Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace app\components;
- /**
- * UserIdentity represents the data needed to identity a user.
- * It contains the authentication method that checks if the provided
- * data can identity the user.
- */
- use yii\base\Exception;
- use yii\web\HttpException;
- use yii\web\IdentityInterface;
- use Yii;
- class UserIdentity extends \yii\web\User implements \yii\web\IdentityInterface
- //class UserIdentity implements \yii\web\IdentityInterface
- {
- const ERROR_NONE=0;
- const ERROR_USERNAME_INVALID=1;
- const ERROR_PASSWORD_INVALID=2;
- const ERROR_CAN_NOT_VOTE = 3;
- const ERROR_ALREADY_VOTED = 4;
- const ERROR_USERNAME_BANNED = 5;
- const ERROR_USERNAME_DEACTIVATED = 6;
- const ERROR_UNKNOWN_IDENTITY=100;
- private $_id;
- public $id;
- public $username;
- public $errorCode;
- // #REFACTORING# Unused vars below, would need to refactor and use these that are accessed using session[]
- // WARNING, THIS LINE EXISTS IN \yii\web\User and will cause an exception, don't use it here, leaving as reference
- // public $isGuest;
- public $totalVote;
- public $currentVote;
- public $returnUrl;
- function init()
- {
- parent::init();
- // Hacky way of fixing the login problem when ENV != 'debug', by fetching the user_id in the
- // session instead of the user class. No idea why Yii::$app->user->id would return NULL when user is logged
- $this->id = Yii::$app->session->get('id');
- }
- public function setUsername($username)
- {
- $this->username=$username;
- // $this->id=$username;
- // $this->_id=$username;
- }
- // Old obsolete method from Yii1, will just save in the session AND the UserIdentity
- // Unused anywhere at the moment, also failed attempt to fix the ENV login problem in conjuncture with __get()
- public function setState($key, $value)
- {
- // $this->{$key} = $value;
- Yii::$app->session->set($key, $value);
- }
- /* This is a failed attempt to clean up the class and fix the ENV login problem, keeping it jsut in case
- // Get the user identity's value and set it, if we have it
- public function __get($key)
- {
- // if (isset($this->{$key}))
- //// if (property_exists($this, $key))
- // return $this->{$key};
- if (Yii::$app->session->has($key))
- return Yii::$app->session->get($key, '');
- else
- return parent::__get($key);
- // // While we're here, set it in the user identity at the same time
- // $this->{$key} = Yii::$app->session->get($key, '');
- //
- // return $this->{$key};
- }
- //*/
- // This looks like it's never being called
- public function setId($_id)
- {
- $this->_id=$_id;
- $this->id=$_id;
- }
- /**
- * Authenticates a user.
- * The example implementation makes sure if the username and password
- * are both 'demo'.
- * In practical applications, this should be changed to authenticate
- * against some persistent user identity storage (e.g. database).
- * @return boolean whether authentication succeeds.
- */
- public function authenticate()
- {
- $clean=preg_replace('/[^0-9]/','',$this->username);
- // $year=substr($clean,0,4);
- // $month=substr($clean,4,2);
- // $day=substr($clean,6,2);
- //$date=date('Ymd', strtotime($year.'-'.$month.'-'.$day));
- if(!isset($this->username) || $this->username==''){
- $this->errorCode=self::ERROR_USERNAME_INVALID;
- }else if(strlen($clean) < 3){
- // LEss than 7 digits: invalid
- $this->errorCode=self::ERROR_USERNAME_INVALID;
- # }else if($year<1899 || $year>2015){
- # // Member ids look like dates
- # $this->errorCode=self::ERROR_USERNAME_INVALID;
- # }else if($date!=$year.$month.$day){
- # // Member ids look like dates
- # $this->errorCode=self::ERROR_USERNAME_INVALID;
- }else{
- $member=\app\models\Member::find()->where(['matricule'=>$clean])->one();
- if($member){
- if($member->voted){
- $this->errorCode=self::ERROR_ALREADY_VOTED;
- }else if($member::model()->getBlocked($member->id) ){
- if(isset($member->deactivated) && $member->deactivated){
- $this->errorCode=self::ERROR_USERNAME_DEACTIVATED;
- }else{
- $this->errorCode=self::ERROR_USERNAME_BANNED;
- }
- }else{
- $this->_id = $member->id;
- $this->id = $member->id;
- $this->errorCode=self::ERROR_NONE;
- // on peut garder ceci en state
- Yii::$app->session->set('id',$member->id);
- // Yii::$app->user->setState('id',$member->id);
- Yii::$app->session->open(); // Not sure this is needed, or even valid anymore with Yii2
- // session pour les infos secretes qui ne doivent PAS etre stockées cote client
- Yii::$app->session['error_nip']=0;
- Yii::$app->session['error_verif']=0;
- Yii::$app->session['error_vote']=0;
- try {
- Yii::$app->session['nip'] = Yii::$app->getSecurity()->generatePasswordHash($member->nip);
- } catch (Exception $e) {
- // #REFACTORING# Check if this exception will work in case a hash cannot be created
- throw new HttpException(403, Yii::t('vote', 'Failed to get password hash.'));
- }
- // Yii::$app->session['nip']=CPasswordHelper::hashPassword($member->nip);
- // Note: verification was removed. If needed again, check out branch yii1_untouched and port
- // the code to Yii2
- Yii::$app->session['verif_field']=$member->getVerifField();
- Yii::$app->session['verif']=$member->{$member->getVerifField()};
- Yii::$app->session['ok_nip']=false; // Set to false so we can ask for nip next
- Yii::$app->session['ok_verif']=false;
- Yii::$app->session['is_voting']=false;
- Yii::$app->session['code_ul'] = $member->code_ul;
- }
- }else{
- $this->errorCode=self::ERROR_USERNAME_INVALID;
- }
- }
- return !$this->errorCode;
- }
- /**
- * Finds an identity by the given token.
- * @param mixed $token the token to be looked for
- * @param mixed $type the type of the token. The value of this parameter depends on the implementation.
- * For example, [[\yii\filters\auth\HttpBearerAuth]] will set this parameter to be `yii\filters\auth\HttpBearerAuth`.
- * @return IdentityInterface the identity object that matches the given token.
- * Null should be returned if such an identity cannot be found
- * or the identity is not in an active state (disabled, deleted, etc.)
- */
- public static function findIdentityByAccessToken($token, $type = null)
- {
- // Never called
- exit('findIdentityByAccessToken');
- // TODO: Implement findIdentityByAccessToken() method.
- }
- /**
- * Returns an ID that can uniquely identify a user identity.
- * @return string|int an ID that uniquely identifies a user identity.
- */
- public function getId()
- {
- return $this->id;
- // return $this->_id;
- // TODO: Implement getId() method.
- }
- /**
- * Returns a key that can be used to check the validity of a given identity ID.
- *
- * The key should be unique for each individual user, and should be persistent
- * so that it can be used to check the validity of the user identity.
- *
- * The space of such keys should be big enough to defeat potential identity attacks.
- *
- * This is required if [[User::enableAutoLogin]] is enabled.
- * @return string a key that is used to check the validity of a given identity ID.
- * @see validateAuthKey()
- */
- public function getAuthKey()
- {
- // Never called
- exit('getAuthKey');
- // TODO: Implement getAuthKey() method.
- }
- /**
- * Validates the given auth key.
- *
- * This is required if [[User::enableAutoLogin]] is enabled.
- * @param string $authKey the given auth key
- * @return bool whether the given auth key is valid.
- * @see getAuthKey()
- */
- public function validateAuthKey($authKey)
- {
- // Never called
- exit('validateAuthKey');
- // TODO: Implement validateAuthKey() method.
- }
- /**
- * Finds an identity by the given ID.
- * @param string|int $id the ID to be looked for
- * @return IdentityInterface the identity object that matches the given ID.
- * Null should be returned if such an identity cannot be found
- * or the identity is not in an active state (disabled, deleted, etc.)
- */
- public static function findIdentity($id)
- {
- // This was an attempt to make the login work in the beginning. Ugly so I'm commenting this
- // If login stops working, could be because of this
- // Yii::$app->user->id = $id;
- // Yii::$app->user->setId($id);
- return Yii::$app->user;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement