pandorafms/pandora_console/mobile/include/user.class.php

326 lines
8.5 KiB
PHP
Raw Normal View History

2010-09-15 17:54:59 +02:00
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//Singleton
2010-09-15 17:54:59 +02:00
class User {
private static $instance;
2010-09-15 17:54:59 +02:00
private $user;
private $logged = false;
private $errorLogin = false;
private $loginTime = false;
private $logout_action = false;
private $needDoubleAuth = false;
private $errorDoubleAuth = false;
2010-09-15 17:54:59 +02:00
public static function getInstance () {
if (!(self::$instance instanceof self)) {
//Check if in the session
$system = System::getInstance();
$user = $system->getSession('user', null);
if (!empty($user)) {
self::$instance = $user;
}
else {
self::$instance = new self;
}
}
return self::$instance;
}
public function saveLogin () {
2010-09-15 17:54:59 +02:00
if ($this->logged) {
$system = System::getInstance();
//hack to compatibility with pandora
global $config;
$config['id_user'] = $this->user;
$system->setSessionBase('id_usuario', $this->user);
$system->setSession('user', $this);
2010-09-15 17:54:59 +02:00
}
}
public function isLogged () {
$system = System::getInstance();
$autologin = $system->getRequest('autologin', false);
if ($autologin) {
$user = $system->getRequest('user', null);
$password = $system->getRequest('password', null);
$this->login($user, $password);
}
2010-09-15 17:54:59 +02:00
return $this->logged;
}
public function login ($user = null, $password = null) {
$system = System::getInstance();
2010-09-15 17:54:59 +02:00
if (($user == null) && ($password == null)) {
$user = $system->getRequest('user', null);
$user = $system->safeInput($user);
$password = $system->getRequest('password', null);
2010-09-15 17:54:59 +02:00
}
if (!empty($user) && !empty($password)) {
$user_in_db = process_user_login($user, $password);
if ($user_in_db !== false) {
$this->logged = true;
$this->user = $user_in_db;
$this->loginTime = time();
$this->errorLogin = false;
// The user login was successful, but the second step is not completed
if ($this->isDobleAuthRequired()) {
$this->needDoubleAuth = true;
}
}
else {
$this->logged = false;
$this->loginTime = false;
$this->errorLogin = true;
$this->needDoubleAuth = false;
$this->errorDoubleAuth = false;
}
2010-09-15 17:54:59 +02:00
}
$this->saveLogin();
return $this->logged;
}
public function getLoginTime () {
return $this->loginTime;
}
public function isWaitingDoubleAuth () {
return $this->needDoubleAuth;
}
public function isDobleAuthRequired ($user = false) {
if (empty($user) && !empty($this->user))
$user = $this->user;
if (!empty($user))
return (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $user);
else
return false;
}
public function validateDoubleAuthCode ($user = null, $code = null) {
if (!$this->needDoubleAuth) {
return true;
}
$system = System::getInstance();
require_once ($system->getConfig('homedir').'/include/auth/GAuth/Auth.php');
$result = false;
if (empty($user)) {
$user = $this->user;
}
if (empty($code)) {
$code = $system->getRequest('auth_code', null);
}
if (!empty($user) && !empty($code)) {
$secret = db_get_value('secret', 'tuser_double_auth', 'id_user', $user);
if ($secret === false) {
$result = false;
$this->errorDoubleAuth = array(
'title_text' => __('Double authentication failed'),
'content_text' => __('Secret code not found') .". "
.__('Please contact the administrator to reset your double authentication')
);
}
else if (!empty($secret)) {
try {
$gAuth = new \GAuth\Auth($secret);
$result = $gAuth->validateCode($code);
// Double auth success
if ($result) {
$this->needDoubleAuth = false;
$this->saveLogin();
}
else {
$result = false;
$this->errorDoubleAuth = array(
'title_text' => __('Double authentication failed'),
'content_text' => __('Invalid code')
);
}
} catch (Exception $e) {
$result = false;
$this->errorDoubleAuth = array(
'title_text' => __('Double authentication failed'),
'content_text' => __('There was an error checking the code')
);
}
}
2010-09-15 17:54:59 +02:00
}
return $result;
2010-09-15 17:54:59 +02:00
}
public function logout () {
2010-09-15 17:54:59 +02:00
$this->user = null;
$this->logged = false;
$this->loginTime = false;
$this->errorLogin = false;
$this->logout_action = true;
$this->needDoubleAuth = false;
$this->errorDoubleAuth = false;
$system = System::getInstance();
$system->setSession('user', null);
$system->sessionDestroy();
2010-09-15 17:54:59 +02:00
}
public function showLoginPage () {
global $pandora_version;
$ui = Ui::getInstance();
$ui->createPage();
if ($this->errorLogin) {
$options['type'] = 'onStart';
$options['title_text'] = __('Login Failed');
$options['content_text'] = __('User not found in database or incorrect password.');
$ui->addDialog($options);
}
if ($this->logout_action) {
$options['dialog_id'] = 'logout_dialog';
$options['type'] = 'onStart';
$options['title_text'] = __('Login out');
$options['content_text'] = __('Your session is over. Please close your browser window to close this Pandora session.');
$ui->addDialog($options);
}
$ui->createHeader();
$ui->showFooter(false);
$ui->beginContent();
$ui->contentAddHtml('<div style="text-align: center;" class="login_logo">' .
html_print_image ("mobile/images/pandora_mobile_console.png",
true, array ("alt" => "logo", "border" => 0)) .
'</div>');
$ui->contentAddHtml('<div id="login_container">');
$ui->beginForm();
$ui->formAddHtml(html_print_input_hidden('action', 'login', true));
$options = array(
'name' => 'user',
'value' => $this->user,
'placeholder' => __('user'),
'label' => __('User')
);
$ui->formAddInputText($options);
$options = array(
'name' => 'password',
'value' => '',
'placeholder' => __('password'),
'label' => __('Password')
);
$ui->formAddInputPassword($options);
$options = array(
'value' => __('Login'),
'icon' => 'arrow-r',
'icon_pos' => 'right',
'name' => 'login_btn'
);
$ui->formAddSubmitButton($options);
$ui->endForm();
$ui->contentAddHtml('</div>');
$ui->endContent();
$ui->showPage();
$this->errorLogin = false;
$this->logout_action = false;
2010-09-15 17:54:59 +02:00
}
public function showDoubleAuthPage () {
global $pandora_version;
$ui = Ui::getInstance();
$ui->createPage();
if (!empty($this->errorDoubleAuth)) {
$options['type'] = 'onStart';
$options['title_text'] = $this->errorDoubleAuth['title_text'];
$options['content_text'] = $this->errorDoubleAuth['content_text'] . "<br>";
$ui->addDialog($options);
}
$left_button = $ui->createHeaderButton(
array('icon' => 'back',
'pos' => 'left',
'text' => __('Logout'),
'href' => 'index.php?action=logout'));
$ui->createHeader('', $left_button);
$ui->showFooter(false);
$ui->beginContent();
$ui->contentAddHtml('<div style="text-align: center;" class="login_logo">' .
html_print_image ("mobile/images/pandora_mobile_console.png",
true, array ("alt" => "logo", "border" => 0)) .
'</div>');
$ui->contentAddHtml('<div id="login_container">');
$ui->beginForm();
$ui->formAddHtml(html_print_input_hidden('action', 'double_auth', true));
$options = array(
'name' => 'auth_code',
'value' => '',
'placeholder' => __('Authenticator code'),
'label' => __('Authenticator code')
);
$ui->formAddInputPassword($options);
$options = array(
'value' => __('Check code'),
'icon' => 'arrow-r',
'icon_pos' => 'right',
'name' => 'auth_code_btn'
);
$ui->formAddSubmitButton($options);
$ui->endForm();
$ui->contentAddHtml('</div>');
$ui->endContent();
$ui->showPage();
$this->errorDoubleAuth = false;
}
public function getIdUser () {
return $this->user; //Oldies methods
}
public function isInGroup ($access = "AR", $id_group = 0, $name_group = false) {
return (bool)check_acl($this->user, $id_group, $access);
}
public function getIdGroups ($access = "AR", $all = false) {
return array_keys(users_get_groups($this->user, $access, $all));
2010-09-15 17:54:59 +02:00
}
}
?>