mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
182 lines
5.1 KiB
PHP
182 lines
5.1 KiB
PHP
<?php
|
|
|
|
namespace SilverStripe\Security;
|
|
|
|
use Controller;
|
|
use FieldList;
|
|
use HiddenField;
|
|
use PasswordField;
|
|
use LiteralField;
|
|
use CheckboxField;
|
|
use FormAction;
|
|
use Session;
|
|
use Convert;
|
|
use SS_HTTPResponse;
|
|
|
|
|
|
/**
|
|
* Provides the in-cms session re-authentication form for the "member" authenticator
|
|
*
|
|
* @package framework
|
|
* @subpackage security
|
|
*/
|
|
class CMSMemberLoginForm extends LoginForm {
|
|
|
|
protected $authenticator_class = 'SilverStripe\\Security\\MemberAuthenticator';
|
|
|
|
/**
|
|
* Get link to use for external security actions
|
|
*
|
|
* @param string $action Action
|
|
* @return string
|
|
*/
|
|
public function getExternalLink($action = null) {
|
|
return Security::create()->Link($action);
|
|
}
|
|
|
|
public function __construct(Controller $controller, $name) {
|
|
// Set default fields
|
|
$fields = new FieldList(
|
|
HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this),
|
|
HiddenField::create('tempid', null, $controller->getRequest()->requestVar('tempid')),
|
|
PasswordField::create("Password", _t('Member.PASSWORD', 'Password')),
|
|
LiteralField::create(
|
|
'forgotPassword',
|
|
sprintf(
|
|
'<p id="ForgotPassword"><a href="%s" target="_top">%s</a></p>',
|
|
$this->getExternalLink('lostpassword'),
|
|
_t('CMSMemberLoginForm.BUTTONFORGOTPASSWORD', "Forgot password?")
|
|
)
|
|
)
|
|
);
|
|
|
|
if(Security::config()->autologin_enabled) {
|
|
$fields->push(new CheckboxField(
|
|
"Remember",
|
|
_t('Member.REMEMBERME', "Remember me next time?")
|
|
));
|
|
}
|
|
|
|
// Determine returnurl to redirect to parent page
|
|
$logoutLink = $this->getExternalLink('logout');
|
|
if($returnURL = $controller->getRequest()->requestVar('BackURL')) {
|
|
$logoutLink = Controller::join_links($logoutLink, '?BackURL='.urlencode($returnURL));
|
|
}
|
|
|
|
// Make actions
|
|
$actions = new FieldList(
|
|
FormAction::create('dologin', _t('CMSMemberLoginForm.BUTTONLOGIN', "Log back in")),
|
|
LiteralField::create(
|
|
'doLogout',
|
|
sprintf(
|
|
'<p id="doLogout"><a href="%s" target="_top">%s</a></p>',
|
|
$logoutLink,
|
|
_t('CMSMemberLoginForm.BUTTONLOGOUT', "Log out")
|
|
)
|
|
)
|
|
);
|
|
|
|
parent::__construct($controller, $name, $fields, $actions);
|
|
}
|
|
|
|
/**
|
|
* Try to authenticate the user
|
|
*
|
|
* @param array $data Submitted data
|
|
* @return Member Returns the member object on successful authentication
|
|
* or NULL on failure.
|
|
*/
|
|
public function performLogin($data) {
|
|
$authenticator = $this->authenticator_class;
|
|
$member = $authenticator::authenticate($data, $this);
|
|
if($member) {
|
|
$member->LogIn(isset($data['Remember']));
|
|
return $member;
|
|
}
|
|
|
|
$this->extend('authenticationFailed', $data);
|
|
}
|
|
|
|
/**
|
|
* Login form handler method
|
|
*
|
|
* This method is called when the user clicks on "Log in"
|
|
*
|
|
* @param array $data Submitted data
|
|
* @return \SS_HTTPResponse
|
|
*/
|
|
public function dologin($data) {
|
|
if($this->performLogin($data)) {
|
|
$this->logInUserAndRedirect($data);
|
|
} else {
|
|
// Find best url to redirect back to
|
|
$request = $this->controller->getRequest();
|
|
$url = $request->getHeader('X-Backurl')
|
|
?: $request->getHeader('Referer')
|
|
?: $this->controller->Link('login');
|
|
return $this->controller->redirect($url);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Redirect the user to the change password form.
|
|
*
|
|
* @return SS_HTTPResponse
|
|
*/
|
|
protected function redirectToChangePassword() {
|
|
// Since this form is loaded via an iframe, this redirect must be performed via javascript
|
|
$changePasswordForm = new ChangePasswordForm($this->controller, 'SilverStripe\\Security\\ChangePasswordForm');
|
|
$changePasswordForm->sessionMessage(
|
|
_t('Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'),
|
|
'good'
|
|
);
|
|
|
|
// Get redirect url
|
|
$changePasswordURL = $this->getExternalLink('changepassword');
|
|
if($backURL = $this->controller->getRequest()->requestVar('BackURL')) {
|
|
Session::set('BackURL', $backURL);
|
|
$changePasswordURL = Controller::join_links($changePasswordURL,'?BackURL=' . urlencode($backURL));
|
|
}
|
|
$changePasswordURLATT = Convert::raw2att($changePasswordURL);
|
|
$changePasswordURLJS = Convert::raw2js($changePasswordURL);
|
|
$message = _t(
|
|
'CMSMemberLoginForm.PASSWORDEXPIRED',
|
|
'<p>Your password has expired. <a target="_top" href="{link}">Please choose a new one.</a></p>',
|
|
'Message displayed to user if their session cannot be restored',
|
|
array('link' => $changePasswordURLATT)
|
|
);
|
|
|
|
// Redirect to change password page
|
|
$this->controller->getResponse()->setStatusCode(200);
|
|
$this->controller->getResponse()->setBody(<<<PHP
|
|
<!DOCTYPE html>
|
|
<html><body>
|
|
$message
|
|
<script type="application/javascript">
|
|
setTimeout(function(){top.location.href = "$changePasswordURLJS";}, 0);
|
|
</script>
|
|
</body></html>
|
|
PHP
|
|
);
|
|
return $this->controller->getResponse();
|
|
}
|
|
|
|
/**
|
|
* Send user to the right location after login
|
|
*
|
|
* @param array $data
|
|
* @return SS_HTTPResponse
|
|
*/
|
|
protected function logInUserAndRedirect($data) {
|
|
// Check password expiry
|
|
if(Member::currentUser()->isPasswordExpired()) {
|
|
// Redirect the user to the external password change form if necessary
|
|
return $this->redirectToChangePassword();
|
|
} else {
|
|
// Link to success template
|
|
$url = $this->controller->Link('success');
|
|
return $this->controller->redirect($url);
|
|
}
|
|
}
|
|
}
|