1 <?php
2
3 4 5 6 7 8 9 10
11
12 namespace Icybee\Modules\Users\NonceLogin;
13
14 use ICanBoogie\ActiveRecord\RecordNotFound;
15 use ICanBoogie\DateTime;
16 use ICanBoogie\I18n\FormattedString;
17 use ICanBoogie\PermissionRequired;
18
19 20 21 22
23 class NonceLoginOperation extends \ICanBoogie\Operation
24 {
25 private $ticket;
26
27 protected function get_ticket()
28 {
29 return $this->ticket;
30 }
31
32 protected function validate(\ICanboogie\Errors $errors)
33 {
34 global $core;
35
36 $request = $this->request;
37 $token = $request['token'];
38
39 if (!$token)
40 {
41 $errors['token'] = $errors->format("The nonce login Token is required.");
42
43 return false;
44 }
45
46 $this->ticket = $ticket = $core->models['users.noncelogin']->filter_by_token($token)->one;
47
48 if (!$ticket)
49 {
50 $errors['token'] = $errors->format("Unknown token.");
51
52 return false;
53 }
54
55 if ($ticket->expire_at < DateTime::now())
56 {
57 $errors['expire_at'] = $errors->format("This nonce login ticket has expired at :date.", array(':date' => $ticket->expire_at->local->as_db));
58
59 return false;
60 }
61
62 if ($ticket->ip != $request->ip)
63 {
64 $errors['ip'] = $errors->format("The IP address doesn't match the one of the initial request.");
65
66 return false;
67 }
68
69 try
70 {
71 $ticket->user;
72 }
73 catch (RecordNotFound $e)
74 {
75 $errors['uid'] = $errors->format("The user associated with this nonce login no longer exists.");
76
77 return false;
78 }
79
80 return true;
81 }
82
83 protected function process()
84 {
85 global $core;
86
87 $ticket = $this->ticket;
88 $user = $ticket->user;
89
90 $ticket->delete();
91
92
93 $user->login();
94
95
96
97 $this->response->location = $user->url('profile');
98 $this->response->message = new FormattedString("You are now logged in, please enter your password.");
99
100 return true;
101 }
102 }