Overview

Packages

  • Onion::Controllers
  • Onion::Core
  • Onion::UI
  • Onion::Utils

Classes

  • Authenticator
  • Controller
  • Database
  • DatabaseResult
  • Log
  • Model
  • Onion
  • Request
  • Response
  • User
  • Overview
  • Package
  • Class
  • Tree 
  1: <?php
  2: 
  3: /**
  4:  * Onion Framework - Autentifikácia
  5:  *
  6:  * Copyright (c) 2011 Jano Gašpar (http://webstranky.net)
  7:  *
  8:  * @author    Jano Gašpar
  9:  * @copyright Copyright (c) 2011 Jano Gašpar
 10:  * @package   Onion::Core
 11:  **/
 12: 
 13: class Authenticator extends User
 14: {
 15:     /**
 16:      * @var bool príznak prihlásenia
 17:      */
 18:     private $is_logged_in;
 19: 
 20: 
 21:     /**
 22:      * @var string meno cookie v ktorej sú uložené dáta pre automatické prihlásenie
 23:      */
 24:     private $cookie_name = 'onion_autologin';
 25: 
 26: 
 27:     /**
 28:      * @var int životnotnosť cookie pre automatické prihlásenie, obnovuje sa pri každom prihlásení
 29:      */
 30:     private $cookie_lifetime = 31536000; // 365 dní
 31: 
 32: 
 33:     /**
 34:      * @var string cesta v uri pre ktorú sa cookie ukladá
 35:      */
 36:     private $cookie_path = '/';
 37: 
 38: 
 39:     /**
 40:      * @var string doména pre ktorú cookie platí
 41:      */
 42:     private $cookie_domain;
 43: 
 44: 
 45:     /**
 46:      * @var string h
 47:      */
 48:     private $master_key;
 49: 
 50: 
 51:     /**
 52:      * Konštruktor
 53:      *
 54:      * @param  array associatívne pole s nastaveniami
 55:      * @return void
 56:      */
 57:     public function __construct($settings = NULL)
 58:     {
 59:         if ($settings !== NULL) {
 60:             $this->set_settings($settings);
 61:             $this->autologin();
 62:         }
 63:     }
 64: 
 65: 
 66:     /**
 67:      * Uloženie nastavení
 68:      *
 69:      * @param  array associatívne pole s nastaveniami
 70:      * @return void
 71:      */
 72:     public function set_settings($settings)
 73:     {
 74:         foreach ($settings as $key => $value) {
 75:             $this->$key = $value;
 76:         }
 77: 
 78:         if (empty($this->cookie_path) === TRUE) {
 79:             $this->cookie_path = '/';
 80:         }
 81:     }
 82: 
 83: 
 84:     /**
 85:      * Prihlásanie užívateľa
 86:      *
 87:      * @param string heslo užívateľa
 88:      * @return mixed NULL ak je konto zakázané, FALSE ak je heslo nesprávne
 89:      */
 90:     public function login($password)
 91:     {
 92:         if ($this->storage['allowed'] == FALSE) {
 93:             return NULL;
 94:         }
 95: 
 96:         if ($this->check_password($password) === FALSE) {
 97:             return FALSE;
 98:         }
 99: 
100:         $this->set_autologin_cookie();
101:         $this->is_logged_in = TRUE;
102: 
103:         $this->load_permissions();
104: 
105:         return TRUE;
106:     }
107: 
108: 
109:     /**
110:      * Kontrola hesla
111:      *
112:      * @param  string heslo
113:      * @return bool
114:      */
115:     public function check_password($password)
116:     {
117:         $salt = substr($this->storage['password'], 0, 40);
118:         $password = sha1($salt . $password);
119:         $password = $salt . $password;
120: 
121:         return ($password === $this->storage['password']);
122:     }
123: 
124: 
125:     /**
126:      * Nastavenie cookie pre automatické prihlasovanie
127:      *
128:      * @param  array associatívne pole s nastaveniami
129:      * @return void
130:      */
131:     public function set_autologin_cookie($settings = NULL)
132:     {
133:         if ($settings !== NULL) {
134:             $this->set_settings($settings);
135:         }
136: 
137:         $info = $this->create_encrypted_info();
138:         $cookie_lifetime = time() + $this->cookie_lifetime;
139:         setcookie($this->cookie_name, $info, $cookie_lifetime, $this->cookie_path, $this->cookie_domain, FALSE, TRUE);
140:         $_COOKIE[$this->cookie_name] = $info;
141:     }
142: 
143: 
144:     /**
145:      * Vytvorenie obsahu cookie pre automatické prihlásenie
146:      *
147:      * @return string zašifrované informácie o užívateľovi - meno a hash hesla
148:      */
149:     public function create_encrypted_info()
150:     {
151:         $info = array();
152:         $info['user_name'] = $this->storage['user_name'];
153: 
154:         $salt = substr($this->storage['password'], 0, 40);
155:         $info['hash'] = sha1($salt . $this->storage['password']);
156: 
157:         return Secure::encrypt($info, $this->master_key);
158:     }
159: 
160: 
161:     /**
162:      * Automatické prihlásenie na základe cookie
163:      *
164:      * @return void
165:      */
166:     public function autologin()
167:     {
168:         if (isset($_COOKIE[$this->cookie_name]) === FALSE) {
169:             $this->is_logged_in = FALSE;
170:             return;
171:         }
172: 
173:         $info = $_COOKIE[$this->cookie_name];
174:         $info = Secure::decrypt($info, $this->master_key);
175: 
176:         if (isset($info['user_name']) === FALSE
177:             OR isset($info['hash']) === FALSE) {
178: 
179:             $this->is_logged_in = FALSE;
180:             return;
181:         }
182: 
183:         if ($this->load_data($info['user_name']) === FALSE) {
184:             $this->is_logged_in = FALSE;
185:             return;
186:         }
187: 
188:         $salt = substr($this->storage['password'], 0, 40);
189:         $hash = sha1($salt . $this->storage['password']);
190: 
191:         if ($hash === $info['hash']
192:             AND  $this->storage['allowed'] == 1) {
193: 
194:             $this->set_autologin_cookie();
195:             $this->is_logged_in = TRUE;
196: 
197:             $this->load_permissions();
198: 
199:         } else {
200:             $this->logout();
201:         }
202:     }
203: 
204: 
205:     /**
206:      * Odhlásenie
207:      *
208:      * @return void
209:      */
210:     public function logout()
211:     {
212:         setcookie($this->cookie_name, NULL, time() - 3600, $this->cookie_path, $this->cookie_domain, FALSE, TRUE);
213:         unset($_COOKIE[$this->cookie_name]);
214:         $this->is_logged_in = FALSE;
215:         $this->storage = array();
216:         $this->roles = NULL;
217:         $this->permissions = NULL;
218:         $_SESSION = array();
219:         return;
220:     }
221: 
222: 
223:     /**
224:      * Kontrola prihlásenia
225:      *
226:      * @return bool
227:      */
228:     public function is_logged_in()
229:     {
230:         return $this->is_logged_in;
231:     }
232: 
233: 
234:     /**
235:      * Kontrola sily hesla
236:      *
237:      * @param  string heslo
238:      * @return int    sila hesla
239:      */
240:     public static function check_password_strength($password)
241:     {
242:         $range = 0;
243: 
244:         if (preg_match('/[a-z]/', $password) == TRUE) {
245:             $range += 26;
246:         }
247: 
248:         if (preg_match('/[A-Z]/', $password) == TRUE) {
249:             $range += 26;
250:         }
251: 
252:         if (preg_match('/[0-9]/', $password) == TRUE) {
253:             $range += 10;
254:         }
255: 
256:         if (preg_match('/[^a-zA-Z0-9]/', $password) == TRUE) {
257:             $range += 32;
258:         }
259: 
260:         return pow($range, strlen($password));
261:     }
262: }
263:
Onion API documentation generated by ApiGen.
Generated using the TokenReflection library.