From db78f810ff9afd632a7ae1df5a7e6fd5f53982a5 Mon Sep 17 00:00:00 2001 From: Eric Lippmann Date: Wed, 29 Jul 2015 14:15:11 +0200 Subject: [PATCH] lib: Add log in functionality to the LoginForm refs #9660 --- .../forms/Authentication/LoginForm.php | 96 ++++++++++++++++++- 1 file changed, 93 insertions(+), 3 deletions(-) diff --git a/application/forms/Authentication/LoginForm.php b/application/forms/Authentication/LoginForm.php index d4f0e8745..21e19b09b 100644 --- a/application/forms/Authentication/LoginForm.php +++ b/application/forms/Authentication/LoginForm.php @@ -3,16 +3,24 @@ namespace Icinga\Forms\Authentication; +use Icinga\Authentication\Auth; +use Icinga\Authentication\User\ExternalBackend; +use Icinga\User; use Icinga\Web\Form; use Icinga\Web\Url; /** - * Class LoginForm + * Form for user authentication */ class LoginForm extends Form { /** - * Initialize this login form + * Redirect URL + */ + const REDIRECT_URL = 'dashboard'; + + /** + * {@inheritdoc} */ public function init() { @@ -22,7 +30,7 @@ class LoginForm extends Form } /** - * @see Form::createElements() + * {@inheritdoc} */ public function createElements(array $formData) { @@ -54,4 +62,86 @@ class LoginForm extends Form ) ); } + + /** + * {@inheritdoc} + */ + public function getRedirectUrl() + { + $redirect = null; + if ($this->created) { + $redirect = $this->getElement('redirect')->getValue(); + } + if (empty($redirect)) { + $redirect = static::REDIRECT_URL; + } + return Url::fromPath($redirect); + } + + /** + * {@inheritdoc} + */ + public function onSuccess() + { + $auth = Auth::getInstance(); + $authChain = $auth->getAuthChain(); + $authChain->setIteratorMode($authChain::IT_MODE_NOT_EXTERNAL); + $user = new User($this->getElement('username')->getValue()); + $password = $this->getElement('password')->getValue(); + $authenticated = $authChain->authenticate($user, $password); + if ($authenticated) { + $auth->setAuthenticated($user); + return true; + } + switch ($authChain->getError()) { + case $authChain::EEMPTY: + $this->addError($this->translate( + 'No authentication methods available.' + . ' Did you create authentication.ini when setting up Icinga Web 2?' + )); + break; + case $authChain::EFAIL: + $this->addError($this->translate( + 'All configured authentication methods failed.' + . ' Please check the system log or Icinga Web 2 log for more information.' + )); + break; + case $authChain::ENOTALL: + $this->addError($this->translate( + 'Please note that not all authentication methods were available.' + . ' Check the system log or Icinga Web 2 log for more information.' + )); + // Move to default + default: + $this->getElement('password')->addError($this->translate('Incorrect username or password')); + break; + } + return false; + } + + /** + * {@inheritdoc} + */ + public function onRequest() + { + $auth = Auth::getInstance(); + $onlyExternal = true; + $user = new User(''); + foreach ($auth->getAuthChain() as $backend) { + if ($backend instanceof ExternalBackend) { + if ($backend->authenticate($user)) { + $auth->setAuthenticated($user); + $this->getResponse()->redirectAndExit($this->getRedirectUrl()); + } + } else { + $onlyExternal = false; + } + } + if ($onlyExternal) { + $this->addError($this->translate( + 'You\'re currently not authenticated using any of the web server\'s authentication mechanisms.' + . ' Make sure you\'ll configure such, otherwise you\'ll not be able to login.' + )); + } + } }