gestion de l'authentification, issue #0000920

2011-10-24 15:05:30 +00:00 · 2011-10-24 15:05:30 +00:00 · 548c9ee9ee
commit 548c9ee9ee
parent 0aed29fff3
13 changed files with 504 additions and 0 deletions
--- a/application/configs/application.ini
+++ b/application/configs/application.ini
@ -9,6 +9,7 @@ appnamespace = "Application"
 resources.frontController.controllerDirectory = APPLICATION_PATH "/controllers"
 resources.frontController.params.displayExceptions = 0
 autoloaderNamespaces[] = "Application_"
+resources.frontController.plugins.Auth = "Application_Controller_Plugin_Auth"
 resources.layout.layout = "main"
 resources.layout.layoutPath = APPLICATION_PATH "/views/default"
 resources.view.basePath = APPLICATION_PATH "/views/default"
--- a/application/configs/databases.ini
+++ b/application/configs/databases.ini
--- a/application/controllers/UserController.php
+++ b/application/controllers/UserController.php
@ -0,0 +1,86 @@
+<?php
+class UserController extends Zend_Controller_Action
+{
+	public function init()
+	{
+		require_once 'Forms/Login.php';
+		require_once 'Scores/WebAuthAdapter.php';
+		require_once 'Scores/WsScores.php';
+	}
+	
+	/**
+	* Gestion de l'authentification
+	*/
+	public function loginAction()
+	{
+		$this->view->headTitle()->append('Connexion');
+		$form = new Form_Login();
+		$this->view->form = $form;
+		$request = $this->getRequest();
+		if ($request->isPost()) {
+			$formData = $request->getPost();
+			if ($form->isValid($formData)) {
+				$login = $form->getValue('login');
+				$pass = $form->getValue('pass');	
+				$auth = Zend_Auth::getInstance();
+				$authAdapter = new WebAuthAdapter($login, md5($login.'|'.$pass));
+				$result = $auth->authenticate($authAdapter);
+				if (!$result->isValid()){
+					$this->view->message = '';
+					Zend_Registry::get('firebug')->info($result);
+					foreach ($result->getMessages() as $message) {
+						$this->view->message.= $message."<br/>";
+					}
+				} else {
+					$timeout = $auth->getIdentity()->timeout;
+	
+					//Ecrit un cookie persistant valide pendant le temps definit
+					Zend_Session::rememberMe($timeout);
+	
+					$storage = new Zend_Auth_Storage_Session();
+					$sessionNamespace = new Zend_Session_Namespace($storage->getNamespace());
+					$sessionNamespace->setExpirationSeconds($timeout);
+					$auth->setStorage($storage);
+					$url = '';
+					if (Zend_Session::namespaceIsset('login')){
+						$session = new Zend_Session_Namespace('login');
+						if (isset($session->url)) {
+							$url = $session->url;
+						}
+					}
+					if (!empty($url) && $url!='/user/login' && $url!='/localauth'){
+						$this->_redirect($url);
+					}
+					$this->_redirect('/');
+				}
+			}
+		}
+		$this->_helper->layout()->disableLayout();
+		$this->render('login');
+	}
+	
+	/**
+	 * Gestion de la déconnexion
+	 */
+	public function logoutAction()
+	{
+		Zend_Auth::getInstance()->clearIdentity();
+		$this->_helper->layout()->disableLayout();
+		 
+		$url = 'http://www.scores-decisions.com/';
+		$refresh = 5;
+		 
+		if (APPLICATION_ENV != 'production'){
+			$url = 'http://'.$_SERVER['SERVER_NAME'].$this->view->url(array(
+					'controller' => 'user',
+					'action' => 'login',
+			));
+		}
+	
+		$this->view->assign('url', $url);
+		$this->view->headMeta()->appendHttpEquiv('refresh', '5; url='.$url);
+		$this->render('logout');
+	}
+	
+	
+}
--- a/application/views/default/scripts/user/login.phtml
+++ b/application/views/default/scripts/user/login.phtml
@ -0,0 +1,13 @@
+<?php echo $this->doctype();?>
+<html>
+<head>
+  <?php echo $this->headMeta();?>
+  <?php echo $this->headTitle();?>
+  <link rel="shortcut icon" type="image/x-icon" href="<?='http://'.$_SERVER['SERVER_NAME']?>/favicon.ico" />
+</head>
+<body>
+<h2>CONNEXION EXTRANET</h2>
+<?=$this->message?>
+<?=$this->form?>
+</body>
+</html>
--- a/application/views/default/scripts/user/logout.phtml
+++ b/application/views/default/scripts/user/logout.phtml
@ -0,0 +1,16 @@
+<?php echo $this->doctype();?>
+<html>
+<head>
+  <?php echo $this->headMeta();?>
+  <?php echo $this->headTitle();?>
+</head>
+<body>
+<h4 class="logout">Vous avez été déconnecté.</h4>
+<h5 class="logout">
+Si cette page ne disparait pas au bout de <?=$this->refresh?> seconde(s), 
+veuillez cliquer <a href="<?=$this->url?>">ici</a>
+</h5>
+
+</body>
+</html>
+
--- a/config/local/configuration.ini
+++ b/config/local/configuration.ini
@ -0,0 +1,26 @@
+[server]
+name = sdsrvdev01
+
+[webservice]
+location = local
+
+[databases]
+
+[mail]
+method = smtp
+smpt_port =
+smtp_host = smtp.free.fr
+support = mricois@scores-decisions.com
+supportdev = mricois@scores-decisions.com
+contact = mricois@scores-decisions.com
+production = mricois@scores-decisions.com
+
+[wkhtmltopdf]
+arch = "amd64"
+
+[path]
+data = "d:\www\data"
+log = "log"
+pdf = "pdf"
+logos = "logos"
+marques = "marques"
--- a/config/sdsrvdev01/configuration.ini
+++ b/config/sdsrvdev01/configuration.ini
@ -0,0 +1,26 @@
+[server]
+name = sdsrvdev01
+
+[webservice]
+location = sdsrvdev01
+
+[databases]
+
+[mail]
+method = smtp
+smpt_port =
+smtp_host = smtp.free.fr
+support = supportdev@scores-decisions.com
+supportdev = supportdev@scores-decisions.com
+contact = supportdev@scores-decisions.com
+production = supportdev@scores-decisions.com
+
+[wkhtmltopdf]
+arch = "amd64"
+
+[path]
+data = "d:\www\data"
+log = "log"
+pdf = "pdf"
+logos = "logos"
+marques = "marques"
--- a/library/Application/Controller/Plugin/Auth.php
+++ b/library/Application/Controller/Plugin/Auth.php
@ -0,0 +1,84 @@
+<?php
+class Application_Controller_Plugin_Auth extends Zend_Controller_Plugin_Abstract
+{
+    /**
+     * Vérifie les autorisations
+     * Utilise _request et _response hérités et injectés par le FC
+     *
+     * @param Zend_Controller_Request_Abstract $request : non utilisé, mais demandé par l'héritage
+     */
+	public function preDispatch(Zend_Controller_Request_Abstract $request)
+	{
+		$checkAuth = true;
+		if ($request->getControllerName()=='user' && $request->getActionName()=='login'){
+			$checkAuth = false;			
+		}
+		
+		if ($checkAuth) 
+		{
+			$login = $request->getParam('login');
+			$pass = $request->getParam('pass', '');
+			$hach = $request->getParam('hach');
+			$checkIp = $request->getParam('checkIp');
+			
+			$auth = Zend_Auth::getInstance();
+			
+			//Est ce que l'on a checkIp=only lors de la requête
+			$iponly = false;
+			if ($checkIp=='only') {			
+				$hach  = 'iponly:'.$_SERVER['REMOTE_ADDR'];
+				$iponly = true;			
+			}
+			
+			//On vérifie le tout lors d'une connexion par url
+			if ( !empty($login) && !empty($hach) ) {	
+	
+				require_once 'Scores/WebAuthAdapter.php';
+				
+				$authAdapter = new WebAuthAdapter($login, $hach, $iponly);
+				$result = $auth->authenticate($authAdapter);
+				if (!$result->isValid()) {
+	                $request->setModuleName('default')
+						->setControllerName('user')
+	                    ->setActionName('logout');
+				} else {			
+					$timeout = $auth->getIdentity()->timeout;
+					Zend_Session::rememberMe($timeout);
+					$storage = new Zend_Auth_Storage_Session();
+					$sessionNamespace = new Zend_Session_Namespace($storage->getNamespace());
+					$sessionNamespace->setExpirationSeconds($timeout);
+					$auth->setStorage($storage);				
+				}
+				
+			//Sinon on reste sur le standard
+			} else {
+				//Pas authentifié
+				if (!$auth->hasIdentity()) {
+					
+					$auth->clearIdentity();
+			    	$session = new Zend_Session_Namespace('login');
+			    	$session->url = $_SERVER['REQUEST_URI'];
+
+			    	$layout = Zend_Layout::getMVCInstance();
+			    	if (!$layout->isEnabled()){
+			    		$this->_response->setRedirect('/user/logout')->sendResponse();
+			    	} 
+		    		$this->_response->setRedirect('/user/login')->sendResponse();
+		    	//Authentifié => on met à jour la session
+				} else {
+	
+					$timeout = $auth->getIdentity()->timeout;
+					$storage = new Zend_Auth_Storage_Session();
+					$sessionNamespace = new Zend_Session_Namespace($storage->getNamespace());
+					$sessionNamespace->setExpirationSeconds($timeout);
+					$auth->setStorage($storage);
+					
+					if (Zend_Session::namespaceIsset('login')){
+						Zend_Session::namespaceUnset('login');
+					}
+					
+				}
+			}
+		}	
+	}
+}
--- a/library/Forms/Login.php
+++ b/library/Forms/Login.php
@ -0,0 +1,28 @@
+<?php
+class Form_Login extends Zend_Form {
+
+	public function init()
+	{
+		$this->setName('login');
+		$this->setAction('/user/login');
+    	$this->setMethod('post');
+    	$this->addElement('text', 'login', array(
+    		'filters' => array('StringTrim'),
+	    	'label' => 'Identifiant : ',
+    		'required' => 'true',
+	    	)
+    	);
+    	$this->addElement('password', 'pass',
+    		array(
+	    		'label' => 'Mot de passe : ',
+    			'required' => 'true',
+    		)
+    	);
+    	$this->addElement('submit', 'submit',
+    		array(
+				'label' => 'Identification',
+				'ignore' => true,
+    	));
+	}
+
+}
--- a/library/Scores/WebAuthAdapter.php
+++ b/library/Scores/WebAuthAdapter.php
@ -0,0 +1,62 @@
+<?php
+class WebAuthAdapter implements Zend_Auth_Adapter_Interface
+{
+	protected $_username;
+	protected $_password;
+	protected $_timeout = 1800;
+	protected $_checkIp = false;
+
+	public function __construct($username, $password, $iponly = false)
+	{
+		$this->_username = $username;
+		$this->_password = $password;
+		if ($iponly){
+			$this->_password = 'iponly:'.$_SERVER['REMOTE_ADDR'];
+		}
+		$this->_checkIp = $iponly;
+	}
+
+	public function authenticate()
+	{
+		$adressIp = $_SERVER['REMOTE_ADDR'];
+		require_once 'Scores/WsScores.php';
+		$ws = new WsScores($this->_username, $this->_password);
+		$InfosLogin = $ws->getInfosLogin($this->_username, $adressIp);	
+		$identity = new stdClass();
+		$identity->username 		= $this->_username;
+		$identity->password 		= $this->_password;
+		$identity->email 			= $InfosLogin->result->email;
+		$identity->profil 			= $InfosLogin->result->profil;
+		$identity->pref 			= $InfosLogin->result->pref;
+		$identity->droits 			= $InfosLogin->result->droits;
+		$identity->droitsClients 	= $InfosLogin->result->droitsClients;
+		$identity->nom 				= $InfosLogin->result->nom;
+		$identity->prenom 			= $InfosLogin->result->prenom;
+		$identity->tel 				= $InfosLogin->result->tel;
+		$identity->fax 				= $InfosLogin->result->fax;
+		$identity->mobile 			= $InfosLogin->result->mobile;
+		$identity->id 				= $InfosLogin->result->id;
+		$identity->idClient 		= $InfosLogin->result->idClient;
+		$identity->reference 		= $InfosLogin->result->reference;
+		$identity->nbReponses 		= $InfosLogin->result->nbReponses;
+		$identity->typeScore 		= $InfosLogin->result->typeScore;
+		$identity->timeout 			= (!empty($InfosLogin->result->timeout)) ?
+										$InfosLogin->result->timeout : $this->_timeout;
+		$identity->ip 				= $adressIp;
+		$identity->modeEdition 		= false;
+		
+		if ( (is_string($InfosLogin) && !empty($InfosLogin)) || $InfosLogin->error->errnum!=0){	
+			if (is_string($InfosLogin)){
+				$message = $InfosLogin;			
+			} else {
+				$message = 'Erreur lors de la connexion';
+			}
+			return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $identity, array($message));
+		} elseif ($this->_username == $InfosLogin->result->login) {
+			return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
+		} else {
+			return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity);
+		}
+	}
+	
+}
--- a/library/Scores/WsScores.php
+++ b/library/Scores/WsScores.php
@ -0,0 +1,128 @@
+<?php
+class WsScores
+{
+	protected $webservices = array();
+	protected $login = '';
+	protected $password = '';
+	protected $nbReponses = 20;
+	protected $toNotCache = false;
+	
+	public function __construct($login = '', $password = '')
+	{
+		$configuration = Zend_Registry::get('configuration');
+		$config = new Zend_Config_Ini(realpath(dirname(__FILE__)) . '/webservices.ini', $configuration->webservice->location);		
+		$this->webservices = $config->webservices->toArray();
+		if ( !empty($login) && !empty($password) ){
+			$this->login = $login;
+			$this->password = $password;
+		} else {
+			$auth = Zend_Auth::getInstance();						
+			$user = $auth->getIdentity();
+			$this->login = $user->getLogin();
+			$this->password = $user->getPassword();
+			$this->nbReponses = $user->getNbRep();
+			if ( $user->checkModeEdition() ) {
+				$this->toNotCache = true;
+			}
+		}
+	}
+	
+	/**
+	 * setLog
+	 * @param string $page
+	 * @param string $siret
+	 * @param string $id
+	 * @param string $ref
+	 */
+	public function setLog ($page, $siret, $id=0, $ref = '')
+	{
+		$params = new stdClass();
+		$params->page = $idClient;
+		$params->siret = $siret;
+		$params->id = $id;
+		$params->ref = $ref;
+		$client = $this->loadClient('interne');
+        try {
+            $reponse = $client->setLog($params);
+            return true;
+        } catch (SoapFault $fault) {
+        	$this->soaperror(__FUNCTION__, $fault, $client->__getLastRequest(), $client->__getLastResponse());
+            return false;
+        }
+	}
+    
+    /**
+     * getInfosLogin
+     * @param string $login
+     * @param string $ipUtilisateur
+     */
+	public function getInfosLogin($login, $ipUtilisateur = '')
+	{
+		$params = new stdClass();
+		$params->login = $login;
+		$params->ipUtilisateur = $ipUtilisateur;
+		try {
+			$client = $this->loadClient('gestion');
+			$reponse = $client->getInfosLogin($params);
+			return $reponse->getInfosLoginResult;
+		} catch (SoapFault $fault) {
+			if ($fault->faultcode=='0900'){
+				return $fault->faultstring;				
+			} else {
+				$this->soaperror(__FUNCTION__, $fault, $client->__getLastRequest(), $client->__getLastResponse());
+				return false;
+			}
+		}
+	}
+
+	/**
+	 * soaperror
+	 * @param string $method
+	 * @param soapfault $fault
+	 * @param string $requete
+	 * @param string $reponse
+	 */
+	protected function soaperror($method, $fault, $requete, $reponse)
+	{
+		$message = '';
+		$message.= 'Erreur SOAP - Code : '.$fault->faultcode.' - Message : '.$fault->faultstring;
+		$message.= ' - Utilisateur : '.$this->login;
+		$message.= "\n";
+		$message.= "Method : ".$method.", File :".$fault->getFile().", Ligne : ".$fault->getLine();
+		$message.= "\n";
+		$message.= "Detail :\n".$fault->getTraceAsString();
+		$message.= "\n\n";
+		$message.= "Requete :\n ".$requete."\n";
+		$message.= "Reponse :\n ".$reponse."\n";	
+		$configuration = Zend_Registry::get('configuration');
+		require_once 'Scores/Mail.php';
+		$mail = new Mail();
+		$mail->setSubject('[ERREUR SOAP] - '.$configuration->server->name.' -'.date('Ymd'));
+		$mail->setBodyTexte($message);
+		$mail->setFrom('supportdev');
+		$mail->addToKey('supportdev');
+		$mail->send();
+	}
+	
+	/**
+	 * loadClient
+	 * @param unknown_type $webservice
+	 */
+	protected function loadClient($webservice)
+	{
+		$wsdl = $this->webservices[$webservice]['wsdl'];
+		$options = $this->webservices[$webservice]['options'];
+		$options['features'] = SOAP_USE_XSI_ARRAY_TYPE + SOAP_SINGLE_ELEMENT_ARRAYS;
+		$options['compression'] = SOAP_COMPRESSION_ACCEPT | SOAP_COMPRESSION_GZIP | SOAP_COMPRESSION_DEFLATE;
+		$options['login'] = $this->login;
+		$options['password'] = $this->password;
+		if (APPLICATION_ENV != 'production'){
+			$options['cache_wsdl'] = WSDL_CACHE_NONE;
+		}
+		$options['trace'] = true;
+        $options['encoding'] = 'utf-8';        
+       	$client = new SoapClient($wsdl, $options);
+        return $client;
+	}
+}
+
--- a/library/Scores/webservices.ini
+++ b/library/Scores/webservices.ini
@ -0,0 +1,31 @@
+[local]
+webservices.interne.wsdl = "http://webservice-2.1.sd.dev/interne/v0.3?wsdl-auto"
+webservices.interne.options.soap_version = SOAP_1_2
+webservices.entreprise.wsdl = "http://webservice-2.1.sd.dev/entreprise/v0.4?wsdl-auto"
+webservices.entreprise.options.soap_version = SOAP_1_2
+webservices.gestion.wsdl = "http://webservice-2.1.sd.dev/gestion/v0.1?wsdl-auto"
+webservices.gestion.options.soap_version = SOAP_1_2
+
+[sdsrvdev01]
+webservices.interne.wsdl = "http://webservice-2.1.sd.lan/interne/v0.3?wsdl-auto"
+webservices.interne.options.soap_version = SOAP_1_2
+webservices.entreprise.wsdl = "http://webservice-2.1.sd.lan/entreprise/v0.4?wsdl-auto"
+webservices.entreprise.options.soap_version = SOAP_1_2
+webservices.gestion.wsdl = "http://webservice-2.1.sd.lan/gestion/v0.1?wsdl-auto"
+webservices.gestion.options.soap_version = SOAP_1_2
+
+[sd-25137]
+webservices.interne.wsdl = "http://wse.scores-decisions.com:8081/interne/v0.3?wsdl"
+webservices.interne.options.soap_version = SOAP_1_2
+webservices.entreprise.wsdl = "http://wse.scores-decisions.com:8081/entreprise/v0.4?wsdl"
+webservices.entreprise.options.soap_version = SOAP_1_2
+webservices.gestion.wsdl = "http://wse.scores-decisions.com:8081/gestion/v0.1?wsdl"
+webservices.gestion.options.soap_version = SOAP_1_2
+
+[celeste]
+webservices.interne.wsdl = "http://wse.scores-decisions.com:8081/interne/v0.3?wsdl"
+webservices.interne.options.soap_version = SOAP_1_2
+webservices.entreprise.wsdl = "http://wse.scores-decisions.com:8081/entreprise/v0.4?wsdl"
+webservices.entreprise.options.soap_version = SOAP_1_2
+webservices.gestion.wsdl = "http://wse.scores-decisions.com:8081/gestion/v0.1?wsdl"
+webservices.gestion.options.soap_version = SOAP_1_2
--- a/public/index.php
+++ b/public/index.php
@ -22,5 +22,8 @@ $application = new Zend_Application(
    APPLICATION_PATH . '/configs/application.ini'
 );

+$configuration = new Zend_Config_Ini(APPLICATION_PATH . '/configs/configuration.ini');
+Zend_Registry::set('configuration', $configuration);
+
 $application->bootstrap()
            ->run();