File vendor/icanboogie-modules/users.noncelogin/lib/operations/nonce-login.php

  1 <?php
  2 
  3 /*
  4  * This file is part of the Icybee package.
  5  *
  6  * (c) Olivier Laviale <olivier.laviale@gmail.com>
  7  *
  8  * For the full copyright and license information, please view the LICENSE
  9  * file that was distributed with this source code.
 10  */
 11 
 12 namespace Icybee\Modules\Users\NonceLogin;
 13 
 14 use ICanBoogie\ActiveRecord\RecordNotFound;
 15 use ICanBoogie\DateTime;
 16 use ICanBoogie\I18n\FormattedString;
 17 use ICanBoogie\PermissionRequired;
 18 
 19 /**
 20  * The "nonce-login" operation is used to login a user using a one time, time limited pass created
 21  * by the "nonce-request" operation.
 22  */
 23 class NonceLoginOperation extends \ICanBoogie\Operation
 24 {
 25     private $ticket;
 26 
 27     protected function get_ticket()
 28     {
 29         return $this->ticket;
 30     }
 31 
 32     protected function validate(\ICanboogie\Errors $errors)
 33     {
 34         global $core;
 35 
 36         $request = $this->request;
 37         $token = $request['token'];
 38 
 39         if (!$token)
 40         {
 41             $errors['token'] = $errors->format("The nonce login Token is required.");
 42 
 43             return false;
 44         }
 45 
 46         $this->ticket = $ticket = $core->models['users.noncelogin']->filter_by_token($token)->one;
 47 
 48         if (!$ticket)
 49         {
 50             $errors['token'] = $errors->format("Unknown token.");
 51 
 52             return false;
 53         }
 54 
 55         if ($ticket->expire_at < DateTime::now())
 56         {
 57             $errors['expire_at'] = $errors->format("This nonce login ticket has expired at :date.", array(':date' => $ticket->expire_at->local->as_db));
 58 
 59             return false;
 60         }
 61 
 62         if ($ticket->ip != $request->ip)
 63         {
 64             $errors['ip'] = $errors->format("The IP address doesn't match the one of the initial request.");
 65 
 66             return false;
 67         }
 68 
 69         try
 70         {
 71             $ticket->user;
 72         }
 73         catch (RecordNotFound $e)
 74         {
 75             $errors['uid'] = $errors->format("The user associated with this nonce login no longer exists.");
 76 
 77             return false;
 78         }
 79 
 80         return true;
 81     }
 82 
 83     protected function process()
 84     {
 85         global $core;
 86 
 87         $ticket = $this->ticket;
 88         $user = $ticket->user;
 89 
 90         $ticket->delete();
 91 //      $core->models['users.noncelogin']->filter_by_uid($user->uid)->delete();
 92 
 93         $user->login();
 94 
 95 //      \ICanBoogie\log_info("You are now logged in, please enter your password.");
 96 
 97         $this->response->location = $user->url('profile');
 98         $this->response->message = new FormattedString("You are now logged in, please enter your password.");
 99 
100         return true;
101     }
102 }
Namespaces

Classes
