diff --git a/application/controllers/AuthenticationController.php b/application/controllers/AuthenticationController.php index efb08a86d..e6a038be1 100644 --- a/application/controllers/AuthenticationController.php +++ b/application/controllers/AuthenticationController.php @@ -27,40 +27,9 @@ # namespace Icinga\Application\Controllers; use Icinga\Web\ActionController; -use Icinga\Authentication\Credentials as Credentials; +use Icinga\Authentication\Credentials; use Icinga\Authentication\Manager as AuthManager; -use Icinga\Form\Form; - - -// @TODO: I (jom) suppose this is not the best place, but -// finding a "bedder" one is your part mr. hein :) -class Auth_Form extends Form -{ - public function create() - { - $this->addElement('text', 'username', array( - 'label' => t('Username'), - 'required' => true - ) - ); - $this->addElement('password', 'password', array( - 'label' => t('Password'), - 'required' => true - ) - ); - $this->addElement('submit', 'submit', array( - 'label' => t('Login'), - 'class' => 'pull-right' - ) - ); - $this->disableCsrfToken(); - } - - public function isSubmitted() - { - return parent::isSubmitted('submit'); - } -} +use Icinga\Form\Authentication\LoginForm; /** @@ -70,41 +39,45 @@ class Auth_Form extends Form class AuthenticationController extends ActionController { /** + * Flag indicates authentication handling * @var bool */ protected $handlesAuthentication = true; /** + * Flag indicates session modification * @var bool */ protected $modifiesSession = true; /** - * + * Action to handle login */ public function loginAction() { $this->replaceLayout = true; $credentials = new Credentials(); - $this->view->form = new Auth_Form(); + $this->view->form = new LoginForm(); $this->view->form->setRequest($this->_request); - $this->view->form->bindToModel($credentials); + try { $auth = AuthManager::getInstance(null, array( "writeSession" => true )); + if ($auth->isAuthenticated()) { $this->redirectNow('index?_render=body'); } - if ($this->getRequest()->isPost() && $this->view->form->isSubmitted()) { - $this->view->form->repopulate(); - // @TODO: Re-enable this once the CSRF validation works - if (true) { //($this->view->form->isValid($this->getRequest())) { - if (!$auth->authenticate($credentials)) { - $this->view->form->getElement('password')->addError(t('Please provide a valid username and password')); - } else { - $this->redirectNow('index?_render=body'); - } + + if ($this->getRequest()->isPost() && $this->view->form->isValid($this->getRequest())) { + + $credentials->setUsername($this->view->form->getValue('username')); + $credentials->setPassword($this->view->form->getValue('password')); + + if (!$auth->authenticate($credentials)) { + $this->view->form->getElement('password')->addError(t('Please provide a valid username and password')); + } else { + $this->redirectNow('index?_render=body'); } } } catch (\Icinga\Exception\ConfigurationError $configError) { @@ -113,7 +86,7 @@ class AuthenticationController extends ActionController } /** - * + * Action handle logout */ public function logoutAction() { diff --git a/application/forms/Authentication/LoginForm.php b/application/forms/Authentication/LoginForm.php new file mode 100644 index 000000000..3c5f45782 --- /dev/null +++ b/application/forms/Authentication/LoginForm.php @@ -0,0 +1,66 @@ + + * @author Icinga Development Team + */ +// {{{ICINGA_LICENSE_HEADER}}} + +namespace Icinga\Form\Authentication; + +use Icinga\Web\Form; + +/** + * Class LoginForm + */ +class LoginForm extends Form +{ + /** + * Interface how the form should be created + */ + protected function create() + { + $this->addElement( + 'text', + 'username', + array( + 'label' => t('Username'), + 'required' => true + ) + ); + $this->addElement( + 'password', + 'password', + array( + 'label' => t('Password'), + 'required' => true + ) + ); + $this->addElement( + 'submit', + 'submit', + array( + 'label' => t('Login'), + 'class' => 'pull-right' + ) + ); + $this->disableCsrfToken(); + } +} diff --git a/application/forms/authentication/SettingsForm.php b/application/forms/Authentication/SettingsForm.php similarity index 100% rename from application/forms/authentication/SettingsForm.php rename to application/forms/Authentication/SettingsForm.php diff --git a/application/forms/authentication/LoginForm.php b/application/forms/authentication/LoginForm.php deleted file mode 100644 index d78df7521..000000000 --- a/application/forms/authentication/LoginForm.php +++ /dev/null @@ -1,97 +0,0 @@ - - * @author Icinga Development Team - */ -// {{{ICINGA_LICENSE_HEADER}}} - -namespace Icinga\Web\Form; - -use Icinga\Web\Form; -use Icinga\Web\Notification; -use Icinga\Application\Config; -use Icinga\Authentication\Backend as AuthBackend; -use Icinga\Authentication\Auth; - -/** - * Class LoginForm - * @package Icinga\Web\Form - */ -class LoginForm extends Form -{ - /** - * - */ - public function onSuccess() - { - $backend = new AuthBackend(Config::getInstance()->authentication); - $values = $this->getValues(); - $username = $values['username']; - $password = $values['password']; - if ($backend->hasUsername($username)) { - if ($user = $backend->authenticate($username, $password)) { - // \Zend_Session::regenerateId(); - Auth::getInstance()->setAuthenticatedUser($user); - Notification::success('Login succeeded'); - $this->redirectNow('index?_render=body'); - } else { - // TODO: Log "auth failed" - } - } else { - // TODO: Log "User does not exist" - } - - $this->getElement('password')->addError( - t( - 'Authentication failed, please check username and password' - ) - ); - } - - /** - * @return array - */ - public function elements() - { - return array( - 'username' => array( - 'text', - array( - 'label' => t('Username'), - 'required' => true, - ) - ), - 'password' => array( - 'password', - array( - 'label' => t('Password'), - 'required' => true, - ) - ), - 'submit' => array( - 'submit', - array( - 'label' => t('Login') - ) - ) - ); - } -} diff --git a/library/Icinga/Web/Form.php b/library/Icinga/Web/Form.php index 4b1a3d2de..3965313aa 100644 --- a/library/Icinga/Web/Form.php +++ b/library/Icinga/Web/Form.php @@ -27,6 +27,11 @@ namespace Icinga\Web; use Icinga\Exception\ProgrammingError; +/** + * Class Form + * + * How forms are used in Icinga 2 Web + */ abstract class Form extends \Zend_Form { /** @@ -69,18 +74,49 @@ abstract class Form extends \Zend_Form /** * Add elements to this form (used by extending classes) */ - abstract public function create(); + abstract protected function create(); /** - * Apply a request object wherewith the form can work - * - * @param $request The request object of a session + * Setter for request + * @param \Zend_Controller_Request_Abstract $request The request object of a session */ - public function setRequest($request) + public function setRequest(\Zend_Controller_Request_Abstract $request) { $this->request = $request; } + /** + * Getter for request + * @return \Zend_Controller_Request_Abstract + */ + public function getRequest() + { + return $this->request; + } + + /** + * Test if data from array or request is valid + * + * If $data is null, internal request is selected to test validity + * + * @param null|\Zend_Controller_Request_Abstract|array $data + * @return bool + */ + public function isValid($data) + { + $check = null; + + if ($data === null) { + $data = $this->getRequest()->getParams(); + } elseif ($data instanceof \Zend_Controller_Request_Abstract) { + $check = $data->getParams(); + } else { + $check = $data; + } + + return parent::isValid($check); + } + /** * Enable CSRF counter measure */ @@ -108,9 +144,12 @@ abstract class Form extends \Zend_Form } list($seed, $token) = $this->generateCsrfToken($this->tokenTimeout); - $this->addElement('hidden', $this->tokenElementName, array( - 'value' => sprintf('%s\|/%s', $seed, $token), - 'decorators' => array('ViewHelper') + $this->addElement( + 'hidden', + $this->tokenElementName, + array( + 'value' => sprintf('%s\|/%s', $seed, $token), + 'decorators' => array('ViewHelper') ) ); }