scores/partner
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Auth Adapter

Browse Source
This commit is contained in:
Michael RICOIS 2014-01-09 08:38:53 +00:00
parent c1ef12382e
commit 0cbde292b5
2 changed files with 281 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
library/Scores/Auth/Adapter/Db.php Normal file
View File

@ -0,0 +1,102 @@
<?php
class Scores_Auth_Adapter_Db implements Zend_Auth_Adapter_Interface
{
protected $_username;
protected $_password;
protected $_hash;
protected $_timeout = 3600;
protected $checkWs = false;
protected $clients = array();
/**
*
* @param string $username
* @param string $password
* @param boolean $checkWs
*/
public function __construct($username, $password, $checkWs = false)
{
$this->_username = $username;
$this->_password = $password;
$this->_hash = md5($username.'|'.$password);
$this->checkWs = $checkWs;
}
/**
* Limit access to only client IDs
* @param array $id
*/
public function limitClient($id = null)
{
if (is_array($id) && count($id)>0) {
$this->clients = $id;
}
}
/**
* Override the timeout
* @param integer $seconds
*/
public function setTimeout($seconds = null)
{
if ($seconds===null)
return;
$this->_timeout = $seconds;
}
/**
* (non-PHPdoc)
* @see Zend_Auth_Adapter_Interface::authenticate()
*/
public function authenticate()
{
$userM = new Application_Model_Sdv1Utilisateurs();
$sql = $userM->select()
->setIntegrityCheck(false)
->from(array('u'=>'sdv1.utilisateurs'), array('u.idClient', 'u.id', 'u.login', 'u.password'))
->join(array('c'=>'sdv1.clients'), 'u.idClient = c.id', array('c.timeout'))
->where('u.login=?', $this->_username)
->where('u.actif=?', 1)
->where('u.deleted=?', 0)
->where('c.actif=?','Oui');
if ( count($this->clients) > 0 ) {
$sql->where('u.idClient IN('.join(',',$this->clients).')');
}
if ($this->checkWs) {
$sql->where('u.accesWS=?',1);
}
$result = $userM->fetchRow($sql);
$identity = new stdClass();
$identity->username = $this->_username;
$identity->hash = $this->_hash;
if ( null === $result ) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $identity);
} else {
if ( $this->_password == $result->password
|| $this->_password == md5($result->login.'|'.$result->password) ) {
$identity->id = $result->id;
$identity->idClient = $result->idClient;
$timeout = (!empty($result->timeout)) ? $result->timeout : $this->_timeout;
$identity->timeout = $timeout;
$identity->time = time() + $timeout;
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} else {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $identity);
}
}
}
}

179
library/Scores/Auth/Adapter/Ws.php Normal file
View File

@ -0,0 +1,179 @@
<?php
class Scores_Auth_Adapter_Ws implements Zend_Auth_Adapter_Interface
{
/**
*
* @var unknown
*/
protected $_username;
/**
*
* @var unknown
*/
protected $_password;
/**
*
* @var unknown
*/
protected $_timeout = 1800;
/**
*
* @var unknown
*/
protected $_checkIp = false;
public function __construct($username, $password, $iponly = false)
{
$this->_username = $username;
$this->_password = $password;
if ($iponly){
$this->_password = 'iponly:'.$_SERVER['REMOTE_ADDR'];
}
$this->_checkIp = $iponly;
}
/**
* (non-PHPdoc)
* @see Zend_Auth_Adapter_Interface::authenticate()
*/
public function authenticate()
{
$adressIp = $_SERVER['REMOTE_ADDR'];
require_once 'Scores/WsScores.php';
$ws = new WsScores($this->_username, $this->_password);
$InfosLogin = $ws->getInfosLogin($this->_username, $adressIp);
$identity = new stdClass();
$identity->username = $this->_username;
$identity->password = $this->_password;
$identity->email = $InfosLogin->result->email;
$identity->profil = $InfosLogin->result->profil;
$identity->pref = $InfosLogin->result->pref;
$identity->droits = $InfosLogin->result->droits;
$identity->droitsClients = $InfosLogin->result->droitsClients;
$identity->nom = $InfosLogin->result->nom;
$identity->prenom = $InfosLogin->result->prenom;
$identity->tel = $InfosLogin->result->tel;
$identity->fax = $InfosLogin->result->fax;
$identity->mobile = $InfosLogin->result->mobile;
$identity->id = $InfosLogin->result->id;
$identity->idClient = $InfosLogin->result->idClient;
$identity->reference = $InfosLogin->result->reference;
$identity->nbReponses = $InfosLogin->result->nbReponses;
$identity->typeScore = $InfosLogin->result->typeScore;
$identity->dateValidation = $InfosLogin->result->dateValidation;
$identity->nombreConnexions = $InfosLogin->result->nombreConnexions;
$identity->dateDerniereConnexion = $InfosLogin->result->dateDerniereConnexion;
$identity->dateDebutCompte = $InfosLogin->result->dateDebutCompte;
$identity->dateFinCompte = $InfosLogin->result->dateFinCompte;
$identity->acceptationCGU = $InfosLogin->result->acceptationCGU;
$identity->ip = $adressIp;
$identity->modeEdition = false;
$timeout = (!empty($InfosLogin->result->timeout)) ? $InfosLogin->result->timeout : $this->_timeout;
$identity->timeout = $timeout;
$identity->time = time() + $timeout;
$lang = in_array($InfosLogin->result->lang, array('fr','en')) ? $InfosLogin->result->lang : 'fr';
$identity->lang = $lang;
$identity->langtmp = $lang;
/*
* Adresse Ip interdites
*/
$ipInterdites =
'81.252.88.0-81.252.88.7' // CTE D AGGLOMERATION DE SOPHIA
. ';' . '195.200.187.163' // PacWan
. ';' . '213.11.81.41' // Verizon France SAS
. ';' . '83.206.171.252' // FR-BASE-D-INFORMATIONS-LEGALES-BI
. ';' . '81.255.32.139'
. ';' . '212.155.191.1*' // Satair A/S
. ';' . '217.70.1*.17' // OJSC "Sibirtelecom"
. ';' . '212.37.196.156' // GENERALE-MULTIMEDIA-SUD
. ';' . '80.245.60.121' // Planete Marseille - Mailclub
. ';' . '213.246.57.101' // IKOULA
. ';' . '193.104.158.0-193.104.158.255' // Altares.fr
. ';' . '195.6.3.0-195.6.3.255' // ORT
. ';' . '217.144.112.0-217.144.116.63' // Coface
;
if ( $this->checkPlagesIp($ipInterdites, $adressIp) ) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity);
}
// Renvoi
if ( is_string($InfosLogin) || $InfosLogin->error->errnum!=0){
$message = $InfosLogin;
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $identity, array($message));
} elseif ($this->_username == $InfosLogin->result->login) {
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} else {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity);
}
}
/**
* Controle si une adresse IP est dans une liste des IP communiquées sous la forme
* 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10
* @param string $strPlageIP
* La plage d'adresses IP
* @param string $adresseIP
* L'adresse IP à tester
* @return boolean
*/
protected function checkPlagesIp($strPlageIP, $adresseIP)
{
$connected = false;
$tabIpAllowed = explode(';', trim($strPlageIP));
if (count($tabIpAllowed)==1 && $tabIpAllowed[0]=='') $tabIpAllowed = array();
foreach ($tabIpAllowed as $ip) {
$tabPlages = explode('-', $ip);
// C'est une plage d'adresse '-'
if (isset($tabPlages[1]))
$connected = $this->in_plage($tabPlages[0],$tabPlages[1],$adresseIP);
else {
// C'est une adresse avec ou sans masque '*'
if (preg_match('/^'.str_replace('*','.*',str_replace('.','\.',$ip)).'$/', $adresseIP) )
$connected=true;
}
if ($connected) break;
}
if (count($tabIpAllowed)==0) return false;
elseif (!$connected) {
return false;
}
return true;
}
/**
* Enter description here ...
* @param unknown_type $plage_1
* @param unknown_type $plage_2
* @param unknown_type $ip
* @return boolean
*/
protected function in_plage($plage_1,$plage_2,$ip)
{
$ip2 = $this->getIpNumber($ip);
if ($ip2>=$this->getIpNumber($plage_1) && $ip2<=$this->getIpNumber($plage_2))
return true;
else
return false;
}
/**
* Converti une IP en nombre
* @param string $ip Adresse IP
* @return integer
*/
protected function getIpNumber($ip)
{
$tab=explode('.', $ip);
return (($tab[0]*256*256*256) + ($tab[1]*256*256) + ($tab[2]*256) + ($tab[3]));
}
}