2007-09-14 05:12:21 +02:00
|
|
|
<?php
|
|
|
|
|
2007-09-14 21:10:18 +02:00
|
|
|
/**
|
2008-01-08 07:37:50 +01:00
|
|
|
* @package sapphire
|
|
|
|
* @subpackage security
|
2007-09-14 21:10:18 +02:00
|
|
|
* @author Markus Lanthaler <markus@silverstripe.com>
|
|
|
|
*/
|
|
|
|
|
2007-09-14 05:12:21 +02:00
|
|
|
/**
|
|
|
|
* Authenticator for the default "member" method
|
|
|
|
*
|
|
|
|
* @author Markus Lanthaler <markus@silverstripe.com>
|
2008-01-09 05:18:36 +01:00
|
|
|
* @package sapphire
|
|
|
|
* @subpackage security
|
2007-09-14 05:12:21 +02:00
|
|
|
*/
|
|
|
|
class MemberAuthenticator extends Authenticator {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Method to authenticate an user
|
|
|
|
*
|
|
|
|
* @param array $RAW_data Raw data to authenticate the user
|
2007-09-14 21:10:18 +02:00
|
|
|
* @param Form $form Optional: If passed, better error messages can be
|
|
|
|
* produced by using
|
|
|
|
* {@link Form::sessionMessage()}
|
2007-09-14 05:12:21 +02:00
|
|
|
* @return bool|Member Returns FALSE if authentication fails, otherwise
|
|
|
|
* the member object
|
2007-10-03 00:18:45 +02:00
|
|
|
* @see Security::setDefaultAdmin()
|
2007-09-14 05:12:21 +02:00
|
|
|
*/
|
2008-04-09 12:06:35 +02:00
|
|
|
public static function authenticate($RAW_data, Form $form = null) {
|
2007-09-14 05:12:21 +02:00
|
|
|
$SQL_user = Convert::raw2sql($RAW_data['Email']);
|
|
|
|
|
2007-10-03 00:18:45 +02:00
|
|
|
// Default login (see Security::setDefaultAdmin())
|
2007-09-27 23:13:59 +02:00
|
|
|
if(Security::check_default_admin($RAW_data['Email'], $RAW_data['Password'])) {
|
2007-09-16 19:39:41 +02:00
|
|
|
$member = Security::findAnAdministrator();
|
|
|
|
} else {
|
|
|
|
$member = DataObject::get_one("Member", "Email = '$SQL_user' AND Password IS NOT NULL");
|
2007-10-03 00:18:45 +02:00
|
|
|
if($member && ($member->checkPassword($RAW_data['Password']) == false)) {
|
|
|
|
$member = null;
|
|
|
|
}
|
2007-09-16 19:39:41 +02:00
|
|
|
}
|
2007-09-14 05:12:21 +02:00
|
|
|
|
|
|
|
if($member) {
|
2007-10-25 04:47:45 +02:00
|
|
|
Session::clear("BackURL");
|
2007-09-14 21:10:18 +02:00
|
|
|
} else if(!is_null($form)) {
|
2007-10-25 04:47:45 +02:00
|
|
|
$form->sessionMessage(
|
|
|
|
_t('Member.ERRORWRONGCRED', "That doesn't seem to be the right e-mail address or password. Please try again."),
|
|
|
|
"bad"
|
|
|
|
);
|
2007-09-14 05:12:21 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return $member;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Method that creates the login form for this authentication method
|
|
|
|
*
|
2007-09-14 21:10:18 +02:00
|
|
|
* @param Controller The parent controller, necessary to create the
|
|
|
|
* appropriate form action tag
|
2007-09-14 05:12:21 +02:00
|
|
|
* @return Form Returns the login form to use with this authentication
|
|
|
|
* method
|
|
|
|
*/
|
2007-09-16 02:44:30 +02:00
|
|
|
public static function get_login_form(Controller $controller) {
|
2007-09-14 21:10:18 +02:00
|
|
|
return Object::create("MemberLoginForm", $controller, "LoginForm");
|
2007-09-14 05:12:21 +02:00
|
|
|
}
|
2007-09-14 21:13:12 +02:00
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the name of the authentication method
|
|
|
|
*
|
|
|
|
* @return string Returns the name of the authentication method.
|
|
|
|
*/
|
2007-09-16 02:44:30 +02:00
|
|
|
public static function get_name() {
|
2007-10-25 04:47:45 +02:00
|
|
|
return _t('MemberAuthenticator.TITLE', "E-mail & Password");
|
2007-09-14 21:13:12 +02:00
|
|
|
}
|
2007-09-14 05:12:21 +02:00
|
|
|
}
|
|
|
|
|
2007-09-16 02:44:30 +02:00
|
|
|
|
2007-09-14 05:12:21 +02:00
|
|
|
?>
|