karsten/scattport-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix login stuff

Browse Source
This commit is contained in:
Eike Foken
2011-08-11 17:17:13 +02:00
parent 1e4adc74fb
commit 808faf8e1a
9 changed files with 352 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
application/config/form_validation.php
View File

@@ -1,5 +1,41 @@
<?php defined('BASEPATH') || exit("No direct script access allowed"); <?php defined('BASEPATH') || exit("No direct script access allowed");
/**
* Rules for login page.
*
* @var array
*/
$config['auth/login'] = array(
array(
'field' => 'username',
'label' => _('Username'),
'rules' => 'required|trim',
),
array(
'field' => 'password',
'label' => _('Password'),
'rules' => 'required|trim',
),
array(
'field' => 'remember',
'label' => _('Remember me on this computer'),
'rules' => 'integer',
),
);
/**
* Rules for forgotten password page.
*
* @var array
*/
$config['auth/forgot_password'] = array(
array(
'field' => 'email',
'label' => _('Email address'),
'rules' => 'required|valid_email|trim',
),
);
/** /**
* Rules for creating users. * Rules for creating users.
* *
@@ -24,6 +60,7 @@ $config['users/create'] = array(
array( array(
'field' => 'password_confirm', 'field' => 'password_confirm',
'label' => _('Confirm password'), 'label' => _('Confirm password'),
'rules' => 'required',
), ),
array( array(
'field' => 'firstname', 'field' => 'firstname',
@@ -44,7 +81,7 @@ $config['users/create'] = array(
'field' => 'phone', 'field' => 'phone',
'label' => _('Phone number'), 'label' => _('Phone number'),
'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim', 'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim',
) ),
); );
/** /**
@@ -77,7 +114,7 @@ $config['users/edit'] = array(
'field' => 'phone', 'field' => 'phone',
'label' => _('Phone number'), 'label' => _('Phone number'),
'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim', 'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim',
) ),
); );
/** /**
@@ -110,7 +147,7 @@ $config['settings/index'] = array(
'field' => 'phone', 'field' => 'phone',
'label' => _('Phone number'), 'label' => _('Phone number'),
'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim', 'rules' => 'regex_match[/^\+\d{2,4}\s\d{2,4}\s\d{3,10}+$/i]|trim',
) ),
); );
/* End of file form_validation.php */ /* End of file form_validation.php */

60
application/controllers/auth.php
View File

@@ -33,30 +33,23 @@ class Auth extends CI_Controller {
*/ */
public function login() { public function login() {
if ($this->access->loggedIn()) { if ($this->access->loggedIn()) {
redirect(); redirect('dashboard');
} }
// validate form input $data['messages'] = $this->messages->get('success');
$this->form_validation->set_rules('username', _('Username'), 'required');
$this->form_validation->set_rules('password', _('Password'), 'required');
if ($this->form_validation->run() == true) { if ($this->form_validation->run() === true) {
// check for "remember me" // check for "remember me"
$remember = (boolean) $this->input->post('remember'); $remember = (boolean) $this->input->post('remember');
if ($this->access->login($this->input->post('username'), $this->input->post('password'), $remember)) { if ($this->access->login($this->input->post('username'), $this->input->post('password'), $remember)) {
$this->data['success'] = true; redirect('dashboard', 303);
redirect('dashboard', 'refresh');
} else { // if the login was un-successful } else { // if the login was un-successful
$this->data['success'] = false; $data['errors'] = $this->messages->get('error');
$this->data['message'] = $this->access->errors();
} }
} else {
$this->data['message'] = validation_errors() ? validation_errors() : null;
$this->data['username'] = $this->form_validation->set_value('username');
$this->load->view('auth/login', $this->data);
} }
$this->load->view('auth/login', $data);
} }
/** /**
@@ -64,8 +57,7 @@ class Auth extends CI_Controller {
*/ */
public function logout() { public function logout() {
$logout = $this->access->logout(); $logout = $this->access->logout();
redirect('auth/login');
redirect(base_url(), 'refresh');
} }
/** /**
@@ -159,40 +151,32 @@ class Auth extends CI_Controller {
* Allows users to request a new password. * Allows users to request a new password.
*/ */
public function forgot_password() { public function forgot_password() {
$this->form_validation->set_rules('email', _('eMail address'), 'required'); if ($this->form_validation->run() === true) {
if ($this->form_validation->run() == false) { // run the forgotten password method to email an activation code to the user
//setup the input $forgotten = $this->access->forgottenPassword($this->input->post('email'));
$this->data['email'] = array('name' => 'email',
'id' => 'email',
);
//set any errors and display the form
$this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
$this->load->view('auth/forgot_password', $this->data);
} else {
//run the forgotten password method to email an activation code to the user
$forgotten = $this->access->forgotten_password($this->input->post('email'));
if ($forgotten) { //if there were no errors if ($forgotten) { // if there were no errors
$this->session->set_flashdata('message', $this->access->messages()); redirect('auth/login'); // TODO Display a confirmation page here instead of the login page
redirect("auth/login", 'refresh'); //we should display a confirmation page here instead of the login page
} else { } else {
$this->session->set_flashdata('message', $this->access->errors()); redirect('auth/forgot_password');
redirect("auth/forgot_password", 'refresh');
} }
} }
$data['messages'] = $this->messages->get('success');
$data['errors'] = $this->messages->get('error');
$this->load->view('auth/forgot_password', $data);
} }
/** /**
* Final step for forgotten password. * Final step for forgotten password.
*/ */
public function reset_password($code) { public function reset_password($code) {
$reset = $this->access->forgotten_password_complete($code); $reset = $this->access->forgottenPasswordComplete($code);
if ($reset) { //if the reset worked then send them to the login page if ($reset) { // if the reset worked then send them to the login page
$this->session->set_flashdata('message', $this->access->messages());
redirect('auth/login'); redirect('auth/login');
} else { //if the reset didnt work then send them back to the forgot password page } else { // if the reset didn't work then send them back to the forgot password page
$this->session->set_flashdata('message', $this->access->errors());
redirect('auth/forgot_password'); redirect('auth/forgot_password');
} }
} }

434
application/libraries/Access.php
View File

@@ -7,279 +7,231 @@
*/ */
class Access { class Access {
/** /**
* Contains the CI instance. * Contains the CI instance.
*/ */
protected $ci; protected $ci;
/** /**
* Contains occured messages (using the language file). * Contains occured messages (using the language file).
* *
* @var string * @var string
*/ */
protected $messages = array(); protected $messages = array();
/** /**
* Contains occured errors (using the language file). * Contains occured errors (using the language file).
* *
* @var string * @var string
*/ */
protected $errors = array(); protected $errors = array();
/** /**
* Constructor. * Constructor.
*/ */
public function __construct() { public function __construct() {
$this->ci =& get_instance(); $this->ci =& get_instance();
$this->ci->load->config('auth', true); $this->ci->load->config('auth', true);
$this->ci->load->library('email'); $this->ci->load->library('email');
$this->ci->lang->load('auth'); $this->ci->lang->load('auth');
$this->ci->load->model('user'); $this->ci->load->model('user');
$this->ci->load->model('group'); $this->ci->load->model('group');
$this->ci->load->helper('cookie'); $this->ci->load->helper('cookie');
// auto-login the user if they are remembered // auto-login the user if they are remembered
if (!$this->loggedIn() && get_cookie('username') && get_cookie('remember_code')) { if (!$this->loggedIn() && get_cookie('username') && get_cookie('remember_code')) {
$this->ci->access = $this; $this->ci->access = $this;
$this->ci->user->loginRememberedUser(); $this->ci->user->loginRememberedUser();
} }
} }
/** /**
* Changes a users password. * Changes a users password.
* *
* @return boolean * @return boolean
*/ */
public function changePassword($username, $old, $new) { public function changePassword($username, $old, $new) {
if ($this->ci->user->changePassword($username, $old, $new)) { if ($this->ci->user->changePassword($username, $old, $new)) {
$this->setMessage(_('Password successfully changed')); $this->ci->messages->add(_('Password successfully changed'), 'success');
return true; return true;
} }
$this->setError(_('Unable to change password')); $this->ci->messages->add(_('Unable to change password'), 'error');
return false; return false;
} }
/** /**
* forgotten password feature * forgotten password feature
* *
* @return void * @return void
*/ */
public function forgottenPassword($username) { public function forgottenPassword($email) {
if ($this->ci->user->forgottenPassword($username)) { if ($this->ci->user->forgottenPassword($email)) {
// get user information // get user information
$user = $this->getUserByUsername($username); $user = $this->ci->user->getUserByEmail($email);
$data = array( $data = array(
'username' => $user['username'], 'username' => $user['username'],
'forgotten_password_code' => $user['forgotten_password_code'] 'forgotten_password_code' => $user['forgotten_password_code'],
); );
$message = $this->ci->load->view($this->ci->config->item('email_templates', 'auth') . $this->ci->config->item('email_forgot_password', 'auth'), $data, true); $message = $this->ci->load->view('auth/email/forgot_password', $data, true);
$this->ci->email->clear(); $this->ci->email->clear();
$config['mailtype'] = $this->ci->config->item('email_type', 'auth'); $config['mailtype'] = $this->ci->config->item('email_type', 'auth');
$this->ci->email->initialize($config); $this->ci->email->initialize($config);
$this->ci->email->set_newline("\r\n"); $this->ci->email->set_newline("\r\n");
$this->ci->email->from($this->ci->config->item('admin_email', 'auth'), 'Scattport'); $this->ci->email->from($this->ci->config->item('admin_email', 'auth'), 'Scattport');
$this->ci->email->to($user['email']); $this->ci->email->to($user['email']);
$this->ci->email->subject('Scattport - Forgotten Password Verification'); $this->ci->email->subject('ScattPort - Forgotten Password Verification');
$this->ci->email->message($message); $this->ci->email->message($message);
if ($this->ci->email->send()) { if ($this->ci->email->send()) {
$this->setMessage(_('Password reset email sent')); $this->ci->messages->add(_('Password reset email sent'), 'success');
return true; return true;
} else { } else {
$this->setError(_('Unable to reset password')); $this->ci->messages->add(_('Unable to send password reset email'), 'error');
return false; return false;
} }
} else { } else {
$this->setError(_('Unable to reset password')); $this->ci->messages->add(_('This email address is not registered'), 'error');
return false; return false;
} }
} }
/** /**
* forgotten_password_complete * forgotten_password_complete
* *
* @return void * @return void
*/ */
public function forgottenPasswordComplete($code) { public function forgottenPasswordComplete($code) {
$profile = $this->ci->user->profile($code, true); // pass the code to profile $profile = $this->ci->user->profile($code, true); // pass the code to profile
if (!is_object($profile)) { if (!is_object($profile)) {
$this->setError(_('Unable to change password')); $this->ci->messages->add(_('Unable to change password'), 'error');
return false; return false;
} }
$new_password = $this->ci->user->forgottenPasswordComplete($code, $profile->salt); $new_password = $this->ci->user->forgottenPasswordComplete($code, $profile->salt);
if ($new_password) { if ($new_password) {
$data = array( $data = array(
'username' => $profile->username, 'username' => $profile->username,
'new_password' => $new_password 'new_password' => $new_password
); );
$message = $this->ci->load->view($this->ci->config->item('email_templates', 'ion_auth').$this->ci->config->item('email_forgot_password_complete', 'ion_auth'), $data, true); $message = $this->ci->load->view('auth/email/forgot_password_complete', $data, true);
$this->ci->email->clear(); $this->ci->email->clear();
$config['mailtype'] = $this->ci->config->item('email_type', 'ion_auth'); $config['mailtype'] = $this->ci->config->item('email_type', 'auth');
$this->ci->email->initialize($config); $this->ci->email->initialize($config);
$this->ci->email->set_newline("\r\n"); $this->ci->email->set_newline("\r\n");
$this->ci->email->from($this->ci->config->item('admin_email', 'ion_auth'), $this->ci->config->item('site_title', 'ion_auth')); $this->ci->email->from($this->ci->config->item('admin_email', 'auth'), $this->ci->config->item('site_title', 'auth'));
$this->ci->email->to($profile->email); $this->ci->email->to($profile->email);
$this->ci->email->subject($this->ci->config->item('site_title', 'ion_auth') . ' - New Password'); $this->ci->email->subject('ScattPort - New Password');
$this->ci->email->message($message); $this->ci->email->message($message);
if ($this->ci->email->send()) { if ($this->ci->email->send()) {
$this->setMessage(_('Password successfully changed')); $this->ci->messages->add(_('Password successfully changed'), 'success');
return true; return true;
} else { } else {
$this->setError(_('Unable to change password')); $this->ci->messages->add(_('Unable to change password'), 'error');
return false; return false;
} }
} }
$this->setError(_('Unable to change password')); $this->ci->messages->add(_('Unable to change password'), 'error');
return false; return false;
} }
/** /**
* Logs the user in. * Logs the user in.
* *
* @return boolean * @return boolean
*/ */
public function login($username, $password, $remember = false) { public function login($username, $password, $remember = false) {
if ($this->ci->user->login($username, $password, $remember)) { if ($this->ci->user->login($username, $password, $remember)) {
$this->setMessage(_('Logged in successfully')); $this->ci->messages->add(_('Logged in successfully'), 'success');
return true; return true;
} else { } else {
$this->setError(_('Incorrect username or password')); $this->ci->messages->add(_('Incorrect username or password'), 'error');
return false; return false;
} }
} }
/** /**
* Logs the user out. * Logs the user out.
* *
* @return boolean * @return boolean
*/ */
public function logout() { public function logout() {
$this->ci->session->unset_userdata('username'); $this->ci->session->unset_userdata('username');
$this->ci->session->unset_userdata('group'); $this->ci->session->unset_userdata('group');
$this->ci->session->unset_userdata('user_id'); $this->ci->session->unset_userdata('user_id');
// delete the remember cookies if they exist // delete the remember cookies if they exist
if (get_cookie('username')) { if (get_cookie('username')) {
delete_cookie('username'); delete_cookie('username');
} if (get_cookie('remember_code')) { } if (get_cookie('remember_code')) {
delete_cookie('remember_code'); delete_cookie('remember_code');
} }
$this->ci->session->sess_destroy(); $this->ci->session->sess_destroy();
$this->setMessage(_('Logged out successfully')); $this->ci->messages->add(_('Logged out successfully'), 'success');
return true; return true;
} }
/** /**
* Checks if the user is logged in. * Checks if the user is logged in.
* *
* @return boolean * @return boolean
*/ */
public function loggedIn() { public function loggedIn() {
return (boolean) $this->ci->session->userdata('username'); return (boolean) $this->ci->session->userdata('username');
} }
/** /**
* Checks if the user is an admin. * Checks if the user is an admin.
* *
* @return boolean * @return boolean
*/ */
public function isAdmin() { public function isAdmin() {
$adminGroup = 'admins'; $adminGroup = 'admins';
$userGroup = $this->ci->session->userdata('group'); $userGroup = $this->ci->session->userdata('group');
return $userGroup == $adminGroup; return $userGroup == $adminGroup;
} }
/** /**
* Checks if the current user is assigned to the specified group. * Checks if the current user is assigned to the specified group.
* *
* @return boolean * @return boolean
*/ */
public function isGroup($checkGroup) { public function isGroup($checkGroup) {
$userGroup = $this->ci->session->userdata('group'); $userGroup = $this->ci->session->userdata('group');
if (is_array($checkGroup)) { if (is_array($checkGroup)) {
return in_array($userGroup, $checkGroup); return in_array($userGroup, $checkGroup);
} }
return $userGroup == $checkGroup; return $userGroup == $checkGroup;
} }
/** /**
* Gets the current logged in user. * Gets the current logged in user.
* *
* @return object * @return object
*/ */
public function getCurrentUser() { public function getCurrentUser() {
return $this->ci->user->getUserByID($this->ci->session->userdata('user_id')); return $this->ci->user->getUserByID($this->ci->session->userdata('user_id'));
} }
/** /**
* Gets the profile of the current user. * Gets the profile of the current user.
* *
* @return array * @return array
*/ */
public function profile() { public function profile() {
return $this->ci->user->profile($this->ci->session->userdata('username')); return $this->ci->user->profile($this->ci->session->userdata('username'));
} }
/**
* Sets a message.
*
* @return string
*/
public function setMessage($message) {
$this->messages[] = $message;
return $message;
}
/**
* Gets all messages.
*
* @return void
*/
public function messages() {
$output = '';
foreach ($this->messages as $message) {
$output .= $message . '<br />';
}
return $output;
}
/**
* Sets an error message.
*
* @return void
*/
public function setError($error) {
$this->errors[] = $error;
return $error;
}
/**
* Gets all error messages.
*
* @return void
*/
public function errors() {
$output = '';
foreach ($this->errors as $error) {
$output .= $error . '<br />';
}
return $output;
}
} }

2
application/models/user.php
View File

@@ -367,7 +367,7 @@ class User extends CI_Model {
public function getUserByEmail($email) { public function getUserByEmail($email) {
$this->db->where('users.email', $email); $this->db->where('users.email', $email);
$this->db->limit(1); $this->db->limit(1);
return $this->get(); return $this->get()->row_array();
} }
/** /**

11
application/views/auth/email/forgot_password.php Normal file
View File

@@ -0,0 +1,11 @@
<?=$username?>,
To reset your password, please go to the following page:
{unwrap}<?=site_url('auth/reset_password' . $forgotten_password_code);?>{/unwrap}
Your password will be automatically reset, and a new password will be emailed to you.
If you do not wish to reset your password, ignore this message. It will expire in 24 hours.
Thank you!

8
application/views/auth/email/forgot_password_complete.php Normal file
View File

@@ -0,0 +1,8 @@
<?=$username?>,
Here is your new login information:
Username: <?=$username?>
Password: <?=$password?>
Thank you!

57
application/views/auth/forgot_password.php Normal file
View File

@@ -0,0 +1,57 @@
<!DOCTYPE html>
<html lang="<?=substr($this->config->item('language'), 0, 2);?>">
<head>
<meta charset="utf-8" />
<title>ScattPort | <?=_('Login');?></title>
<?=link_tag('assets/css/login.css');?>
<?=link_tag('assets/css/form.css');?>
<?=script_tag('assets/js/minmax.js');?>
<?=script_tag('https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js');?>
<?=script_tag('assets/js/scattport.js');?>
<script type="text/javascript">
var SITE_URL = '<?=site_url()?>';
</script>
</head>
<body>
<div id="wrapper">
<div id="box">
<h2>Scattport <span class="light"><?=_('Login');?></span></h2>
<?php
if (isset($errors) && is_array($errors)) {
foreach ($errors as $e) {
echo "<p class=\"error\"><strong>" . _('Error') . ":</strong> " . $e . "</p>";
}
} else if (isset($messages) && is_array($messages)) {
foreach ($messages as $m) {
echo "<p class=\"success\"><strong>" . _('Success') . ":</strong> " . $m . "</p>";
}
}
?>
<form name="password" action="<?= site_url('auth/forgot_password') ?>"
method="post">
<ul>
<li>
<label><?=form_label(_('Email address'), 'email');?></label>
<div>
<input type="text" name="email" id="email" class="text max" value="<?=set_value('email');?>" />
<?=form_error('email');?>
</div>
</li>
<li>
<div>
<input type="submit" class="button" name="forgot_password" value="<?=_('Submit');?>" />
</div>
</li>
</ul>
</form>
<p><?=anchor('auth/login', _('Back to login page'));?></p>
</div>
</div>

21
application/views/auth/login.php
View File

@@ -24,12 +24,15 @@
<h2>Scattport <span class="light"><?=_('Login');?></span></h2> <h2>Scattport <span class="light"><?=_('Login');?></span></h2>
<?php <?php
if (isset($error)) if (isset($errors)) {
foreach ($error as $e) foreach ($errors as $e) {
echo "<p class=\"error\">" . $e . "</p>"; echo "<p class=\"error\"><strong>" . _('Error') . ":</strong> " . $e . "</p>";
if (isset($notice)) }
foreach ($notice as $n) } else if (isset($messages) && is_array($messages)) {
echo "<p class=\"notice\">" . $n . "</p>"; foreach ($messages as $m) {
echo "<p class=\"success\"><strong>" . _('Success') . ":</strong> " . $m . "</p>";
}
}
?> ?>
<form action="<?= site_url('auth/login') ?>" method="post" name="loginform"> <form action="<?= site_url('auth/login') ?>" method="post" name="loginform">
<ul> <ul>
@@ -47,6 +50,12 @@
<?=form_error('password');?> <?=form_error('password');?>
</div> </div>
</li> </li>
<li>
<div>
<input type="checkbox" name="remember" id="remember" class="radio" value="1"<?=set_checkbox('remember', 1);?> />
<label for="remember" class="choice"><?=_('Remember me on this computer')?></label>
</div>
</li>
<li> <li>
<div> <div>
<input type="submit" class="button" name="login" value="<?=_('Log in');?>" /> <input type="submit" class="button" name="login" value="<?=_('Log in');?>" />

4
assets/css/form.css
View File

@@ -63,3 +63,7 @@ p.error, p.req {
color: #d8122d; color: #d8122d;
font-weight: normal; font-weight: normal;
} }
p.success strong, p.error strong, p.req strong {
text-transform: uppercase;
}