PageRenderTime 59ms CodeModel.GetById 24ms RepoModel.GetById 0ms app.codeStats 0ms

/sparks/ion_auth/2.2.4/controllers/auth.php

https://bitbucket.org/johnroyer/anitrace
PHP | 460 lines | 363 code | 56 blank | 41 comment | 41 complexity | 121cbe0be4cce9ba09af8e9699d53680 MD5 | raw file
  1. <?php defined('BASEPATH') OR exit('No direct script access allowed');
  2. class Auth extends CI_Controller {
  3. function __construct()
  4. {
  5. parent::__construct();
  6. $this->load->library('ion_auth');
  7. $this->load->library('session');
  8. $this->load->library('form_validation');
  9. $this->load->database();
  10. $this->load->helper('url');
  11. }
  12. //redirect if needed, otherwise display the user list
  13. function index()
  14. {
  15. if (!$this->ion_auth->logged_in())
  16. {
  17. //redirect them to the login page
  18. redirect('auth/login', 'refresh');
  19. }
  20. elseif (!$this->ion_auth->is_admin())
  21. {
  22. //redirect them to the home page because they must be an administrator to view this
  23. redirect($this->config->item('base_url'), 'refresh');
  24. }
  25. else
  26. {
  27. //set the flash data error message if there is one
  28. $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
  29. //list the users
  30. $this->data['users'] = $this->ion_auth->users()->result();
  31. foreach ($this->data['users'] as $k => $user)
  32. {
  33. $this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();
  34. }
  35. $this->load->view('auth/index', $this->data);
  36. }
  37. }
  38. //log the user in
  39. function login()
  40. {
  41. $this->data['title'] = "Login";
  42. //validate form input
  43. $this->form_validation->set_rules('identity', 'Identity', 'required');
  44. $this->form_validation->set_rules('password', 'Password', 'required');
  45. if ($this->form_validation->run() == true)
  46. { //check to see if the user is logging in
  47. //check for "remember me"
  48. $remember = (bool) $this->input->post('remember');
  49. if ($this->ion_auth->login($this->input->post('identity'), $this->input->post('password'), $remember))
  50. { //if the login is successful
  51. //redirect them back to the home page
  52. $this->session->set_flashdata('message', $this->ion_auth->messages());
  53. redirect($this->config->item('base_url'), 'refresh');
  54. }
  55. else
  56. { //if the login was un-successful
  57. //redirect them back to the login page
  58. $this->session->set_flashdata('message', $this->ion_auth->errors());
  59. redirect('auth/login', 'refresh'); //use redirects instead of loading views for compatibility with MY_Controller libraries
  60. }
  61. }
  62. else
  63. { //the user is not logging in so display the login page
  64. //set the flash data error message if there is one
  65. $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
  66. $this->data['identity'] = array('name' => 'identity',
  67. 'id' => 'identity',
  68. 'type' => 'text',
  69. 'value' => $this->form_validation->set_value('identity'),
  70. );
  71. $this->data['password'] = array('name' => 'password',
  72. 'id' => 'password',
  73. 'type' => 'password',
  74. );
  75. $this->load->view('auth/login', $this->data);
  76. }
  77. }
  78. //log the user out
  79. function logout()
  80. {
  81. $this->data['title'] = "Logout";
  82. //log the user out
  83. $logout = $this->ion_auth->logout();
  84. //redirect them back to the page they came from
  85. redirect('auth', 'refresh');
  86. }
  87. //change password
  88. function change_password()
  89. {
  90. $this->form_validation->set_rules('old', 'Old password', 'required');
  91. $this->form_validation->set_rules('new', 'New Password', 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[new_confirm]');
  92. $this->form_validation->set_rules('new_confirm', 'Confirm New Password', 'required');
  93. if (!$this->ion_auth->logged_in())
  94. {
  95. redirect('auth/login', 'refresh');
  96. }
  97. $user = $this->ion_auth->user()->row();
  98. if ($this->form_validation->run() == false)
  99. { //display the form
  100. //set the flash data error message if there is one
  101. $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
  102. $this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth');
  103. $this->data['old_password'] = array(
  104. 'name' => 'old',
  105. 'id' => 'old',
  106. 'type' => 'password',
  107. );
  108. $this->data['new_password'] = array(
  109. 'name' => 'new',
  110. 'id' => 'new',
  111. 'type' => 'password',
  112. 'pattern' => '^.{'.$this->data['min_password_length'].'}.*$',
  113. );
  114. $this->data['new_password_confirm'] = array(
  115. 'name' => 'new_confirm',
  116. 'id' => 'new_confirm',
  117. 'type' => 'password',
  118. 'pattern' => '^.{'.$this->data['min_password_length'].'}.*$',
  119. );
  120. $this->data['user_id'] = array(
  121. 'name' => 'user_id',
  122. 'id' => 'user_id',
  123. 'type' => 'hidden',
  124. 'value' => $user->id,
  125. );
  126. //render
  127. $this->load->view('auth/change_password', $this->data);
  128. }
  129. else
  130. {
  131. $identity = $this->session->userdata($this->config->item('identity', 'ion_auth'));
  132. $change = $this->ion_auth->change_password($identity, $this->input->post('old'), $this->input->post('new'));
  133. if ($change)
  134. { //if the password was successfully changed
  135. $this->session->set_flashdata('message', $this->ion_auth->messages());
  136. $this->logout();
  137. }
  138. else
  139. {
  140. $this->session->set_flashdata('message', $this->ion_auth->errors());
  141. redirect('auth/change_password', 'refresh');
  142. }
  143. }
  144. }
  145. //forgot password
  146. function forgot_password()
  147. {
  148. $this->form_validation->set_rules('email', 'Email Address', 'required');
  149. if ($this->form_validation->run() == false)
  150. {
  151. //setup the input
  152. $this->data['email'] = array('name' => 'email',
  153. 'id' => 'email',
  154. );
  155. //set any errors and display the form
  156. $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
  157. $this->load->view('auth/forgot_password', $this->data);
  158. }
  159. else
  160. {
  161. //run the forgotten password method to email an activation code to the user
  162. $forgotten = $this->ion_auth->forgotten_password($this->input->post('email'));
  163. if ($forgotten)
  164. { //if there were no errors
  165. $this->session->set_flashdata('message', $this->ion_auth->messages());
  166. redirect("auth/login", 'refresh'); //we should display a confirmation page here instead of the login page
  167. }
  168. else
  169. {
  170. $this->session->set_flashdata('message', $this->ion_auth->errors());
  171. redirect("auth/forgot_password", 'refresh');
  172. }
  173. }
  174. }
  175. //reset password - final step for forgotten password
  176. public function reset_password($code)
  177. {
  178. $user = $this->ion_auth->forgotten_password_check($code);
  179. if ($user)
  180. { //if the code is valid then display the password reset form
  181. $this->form_validation->set_rules('new', 'New Password', 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[new_confirm]');
  182. $this->form_validation->set_rules('new_confirm', 'Confirm New Password', 'required');
  183. if ($this->form_validation->run() == false)
  184. {//display the form
  185. //set the flash data error message if there is one
  186. $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
  187. $this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth');
  188. $this->data['new_password'] = array(
  189. 'name' => 'new',
  190. 'id' => 'new',
  191. 'type' => 'password',
  192. 'pattern' => '^.{'.$this->data['min_password_length'].'}.*$',
  193. );
  194. $this->data['new_password_confirm'] = array(
  195. 'name' => 'new_confirm',
  196. 'id' => 'new_confirm',
  197. 'type' => 'password',
  198. 'pattern' => '^.{'.$this->data['min_password_length'].'}.*$',
  199. );
  200. $this->data['user_id'] = array(
  201. 'name' => 'user_id',
  202. 'id' => 'user_id',
  203. 'type' => 'hidden',
  204. 'value' => $user->id,
  205. );
  206. $this->data['csrf'] = $this->_get_csrf_nonce();
  207. $this->data['code'] = $code;
  208. //render
  209. $this->load->view('auth/reset_password', $this->data);
  210. }
  211. else
  212. {
  213. // do we have a valid request?
  214. if ($this->_valid_csrf_nonce() === FALSE || $user->id != $this->input->post('user_id')) {
  215. //something fishy might be up
  216. $this->ion_auth->clear_forgotten_password_code($code);
  217. show_404();
  218. } else {
  219. // finally change the password
  220. $identity = $user->{$this->config->item('identity', 'ion_auth')};
  221. $change = $this->ion_auth->reset_password($identity, $this->input->post('new'));
  222. if ($change)
  223. { //if the password was successfully changed
  224. $this->session->set_flashdata('message', $this->ion_auth->messages());
  225. $this->logout();
  226. }
  227. else
  228. {
  229. $this->session->set_flashdata('message', $this->ion_auth->errors());
  230. redirect('auth/reset_password/' . $code, 'refresh');
  231. }
  232. }
  233. }
  234. }
  235. else
  236. { //if the code is invalid then send them back to the forgot password page
  237. $this->session->set_flashdata('message', $this->ion_auth->errors());
  238. redirect("auth/forgot_password", 'refresh');
  239. }
  240. }
  241. //activate the user
  242. function activate($id, $code=false)
  243. {
  244. if ($code !== false)
  245. $activation = $this->ion_auth->activate($id, $code);
  246. else if ($this->ion_auth->is_admin())
  247. $activation = $this->ion_auth->activate($id);
  248. if ($activation)
  249. {
  250. //redirect them to the auth page
  251. $this->session->set_flashdata('message', $this->ion_auth->messages());
  252. redirect("auth", 'refresh');
  253. }
  254. else
  255. {
  256. //redirect them to the forgot password page
  257. $this->session->set_flashdata('message', $this->ion_auth->errors());
  258. redirect("auth/forgot_password", 'refresh');
  259. }
  260. }
  261. //deactivate the user
  262. function deactivate($id = NULL)
  263. {
  264. // no funny business, force to integer
  265. $id = (int) $id;
  266. $this->load->library('form_validation');
  267. $this->form_validation->set_rules('confirm', 'confirmation', 'required');
  268. $this->form_validation->set_rules('id', 'user ID', 'required|is_natural');
  269. if ($this->form_validation->run() == FALSE)
  270. {
  271. // insert csrf check
  272. $this->data['csrf'] = $this->_get_csrf_nonce();
  273. $this->data['user'] = $this->ion_auth->user($id)->row();
  274. $this->load->view('auth/deactivate_user', $this->data);
  275. }
  276. else
  277. {
  278. // do we really want to deactivate?
  279. if ($this->input->post('confirm') == 'yes')
  280. {
  281. // do we have a valid request?
  282. if ($this->_valid_csrf_nonce() === FALSE || $id != $this->input->post('id'))
  283. {
  284. show_404();
  285. }
  286. // do we have the right userlevel?
  287. if ($this->ion_auth->logged_in() && $this->ion_auth->is_admin())
  288. {
  289. $this->ion_auth->deactivate($id);
  290. }
  291. }
  292. //redirect them back to the auth page
  293. redirect('auth', 'refresh');
  294. }
  295. }
  296. //create a new user
  297. function create_user()
  298. {
  299. $this->data['title'] = "Create User";
  300. if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
  301. {
  302. redirect('auth', 'refresh');
  303. }
  304. //validate form input
  305. $this->form_validation->set_rules('first_name', 'First Name', 'required|xss_clean');
  306. $this->form_validation->set_rules('last_name', 'Last Name', 'required|xss_clean');
  307. $this->form_validation->set_rules('email', 'Email Address', 'required|valid_email');
  308. $this->form_validation->set_rules('phone1', 'First Part of Phone', 'required|xss_clean|min_length[3]|max_length[3]');
  309. $this->form_validation->set_rules('phone2', 'Second Part of Phone', 'required|xss_clean|min_length[3]|max_length[3]');
  310. $this->form_validation->set_rules('phone3', 'Third Part of Phone', 'required|xss_clean|min_length[4]|max_length[4]');
  311. $this->form_validation->set_rules('company', 'Company Name', 'required|xss_clean');
  312. $this->form_validation->set_rules('password', 'Password', 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
  313. $this->form_validation->set_rules('password_confirm', 'Password Confirmation', 'required');
  314. if ($this->form_validation->run() == true)
  315. {
  316. $username = strtolower($this->input->post('first_name')) . ' ' . strtolower($this->input->post('last_name'));
  317. $email = $this->input->post('email');
  318. $password = $this->input->post('password');
  319. $additional_data = array('first_name' => $this->input->post('first_name'),
  320. 'last_name' => $this->input->post('last_name'),
  321. 'company' => $this->input->post('company'),
  322. 'phone' => $this->input->post('phone1') . '-' . $this->input->post('phone2') . '-' . $this->input->post('phone3'),
  323. );
  324. }
  325. if ($this->form_validation->run() == true && $this->ion_auth->register($username, $password, $email, $additional_data))
  326. { //check to see if we are creating the user
  327. //redirect them back to the admin page
  328. $this->session->set_flashdata('message', "User Created");
  329. redirect("auth", 'refresh');
  330. }
  331. else
  332. { //display the create user form
  333. //set the flash data error message if there is one
  334. $this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
  335. $this->data['first_name'] = array('name' => 'first_name',
  336. 'id' => 'first_name',
  337. 'type' => 'text',
  338. 'value' => $this->form_validation->set_value('first_name'),
  339. );
  340. $this->data['last_name'] = array('name' => 'last_name',
  341. 'id' => 'last_name',
  342. 'type' => 'text',
  343. 'value' => $this->form_validation->set_value('last_name'),
  344. );
  345. $this->data['email'] = array('name' => 'email',
  346. 'id' => 'email',
  347. 'type' => 'text',
  348. 'value' => $this->form_validation->set_value('email'),
  349. );
  350. $this->data['company'] = array('name' => 'company',
  351. 'id' => 'company',
  352. 'type' => 'text',
  353. 'value' => $this->form_validation->set_value('company'),
  354. );
  355. $this->data['phone1'] = array('name' => 'phone1',
  356. 'id' => 'phone1',
  357. 'type' => 'text',
  358. 'value' => $this->form_validation->set_value('phone1'),
  359. );
  360. $this->data['phone2'] = array('name' => 'phone2',
  361. 'id' => 'phone2',
  362. 'type' => 'text',
  363. 'value' => $this->form_validation->set_value('phone2'),
  364. );
  365. $this->data['phone3'] = array('name' => 'phone3',
  366. 'id' => 'phone3',
  367. 'type' => 'text',
  368. 'value' => $this->form_validation->set_value('phone3'),
  369. );
  370. $this->data['password'] = array('name' => 'password',
  371. 'id' => 'password',
  372. 'type' => 'password',
  373. 'value' => $this->form_validation->set_value('password'),
  374. );
  375. $this->data['password_confirm'] = array('name' => 'password_confirm',
  376. 'id' => 'password_confirm',
  377. 'type' => 'password',
  378. 'value' => $this->form_validation->set_value('password_confirm'),
  379. );
  380. $this->load->view('auth/create_user', $this->data);
  381. }
  382. }
  383. function _get_csrf_nonce()
  384. {
  385. $this->load->helper('string');
  386. $key = random_string('alnum', 8);
  387. $value = random_string('alnum', 20);
  388. $this->session->set_flashdata('csrfkey', $key);
  389. $this->session->set_flashdata('csrfvalue', $value);
  390. return array($key => $value);
  391. }
  392. function _valid_csrf_nonce()
  393. {
  394. if ($this->input->post($this->session->flashdata('csrfkey')) !== FALSE &&
  395. $this->input->post($this->session->flashdata('csrfkey')) == $this->session->flashdata('csrfvalue'))
  396. {
  397. return TRUE;
  398. }
  399. else
  400. {
  401. return FALSE;
  402. }
  403. }
  404. }