API tools faq
paste
Guest User

Untitled

a guest
Apr 15th, 2018
243
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.36 KB | None | 0 0
raw download clone embed print report
  1. ## app/controllers/components/auth.php
  2. <?php
  3.  
  4. class AuthComponent extends Object
  5. {
  6.  
  7. /* Component config variables */
  8. var $user_model = "User";
  9. var $group_model = "Group";
  10. var $user_fields = array('id' => 'id', 'username' => 'username', 'password' => 'password');
  11. var $group_fields = array('id' => 'id', 'name' => 'name');
  12. var $components = array('Session');
  13. var $login_page = '/users/login'; // login action
  14. var $logout_page = '/'; // Page to redirect to when user logs out
  15. var $deny_page = '/users/denied'; // Page to redirect if you deny access but don't want take user to login page
  16. var $sesskey = "User";
  17.  
  18. /* Don't modify these variables */
  19. var $last_page = null;
  20. var $user = null;
  21. var $controller;
  22.  
  23. function startup(&$controller)
  24. {
  25. $this->controller = $controller;
  26. if ($this->Session->valid() && $this->Session->check($this->sesskey))
  27. {
  28. $this->user = $this->Session->read($this->sesskey);
  29. }
  30. $this->controller->set('Auth', $this->user);
  31. }
  32.  
  33. // Method to check if user is logged.
  34. function login($data)
  35. {
  36. $username = $data[$this->user_fields['username']];
  37. $password = $data[$this->user_fields['password']];
  38. $conditions = array(
  39. $this->user_model.".".$this->user_fields['username'] => $username,
  40. $this->user_model.".".$this->user_fields['password'] => md5($password),
  41. $this->user_model.".active" => 1
  42. );
  43. $user = $this->controller->{$this->user_model}->find($conditions);
  44.  
  45. if (empty($user)) {
  46. return false;
  47. } else {
  48. $sessdata["{$this->user_model}"]['id'] = $user["{$this->user_model}"]["{$this->user_fields['id']}"];
  49. $sessdata["{$this->user_model}"]['username'] = $user["{$this->user_model}"]["{$this->user_fields['username']}"];
  50. $sessdata["{$this->user_model}"]['password'] = $user["{$this->user_model}"]["{$this->user_fields['password']}"];
  51. $sessdata["{$this->user_model}"]['groups'] = array();
  52.  
  53. if (!empty($user["{$this->group_model}"]))
  54. {
  55. foreach($user["{$this->group_model}"] as $group)
  56. {
  57. array_push($sessdata["{$this->user_model}"]['groups'], $group['name']);
  58. }
  59. }
  60.  
  61. $sessdata["{$this->user_model}"]['login_hash'] = md5($this->sesskey . $sessdata["{$this->user_model}"]['username'] . $sessdata["{$this->user_model}"]['password']);
  62. $this->Session->write($this->sesskey, $sessdata);
  63. return true;
  64. }
  65. }
  66.  
  67. // Logout user and destroy cookie
  68. function logout($redirect=null)
  69. {
  70. $this->user = null;
  71. $this->Session->delete($this->sesskey);
  72. $page = (!empty($redirect)) ? $redirect : $this->logout_page;
  73. $this->controller->redirect($page);
  74. }
  75.  
  76. // Check is user is part of usergroup specified
  77. function permit($groups=null, $redirect=null)
  78. {
  79. $hasAccess = false;
  80. // User page tracker
  81. if ($this->controller->action != "login")
  82. {
  83. $this->last_page = $this->controller->here;
  84. }
  85.  
  86. $sessdata = $this->Session->read($this->sesskey);
  87.  
  88. # logged in...
  89. if (!empty($this->user))
  90. {
  91. # you got some groups...
  92. if (!empty($groups))
  93. {
  94. foreach ($groups as $group)
  95. {
  96. # and any group name matches the provided name...
  97. if (array_search($group, $sessdata["{$this->user_model}"]['groups']) === false)
  98. {
  99. }
  100. else
  101. {
  102. $hasAccess = true;
  103. }
  104. }
  105. }
  106. else
  107. {
  108. $hasAccess = false;
  109. }
  110. }
  111.  
  112. if(!$hasAccess)
  113. {
  114. $page = (!empty($redirect)) ? $redirect : $this->login_page;
  115. $this->controller->redirect($page);
  116. }
  117.  
  118. }
  119.  
  120. function deny($redirect=null)
  121. {
  122. $page = (!empty($redirect)) ? $redirect : $this->deny_page;
  123. $this->controller->redirect($page);
  124. }
  125.  
  126. }
  127.  
  128. ?>
  129. ## app/views/helpers/auth.php
  130. <?php
  131. class AuthHelper extends Helper
  132. {
  133. var $helpers = array('Html','Session');
  134.  
  135. # Returns true/false if the current user is logged in.
  136. function loggedIn()
  137. {
  138. return $this->Session->read('User') ? true : false;
  139. }
  140.  
  141. # Returns true/false if current user is member of specific group.
  142. function hasRole($role = '')
  143. {
  144. if($user = $this->Session->read('User'))
  145. {
  146. return in_array($role, $user['User']['groups']) ? true : false;
  147. }
  148. return false;
  149. }
  150.  
  151. }
  152. ?>
  153.  
  154. ## app/views/users/login.ctp
  155. <h1>Member Login</h1>
  156. <?php echo $form->create('User', array('action' => 'login')) ?>
  157. <fieldset>
  158. <legend>User Login</legend>
  159.  
  160. <?php echo $form->input('User.username', array('label' => 'Username: ', 'style' => 'width: 150px'))?><br />
  161.  
  162. <label for="password">Password: </label>
  163. <?php echo $form->password('User.password', array('style' => 'width: 150px'))?><br />
  164.  
  165. <label for="submit"> </label><br />
  166. <?php echo $form->submit('Sign In')?>
  167. </fieldset>
  168. </form>
  169.  
  170. ## app/controllers/users_controller.php
  171. <?php
  172. class UsersController extends AppController {
  173. var $uses = array('User','Group');
  174.  
  175. function login()
  176. {
  177. if(isset($this->data['User']))
  178. {
  179. if($this->Auth->login($this->data['User']))
  180. {
  181. $this->redirect('/');
  182. }
  183. $this->flash("Invalid login", 'login');
  184. }
  185. }
  186.  
  187. function logout()
  188. {
  189. $this->Auth->logout();
  190. $this->flash("You have been logged out.", '/');
  191. }
  192.  
  193. }
  194. ?>
  195.  
  196. ## app/models/user.rb
  197. <?php
  198. class User extends AppModel
  199. {
  200. var $hasAndBelongsToMany = array(
  201. 'Group' => array(
  202. 'className' => 'Group',
  203. 'joinTable' => 'groups_users',
  204. 'foreignKey' => 'user_id',
  205. 'order' => 'Group.name DESC'
  206. )
  207. );
  208. }
  209. ?>
  210.  
  211. ## app/models/group.rb
  212. <?php
  213.  
  214. class Group extends AppModel
  215. {
  216. var $hasAndBelongsToMany = array(
  217. 'User' => array(
  218. 'className' => 'User',
  219. 'joinTable' => 'groups_users',
  220. 'foreignKey' => 'user_id',
  221. 'uniq' => true,
  222. 'order' => 'User.username DESC'
  223. )
  224. );
  225. }
  226.  
  227. ?>
  228.  
  229. ## migrations (SQL)
  230. CREATE TABLE users (
  231. id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
  232. username varchar(50) NOT NULL default '',
  233. password varchar(32) NOT NULL default '',
  234. fname varchar(50) NOT NULL,
  235. lname varchar(50) NOT NULL,
  236. phone varchar(32) default '',
  237. email varchar(100) NOT NULL default '',
  238. active tinyint(1) unsigned NOT NULL default '0',
  239. created datetime NOT NULL default '0000-00-00 00:00:00',
  240. modified datetime NOT NULL default '0000-00-00 00:00:00'
  241. ) ENGINE=InnoDB;
  242.  
  243. CREATE TABLE groups (
  244. id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
  245. name varchar(50) NOT NULL default '',
  246. created datetime NOT NULL default '0000-00-00 00:00:00',
  247. modified datetime NOT NULL default '0000-00-00 00:00:00'
  248. ) ENGINE=InnoDB;
  249.  
  250. CREATE TABLE groups_users (
  251. user_id INT UNSIGNED NOT NULL,
  252. group_id INT UNSIGNED NOT NULL,
  253. created datetime NOT NULL default '0000-00-00 00:00:00',
  254. modified datetime NOT NULL default '0000-00-00 00:00:00'
  255. ) ENGINE=InnoDB;
  256.  
  257. # passwords are 'test'
  258. INSERT INTO `users` (`id`, `username`, `password` , `fname`, `lname`, `email`, `active`, `created`, `modified`) VALUES (1, 'admin', '098f6bcd4621d373cade4e832627b4f6', 'System', 'Administrator', 'admin@pitsparanormal.com', 1, '0000-00-00 00:00:00', '0000-00-00 00:00:00');
  259. INSERT INTO `users` (`id`, `username`, `password` , `fname`, `lname`, `email`, `active`, `created`, `modified`) VALUES (2, 'member', '098f6bcd4621d373cade4e832627b4f6', 'PITS', 'Member', 'member@pitsparanormal.com', 1, '0000-00-00 00:00:00', '0000-00-00 00:00:00');
  260.  
  261. INSERT INTO `groups` (`id`, `name`, `created`, `modified`) VALUES (1, 'Member', '0000-00-00 00:00:00', '0000-00-00 00:00:00');
  262. INSERT INTO `groups` (`id`, `name`, `created`, `modified`) VALUES (2, 'Admin', '0000-00-00 00:00:00', '0000-00-00 00:00:00');
  263.  
  264. INSERT INTO `groups_users` (`user_id`, `group_id`) VALUES (1,2);
  265. INSERT INTO `groups_users` (`user_id`, `group_id`) VALUES (2,1);
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!