tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
icingaweb2/application/controllers/AuthenticationController.php

155 lines
5.4 KiB
PHP
Raw Blame History

<?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}
# namespace Icinga\Application\Controllers;
use Icinga\Authentication\Backend\AutoLoginBackend;
use Icinga\Web\Controller\ActionController;
use Icinga\Form\Authentication\LoginForm;
use Icinga\Authentication\AuthChain;
use Icinga\Application\Config;
use Icinga\Logger\Logger;
use Icinga\Exception\AuthenticationException;
use Icinga\Exception\NotReadableError;
use Icinga\Exception\ConfigurationError;
use Icinga\User;
use Icinga\Web\Session;
use Icinga\Web\Url;
/**
* Application wide controller for authentication
*/
class AuthenticationController extends ActionController
{
/**
* This controller does not require authentication
*
* @var bool
*/
protected $requiresAuthentication = false;
/**
* Log into the application
*/
public function loginAction()
{
$auth = $this->Auth();
$this->view->form = $form = new LoginForm();
$form->setRequest($this->_request);
$this->view->title = $this->translate('Icingaweb Login');
try {
$redirectUrl = $this->view->form->getValue('redirect');
if ($redirectUrl) {
$redirectUrl = Url::fromPath($redirectUrl);
} else {
$redirectUrl = Url::fromPath('dashboard');
}
if ($auth->isAuthenticated()) {
$this->rerenderLayout()->redirectNow($redirectUrl);
}
try {
$config = Config::app('authentication');
} catch (NotReadableError $e) {
throw new ConfigurationError(
$this->translate(
'Could not read your authentiction.ini, no authentication methods are available.'
)
);
}
$chain = new AuthChain($config);
if ($this->getRequest()->isGet()) {
$user = new User('');
foreach ($chain as $backend) {
if ($backend instanceof AutoLoginBackend) {
$authenticated = $backend->authenticate($user);
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow($redirectUrl);
}
}
}
} elseif ($form->isSubmittedAndValid()) {
$user = new User($form->getValue('username'));
$password = $form->getValue('password');
$backendsTried = 0;
$backendsWithError = 0;
$redirectUrl = $form->getValue('redirect');
if ($redirectUrl) {
$redirectUrl = Url::fromPath($redirectUrl);
} else {
$redirectUrl = Url::fromPath('dashboard');
}
foreach ($chain as $backend) {
if ($backend instanceof AutoLoginBackend) {
continue;
}
++$backendsTried;
try {
$authenticated = $backend->authenticate($user, $password);
} catch (AuthenticationException $e) {
Logger::error($e);
++$backendsWithError;
continue;
}
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow($redirectUrl);
}
}
if ($backendsTried === 0) {
throw new ConfigurationError(
$this->translate(
'No authentication methods available. Did you create'
. ' authentication.ini when installing Icinga Web 2?'
)
);
}
if ($backendsTried === $backendsWithError) {
throw new ConfigurationError(
$this->translate(
'All configured authentication methods failed.'
. ' Please check the system log or Icinga Web 2 log for more information.'
)
);
}
if ($backendsWithError) {
$form->addNote(
$this->translate(
'Please note that not all authentication methods where available.'
. ' Check the system log or Icinga Web 2 log for more information.'
)
);
}
$form->getElement('password')->addError($this->translate('Incorrect username or password'));
}
} catch (Exception $e) {
$this->view->errorInfo = $e->getMessage();
}
}
/**
* Log out the current user
*/
public function logoutAction()
{
$auth = $this->Auth();
$isRemoteUser = $auth->getUser()->isRemoteUser();
$auth->removeAuthorization();
if ($isRemoteUser === true) {
$this->_helper->layout->setLayout('login');
$this->_response->setHttpResponseCode(401);
} else {
$this->rerenderLayout()->redirectToLogin();
}
}
}
Reference in New Issue View Git Blame Copy Permalink