LoginModel::loginWithCookie PHP Method

LoginModel Class Documentation Usage Examples Of LoginModel::loginWithCookie Mostrar archivo Open project: panique/huge

loginWithCookie() public static method

performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently) TODO add throttling here ?
public static loginWithCookie ( $cookie ) : boolean
$cookie string The cookie "remember_me"
return boolean success state 
    public static function loginWithCookie($cookie)
    {
        // do we have a cookie ?
        if (!$cookie) {
            Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
            return false;
        }
        // before list(), check it can be split into 3 strings.
        if (count(explode(':', $cookie)) !== 3) {
            Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
            return false;
        }
        // check cookie's contents, check if cookie contents belong together or token is empty
        list($user_id, $token, $hash) = explode(':', $cookie);
        // decrypt user id
        $user_id = Encryption::decrypt($user_id);
        if ($hash !== hash('sha256', $user_id . ':' . $token) or empty($token) or empty($user_id)) {
            Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
            return false;
        }
        // get data of user that has this id and this token
        $result = UserModel::getUserDataByUserIdAndToken($user_id, $token);
        // if user with that id and exactly that cookie token exists in database
        if ($result) {
            // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true
            self::setSuccessfulLoginIntoSession($result->user_id, $result->user_name, $result->user_email, $result->user_account_type);
            // save timestamp of this login in the database line of that user
            self::saveTimestampOfLoginOfUser($result->user_name);
            // NOTE: we don't set another remember_me-cookie here as the current cookie should always
            // be invalid after a certain amount of time, so the user has to login with username/password
            // again from time to time. This is good and safe ! ;)
            Session::add('feedback_positive', Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL'));
            return true;
        } else {
            Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
            return false;
        }
    }

Usage Example

Ejemplo n.º 1
0
 public static function initialize()
 {
     if (self::$initialized) {
         return;
     }
     self::$initialized = true;
     try {
         // Initialize local session
         Session::init();
         if (!empty($_GET['logout'])) {
             self::destroy();
             Session::init();
         }
         if (!Session::userIsLoggedIn() && Request::cookie('remember_me')) {
             if (!LoginModel::loginWithCookie(Request::cookie('remember_me'))) {
                 LoginModel::deleteCookie();
             }
         }
         $currentUrl = $_SERVER['REQUEST_URI'];
         $end = strpos($currentUrl, '?');
         if ($end === false) {
             $end = strpos($currentUrl, '#');
         }
         if ($end !== false) {
             $currentUrl = substr($currentUrl, 0, $end);
         }
         // Initialize Facebook session
         /*self::$facebookSession = new FacebookSessionWrapper(
             Tools::getBaseUrl() . $currentUrl,
             Tools::getBaseUrl() . '/logout/'
           );*/
     } catch (\Exception $ex) {
     }
 }
All Usage Examples Of LoginModel::loginWithCookie
LoginModel
deleteCookie
incrementFailedLoginCounterOfUser
incrementUserNotFoundCounter
isUserLoggedIn
login
loginWithCookie
logout
resetFailedLoginCounterOfUser
resetUserNotFoundCounter
saveTimestampOfLoginOfUser
setRememberMeInDatabaseAndCookie
setSuccessfulLoginIntoSession
validateAndGetUser