. 					}
    164. 

  164. 				else {
    165. 

  165. 					$this->Session->setFlash('This email address already exists, please try logging in instead.');
    166. 

  166. 					}
    167. 

  167.         		}
    168. 

  168.         	}
    169. 

  169.         }
    170. 

  170. 

  171.     public function login(){
    172. 

  172.         if ($this->request->is('post') || ($this->request->is('get') && isset($this->request->query['openid_mode']))) {
    173. 

  173. 			if ($this->Auth->login()) {
    174. 

  174. 				$this->redirect($this->Auth->redirect());
    175. 

  175. 				}
    176. 

  176. 			else {
    177. 

  177. 				$this->Session->setFlash(__('Invalid username or password, try again'));
    178. 

  178. 				}
    179. 

  179. 			}
    180. 

  180.     	}
    181. 

  181.     
    182. 

  182.     public function openid() {
    183. 

  183.         if ($this->request->is('post')) {
    184. 

  184. 			$openid = new Lightopenid($_SERVER['SERVER_NAME']);
    185. 

  185. 			$openid->identity = $this->request->data['openid'];
    186. 

  186. 			$openid->required = array('contact/email');
    187. 

  187. 			if ($this->request->data['type'] == 'register') {
    188. 

  188. 				$openid->returnUrl = 'http://'.$_SERVER['SERVER_NAME'].Router::url(array('controller' => 'users', 'action' => 'register'));
    189. 

  189. 				}
    190. 

  190. 			else {
    191. 

  191. 				$openid->returnUrl = 'http://'.$_SERVER['SERVER_NAME'].Router::url(array('controller' => 'users', 'action' => 'login'));
    192. 

  192. 				}
    193. 

  193. 			$this->redirect($openid->authUrl());
    194. 

  194. 			}
    195. 

  195.     	}
    196. 

  196. 

  197.     public function logout(){
    198. 

  198.         $this->Auth->logout();
    199. 

  199.         $this->Session->setFlash('You have been successfully logged out.');
    200. 

  200.         $this->redirect('/');
    201. 

  201.     	}
    202. 

  202. 	}
    203. 

  203. 

  204. ?>
    205.