eZ publish: ezuserloginhandler.php Source File

00001 <?php
00002 //
00003 // Definition of eZUserLoginHandler class
00004 //
00005 // Created on: <24-Jul-2003 15:11:57 wy>
00006 //
00007 // ## BEGIN COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00008 // SOFTWARE NAME: eZ publish
00009 // SOFTWARE RELEASE: 3.9.x
00010 // COPYRIGHT NOTICE: Copyright (C) 1999-2006 eZ systems AS
00011 // SOFTWARE LICENSE: GNU General Public License v2.0
00012 // NOTICE: >
00013 //   This program is free software; you can redistribute it and/or
00014 //   modify it under the terms of version 2.0  of the GNU General
00015 //   Public License as published by the Free Software Foundation.
00016 //
00017 //   This program is distributed in the hope that it will be useful,
00018 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 //   GNU General Public License for more details.
00021 //
00022 //   You should have received a copy of version 2.0 of the GNU General
00023 //   Public License along with this program; if not, write to the Free
00024 //   Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
00025 //   MA 02110-1301, USA.
00026 //
00027 //
00028 // ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00029 //
00030 
00031 /*! \file ezuserloginhandler.php
00032 */
00033 
00034 /*!
00035   \class eZUserLoginHandler ezuserloginhandler.php
00036   \ingroup eZDatatype
00037   \brief The class eZUserLoginHandler does
00038 
00039 */
00040 
00041 define( 'EZ_LOGIN_HANDLER_AVAILABLE_ARRAY' , 'eZLoginHandlerAvailbleArray' ); // stores untested login handlers for login
00042 define( 'EZ_LOGIN_HANDLER_STEP', 'eZLoginHandlerStep' );
00043 define( 'EZ_LOGIN_HANDLER_USER_INFO', 'eZLoginHandlerUserInfo' );
00044 define( 'EZ_LOGIN_HANDLER_LAST_CHECK_REDIRECT', 'eZLoginHandlerLastCheckRedirect' );
00045 define( 'EZ_LOGIN_HANDLER_FORCE_LOGIN', 'eZLoginHandlerForceLogin' );
00046 define( 'EZ_LOGIN_HANDLER_LAST_HANDLER_NAME', 'eZLoginHandlerLastHandlerName' );
00047 
00048 define( 'EZ_LOGIN_HANDLER_STEP_PRE_CHECK_USER_INFO', 0 );
00049 define( 'EZ_LOGIN_HANDLER_STEP_PRE_COLLECT_USER_INFO', 1 );
00050 define( 'EZ_LOGIN_HANDLER_STEP_POST_COLLECT_USER_INFO', 2 );
00051 define( 'EZ_LOGIN_HANDLER_STEP_CHECK_USER', 3 );
00052 define( 'EZ_LOGIN_HANDLER_STEP_LOGIN_USER', 4 );
00053 
00054 class eZUserLoginHandler
00055 {
00056     /*!
00057      Constructor
00058     */
00059     function eZUserLoginHandler()
00060     {
00061     }
00062 
00063     /*!
00064      \static
00065      Clean up session variables used by the login procedure.
00066     */
00067     function sessionCleanup()
00068     {
00069         $http =& eZHTTPTool::instance();
00070 
00071         $valueList = array( EZ_LOGIN_HANDLER_AVAILABLE_ARRAY,
00072                             EZ_LOGIN_HANDLER_STEP,
00073                             EZ_LOGIN_HANDLER_USER_INFO,
00074                             EZ_LOGIN_HANDLER_LAST_CHECK_REDIRECT,
00075                             EZ_LOGIN_HANDLER_FORCE_LOGIN );
00076 
00077         foreach ( $valueList as $value )
00078         {
00079             if ( $http->hasSessionVariable( $value ) )
00080             {
00081                 $http->removeSessionVariable( $value );
00082             }
00083         }
00084 
00085         $ini =& eZINI::instance();
00086         $handlerList = array( 'standard' );
00087         if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) )
00088         {
00089             $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' );
00090         }
00091 
00092         foreach( $handlerList as $handler )
00093         {
00094             $loginHandler =& eZUserLoginHandler::instance( $handler );
00095             if ( $loginHandler )
00096             {
00097                 $loginHandler->sessionCleanup();
00098             }
00099         }
00100     }
00101 
00102     /*!
00103      Fetch object instance of specified login handler.
00104 
00105      \param login handler name
00106 
00107      \return Login handler object
00108      */
00109     function &instance( $protocol = "standard" )
00110     {
00111         $triedFiles = array();
00112         if ( $protocol == "standard" )
00113         {
00114             include_once( 'kernel/classes/datatypes/ezuser/ezuser.php' );
00115             $impl = new eZUser( 0 );
00116             return $impl;
00117         }
00118         else
00119         {
00120             $ezuserFile = 'kernel/classes/datatypes/ezuser/ez' . strtolower( $protocol ) . 'user.php';
00121             $triedFiles[] = $ezuserFile;
00122             if ( file_exists( $ezuserFile ) )
00123             {
00124                 include_once( $ezuserFile );
00125                 $className = 'eZ' . $protocol . 'User';
00126                 $impl = new $className();
00127                 return $impl;
00128             }
00129             else // check in extensions
00130             {
00131                 include_once( 'lib/ezutils/classes/ezextension.php' );
00132                 $ini =& eZINI::instance();
00133                 $extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' );
00134                 $directoryList = eZExtension::expandedPathList( $extensionDirectories, 'login_handler' );
00135 
00136                 foreach( $directoryList as $directory )
00137                 {
00138                     $userFile = $directory . '/ez' . strtolower( $protocol ) . 'user.php';
00139                     $triedFiles[] = $userFile;
00140 
00141                     if ( file_exists( $userFile ) )
00142                     {
00143                         include_once( $userFile );
00144                         $className = 'eZ' . $protocol . 'User';
00145                         $impl = new $className();
00146                         return $impl;
00147                     }
00148                 }
00149             }
00150         }
00151         // if no one appropriate instance was found
00152         eZDebug::writeWarning( "Unable to find user login handler '$protocol', searched for these files: " . implode( ', ', $triedFiles ), 'eZUserLoginHandler::instance()' );
00153         $impl = null;
00154         return $impl;
00155     }
00156 
00157     /*!
00158      \static
00159      Check user redirection for current loginhandler.
00160 
00161      \param siteBasics
00162      \param possible redirect url
00163      \param login handler, standard by default. If set to false, handler type will be fetched from ini settings.
00164 
00165      \return  true if user is logged in successfully.
00166               null or false if failed.
00167               redirect specification, array ( module, view ).
00168     */
00169     function checkUser( &$siteBasics, &$url )
00170     {
00171         $http =& eZHTTPTool::instance();
00172 
00173         if ( !$http->hasSessionVariable( EZ_LOGIN_HANDLER_STEP ) )
00174         {
00175             $http->setSessionVariable( EZ_LOGIN_HANDLER_STEP, EZ_LOGIN_HANDLER_STEP_PRE_CHECK_USER_INFO );
00176         }
00177 
00178         $loginStep =& $http->sessionVariable( EZ_LOGIN_HANDLER_STEP );
00179 
00180         if ( $http->hasSessionVariable( EZ_LOGIN_HANDLER_FORCE_LOGIN ) &&
00181              $loginStep < EZ_LOGIN_HANDLER_STEP_PRE_COLLECT_USER_INFO )
00182         {
00183             $loginStep = EZ_LOGIN_HANDLER_STEP_PRE_COLLECT_USER_INFO;
00184         }
00185 
00186         switch( $loginStep )
00187         {
00188             case EZ_LOGIN_HANDLER_STEP_PRE_CHECK_USER_INFO:
00189             {
00190                 $ini =& eZINI::instance();
00191                 $handlerList = array( 'standard' );
00192                 if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) )
00193                 {
00194                     $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' );
00195                 }
00196 
00197                 if ( $http->hasSessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME ) )
00198                 {
00199                     $http->removeSessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME );
00200                 }
00201 
00202                 foreach( $handlerList as $handler )
00203                 {
00204                     $userObject =& eZUserLoginHandler::instance( $handler );
00205                     if ( $userObject )
00206                     {
00207                         $check = $userObject->checkUser( $siteBasics, $url );
00208                         if ( $check === null ) // No login needed.
00209                         {
00210                             eZUserLoginHandler::sessionCleanup();
00211                             return null;
00212                         }
00213                         $http->setSessionVariable( EZ_LOGIN_HANDLER_LAST_CHECK_REDIRECT, $check );
00214                         $http->setSessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME, $handler );
00215                     }
00216                 }
00217 
00218                 $http->setSessionVariable( EZ_LOGIN_HANDLER_STEP, EZ_LOGIN_HANDLER_STEP_PRE_COLLECT_USER_INFO );
00219                 return eZUserLoginHandler::checkUser( $siteBasics, $url );
00220             } break;
00221 
00222             case EZ_LOGIN_HANDLER_STEP_PRE_COLLECT_USER_INFO:
00223             {
00224                 $http->setSessionVariable( EZ_LOGIN_HANDLER_STEP, EZ_LOGIN_HANDLER_STEP_POST_COLLECT_USER_INFO );
00225 
00226                 $handler = null;
00227                 if ( $http->hasSessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME ) )
00228                 {
00229                     $handlerName =& $http->sessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME );
00230                     $handler =& eZUserLoginHandler::instance( $handlerName );
00231                 }
00232                 if ( $handler )
00233                 {
00234                     return $handler->preCollectUserInfo();
00235                 }
00236                 else
00237                 {
00238                     $redirect =& $http->sessionVariable( EZ_LOGIN_HANDLER_LAST_CHECK_REDIRECT );
00239                     if ( !$redirect )
00240                     {
00241                         $redirect = array( 'module' => 'user', 'function' => 'login' );
00242                     }
00243                     return $redirect;
00244                 }
00245             } break;
00246 
00247             case EZ_LOGIN_HANDLER_STEP_POST_COLLECT_USER_INFO:
00248             {
00249                 $http->setSessionVariable( EZ_LOGIN_HANDLER_STEP, EZ_LOGIN_HANDLER_STEP_LOGIN_USER );
00250 
00251                 $handler = null;
00252                 if ( $http->hasSessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME ) )
00253                 {
00254                     $handlerName =& $http->sessionVariable( EZ_LOGIN_HANDLER_LAST_HANDLER_NAME );
00255                     $handler =& eZUserLoginHandler::instance( $handlerName );
00256                 }
00257 
00258                 if ( $handler ) //and $handlerName != 'standard' )
00259                 {
00260                     // Use specified login handler to handle Login info input
00261                     if ( !$handler->postCollectUserInfo() ) // Catch cancel of information collection
00262                     {
00263                         eZUserLoginHandler::sessionCleanup();
00264                         eZHTTPTool::redirect( '/' );
00265                         eZExecution::cleanExit();
00266                     }
00267                 }
00268                 return eZUserLoginHandler::checkUser( $siteBasics, $url );
00269             } break;
00270 
00271             case EZ_LOGIN_HANDLER_STEP_LOGIN_USER:
00272             {
00273                 $ini =& eZINI::instance();
00274                 $handlerList = array( 'standard' );
00275                 if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) )
00276                 {
00277                     $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' );
00278                 }
00279 
00280                 $userInfoArray =& $http->sessionVariable( EZ_LOGIN_HANDLER_USER_INFO );
00281                 $http->removeSessionVariable( EZ_LOGIN_HANDLER_USER_INFO );
00282 
00283                 if ( $http->hasSessionVariable( EZ_LOGIN_HANDLER_FORCE_LOGIN ) )
00284                 {
00285                     $http->removeSessionVariable( EZ_LOGIN_HANDLER_FORCE_LOGIN );
00286                 }
00287 
00288                 $user = null;
00289                 if ( is_array( $userInfoArray ) and $userInfoArray['login'] and $userInfoArray['password'] )
00290                 {
00291                     foreach( $handlerList as $handler )
00292                     {
00293                         $userObject =& eZUserLoginHandler::instance( $handler );
00294                         if ( $userObject )
00295                         {
00296                             $user =& $userObject->loginUser( $userInfoArray['login'], $userInfoArray['password'] );
00297                             if ( is_subclass_of( $user, 'eZUser' ) )
00298                             {
00299                                 eZUserLoginHandler::sessionCleanup();
00300                                 return null;
00301                             }
00302                             else if ( is_array( $user ) )
00303                             {
00304                                 eZUserLoginHandler::sessionCleanup();
00305                                 return $user;
00306                             }
00307                         }
00308                     }
00309                 }
00310 
00311                 $http->setSessionVariable( EZ_LOGIN_HANDLER_STEP, EZ_LOGIN_HANDLER_STEP_PRE_CHECK_USER_INFO );
00312                 return eZUserLoginHandler::checkUser( $siteBasics, $url );
00313             } break;
00314         }
00315     }
00316 
00317     /*!
00318      Set session variable to force login
00319     */
00320     function forceLogin()
00321     {
00322         $http =& eZHTTPTool::instance();
00323         $http->setSessionVariable( EZ_LOGIN_HANDLER_FORCE_LOGIN, 1 );
00324     }
00325 }
00326 
00327 ?>