File modules/cms/action/LoginAction.class.php
Last commit: Fri Apr 15 14:51:22 2022 +0200 dankert Refactoring: User,Config and Database info is now stored in the Request, because so there is no session required for clients which are using Basic Authorization.
1 <?php 2 3 namespace cms\action; 4 5 6 use cms\base\Configuration; 7 use configuration\Config; 8 use util\Session; 9 10 11 // OpenRat Content Management System 12 // Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de 13 // 14 // This program is free software; you can redistribute it and/or 15 // modify it under the terms of the GNU General Public License 16 // as published by the Free Software Foundation; version 2. 17 // 18 // This program is distributed in the hope that it will be useful, 19 // but WITHOUT ANY WARRANTY; without even the implied warranty of 20 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 // GNU General Public License for more details. 22 // 23 // You should have received a copy of the GNU General Public License 24 // along with this program; if not, write to the Free Software 25 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 26 27 28 /** 29 * Action-Klasse fuer die Start-Action 30 * @author $Author$ 31 * @version $Revision$ 32 * @package openrat.actions 33 */ 34 35 class LoginAction extends BaseAction 36 { 37 public function __construct() 38 { 39 parent::__construct(); 40 } 41 42 43 44 /** 45 * get all enabled databases. 46 * @return Config[] 47 */ 48 protected function getAllEnabledDatabases() { 49 50 return array_filter( Configuration::subset('database')->subsets(), function($dbConfig) { 51 return $dbConfig->is('enabled',true); 52 }); 53 54 } 55 56 57 /** 58 * Gets a list of all databases. 59 * @return string[] list of databases. 60 */ 61 protected function getSelectableDatabases() { 62 63 return array_map( function($dbconf) { 64 // Getting the first not-null information about the connection. 65 return array_values(array_filter( array( 66 $dbconf->get('description'), 67 $dbconf->get('label' ), 68 $dbconf->get('name' ), 69 $dbconf->get('host' ), 70 $dbconf->get('driver'), 71 $dbconf->get('type' ), 72 'unknown')))[0]; 73 74 }, $this->getAllEnabledDatabases() ); 75 76 } 77 78 79 80 81 82 /** 83 * Erzeugt eine Anwendungsliste. 84 * TODO: unused at the moment 85 * @deprecated 86 */ 87 function applications() 88 { 89 $conf = Configuration::rawConfig(); 90 91 // Diese Seite gilt pro Sitzung. 92 $user = $this->currentUser; 93 $userGroups = $user->getGroups(); 94 $this->lastModified( $user->loginDate ); 95 96 // Applikationen ermitteln 97 $list = array(); 98 foreach( $conf['applications'] as $id=>$app ) 99 { 100 if ( !is_array($app) ) 101 continue; 102 103 if ( isset($app['group']) ) 104 if ( !in_array($app['group'],$userGroups) ) 105 continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. 106 107 $p = array(); 108 $p['url'] = $app['url']; 109 $p['description'] = @$app['description']; 110 if ( isset($app['param']) ) 111 { 112 $p['url'] .= strpos($p['url'],'?')!==false?'&':'?'; 113 $p['url'] .= $app['param'].'='.session_id(); 114 } 115 $p['name'] = $app['name']; 116 117 $list[] = $p; 118 } 119 120 121 $this->setTemplateVar('applications',$list); 122 } 123 124 125 /** 126 * Erzeugt eine neue Sitzung. 127 */ 128 protected function recreateSession() 129 { 130 131 session_regenerate_id(true); 132 } 133 134 135 public function checkAccess() { 136 return true; 137 } 138 } 139 140
Downloadmodules/cms/action/LoginAction.class.php
History Fri, 15 Apr 2022 14:51:22 +0200 dankert Refactoring: User,Config and Database info is now stored in the Request, because so there is no session required for clients which are using Basic Authorization. Mon, 7 Feb 2022 21:44:42 +0100 dankert New: Authenticate API users with the HTTP authorization header. Wed, 27 Oct 2021 02:27:59 +0200 Jan Dankert Refactoring: Splitted the mail client into a.) sendmail and b.) smtp. Sun, 14 Mar 2021 22:29:56 +0100 Jan Dankert Refactoring: Clearer access check. Mon, 30 Nov 2020 09:57:36 +0100 Jan Dankert Fix: aborting transaction before changing the database connection; Refactoring: Cleanup databases Fri, 20 Nov 2020 10:47:38 +0100 Jan Dankert Fix: Do not throw an error if the connections 'description' is empty. Thu, 19 Nov 2020 23:25:29 +0100 Jan Dankert Fix: Calculation of enabled databases was totally broken. Thu, 19 Nov 2020 14:49:58 +0100 Jan Dankert Fix: Action::addNotice() is replaced by Action::addNoticeFor() Wed, 18 Nov 2020 00:18:10 +0100 Jan Dankert Refactoring Part 2: Removing all unnecessary methods in the action base classes. Tue, 17 Nov 2020 23:51:00 +0100 Jan Dankert Refactoring: Every Actionmethod has now its own class. Mon, 16 Nov 2020 13:21:57 +0100 Jan Dankert Code cleanup: Externalize calling the auth modules. Thu, 12 Nov 2020 02:03:32 +0100 Jan Dankert Fixing registering a new user; Fixing forgotten password Sun, 1 Nov 2020 22:27:37 +0100 Jan Dankert Refactoring: The active menu entrys are now controlled by the action class; The user switch function is now available as a menu entry. Sun, 1 Nov 2020 03:08:55 +0100 Jan Dankert Replaced the calls to "Configuration::rawConfig()" with the OO style calls; Cleanup LoginAction. Sun, 1 Nov 2020 00:36:50 +0100 Jan Dankert Refactoring: Only using the configuration object. Sat, 31 Oct 2020 13:54:19 +0100 Jan Dankert Cleanup: Use constants for session keys. Sat, 31 Oct 2020 03:52:03 +0100 Jan Dankert Fix: Better detection if password change is possbile. Sat, 31 Oct 2020 03:48:03 +0100 Jan Dankert Some bad fixes for OIDC to work properly. Sat, 31 Oct 2020 00:55:00 +0100 Jan Dankert Fix: OpenId-Connect-Buttons must be clickable; Fixed OpenId-Connect configuration. Sat, 31 Oct 2020 00:43:29 +0100 Jan Dankert New: Support for OpenId Connect; Removed: Support for LDAP. Mon, 26 Oct 2020 22:21:42 +0100 Jan Dankert Refactoring: Using TextMessage for creating Messages with user content. Fri, 23 Oct 2020 23:09:52 +0200 Jan Dankert Refactoring: Using the new config classes. Tue, 20 Oct 2020 22:10:15 +0200 Jan Dankert New form layout. Fri, 2 Oct 2020 23:11:48 +0200 Jan Dankert Cleanup: No '.inputholder' any more, notices with links to objects. Tue, 29 Sep 2020 22:17:11 +0200 Jan Dankert Refactoring: Do not use global constants. Tue, 29 Sep 2020 21:34:01 +0200 Jan Dankert Refactoring: Do not use global constants. Sat, 26 Sep 2020 13:11:23 +0200 Jan Dankert Refactoring: No global variables any more. All constants are capsulated by classes. Sat, 26 Sep 2020 12:20:43 +0200 Jan Dankert Refactoring: No global variables like $SESS any more. All constants are capsulated by classes. Sat, 26 Sep 2020 10:32:02 +0200 Jan Dankert Refactoring: No global $conf array any more. Sat, 26 Sep 2020 04:26:55 +0200 Jan Dankert Refactoring: read configuration values with a class. Sat, 26 Sep 2020 04:03:53 +0200 Jan Dankert Refactoring: read language keys with a class. Sat, 26 Sep 2020 03:03:47 +0200 Jan Dankert Refactoring: less global functions. Sat, 26 Sep 2020 02:26:39 +0200 Jan Dankert Refactoring: No global functions any more, the database object is read from the Db class. Sat, 29 Aug 2020 03:23:06 +0200 Jan Dankert Refactoring: Improved Exception-Handling; New: Generating pages using a page context which considers page aliases. Tue, 25 Aug 2020 20:53:15 +0200 Jan Dankert Cleanup: Remove unused parameter. Tue, 18 Aug 2020 23:27:37 +0200 Jan Dankert Security: Sanitize user input while logging (no logfile injection with potentially dangerous data) Mon, 18 May 2020 00:09:53 +0200 Jan Dankert Fix: Supporting 'greaterthan' in IF-components. Mon, 24 Feb 2020 22:56:44 +0100 Jan Dankert Fix: Need for Namespaces while accessing the Auth classes. Sun, 23 Feb 2020 04:49:34 +0100 Jan Dankert Refactoring with Namespaces for the cms modules, part 2. Sun, 23 Feb 2020 04:01:30 +0100 Jan Dankert Refactoring with Namespaces for the cms modules, part 1: moving.