2013-11-05 11:18:30 +00:00
|
|
|
<?php
|
|
|
|
class Application_Controller_Plugin_Auth extends Zend_Controller_Plugin_Abstract
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Vérifie les autorisations
|
|
|
|
* Utilise _request et _response hérités et injectés par le FC
|
|
|
|
*
|
|
|
|
* @param Zend_Controller_Request_Abstract $request : non utilisé, mais demandé par l'héritage
|
|
|
|
*/
|
|
|
|
public function preDispatch(Zend_Controller_Request_Abstract $request)
|
|
|
|
{
|
|
|
|
$controller = $request->getControllerName();
|
|
|
|
$action = $request->getActionName();
|
|
|
|
|
|
|
|
$checkAuth = true;
|
|
|
|
//Pas d'authentification sur la demande d'authentification
|
|
|
|
if ( $controller == 'user' && $action == 'login' ) {
|
|
|
|
$checkAuth = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Pas d'authentification sur ces services
|
|
|
|
if ( in_array($controller, array('service', 'import'))
|
2014-02-25 16:33:07 +00:00
|
|
|
|| ( $controller == 'fichier' && $action == 'logs' )
|
2013-11-05 11:18:30 +00:00
|
|
|
|| ( $controller == 'fichier' && $action == 'kbis' )
|
|
|
|
|| ( $controller == 'fichier' && $action == 'csv' )
|
2014-02-25 16:33:07 +00:00
|
|
|
|| ( $controller == 'fichier' && $action == 'associations' )
|
|
|
|
|| ( $controller == 'fichier' && $action == 'greffes' )) {
|
2013-11-05 11:18:30 +00:00
|
|
|
$checkAuth = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$checkWs = true;
|
|
|
|
if ( $controller == 'fichier' ) {
|
|
|
|
$checkWs = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($checkAuth) {
|
|
|
|
$login = $request->getParam('login');
|
|
|
|
$pass = $request->getParam('pass', '');
|
|
|
|
|
|
|
|
$hach = $request->getParam('hach');
|
|
|
|
if (!empty($hach)) {
|
|
|
|
$pass = $hach;
|
|
|
|
}
|
2013-11-21 16:13:20 +00:00
|
|
|
|
2013-11-05 11:18:30 +00:00
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
|
|
//On vérifie le tout lors d'une connexion par url
|
|
|
|
if ( !empty($login) && !empty($pass) ) {
|
|
|
|
|
2013-11-21 16:13:20 +00:00
|
|
|
$authAdapter = new Scores_Auth_Adapter_Db($login, $pass, $checkWs);
|
2013-11-05 11:18:30 +00:00
|
|
|
$result = $auth->authenticate($authAdapter);
|
|
|
|
if (!$result->isValid()) {
|
|
|
|
$layout = Zend_Layout::getMVCInstance();
|
|
|
|
if ( !$layout->isEnabled() ){
|
|
|
|
echo "Identification incorrect ou périmé.";
|
|
|
|
} else {
|
|
|
|
$request->setModuleName('default')
|
|
|
|
->setControllerName('user')
|
|
|
|
->setActionName('logout');
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$storage = new Zend_Auth_Storage_Session();
|
|
|
|
$session = new Zend_Session_Namespace($storage->getNamespace());
|
|
|
|
//$session->setExpirationSeconds(86400);
|
|
|
|
$auth->setStorage($storage);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
//Sinon on reste sur le standard
|
|
|
|
} else {
|
|
|
|
//Pas authentifié
|
|
|
|
if ( !$auth->hasIdentity() || time() > $auth->getIdentity()->time ) {
|
|
|
|
|
|
|
|
$auth->clearIdentity();
|
|
|
|
$session = new Zend_Session_Namespace('login');
|
|
|
|
$session->url = $_SERVER['REQUEST_URI'];
|
|
|
|
|
|
|
|
$layout = Zend_Layout::getMVCInstance();
|
|
|
|
if (!$layout->isEnabled()){
|
|
|
|
echo "Identification incorrect ou périmé.";
|
|
|
|
} else {
|
|
|
|
$this->_response->setRedirect('/user/login')->sendResponse();
|
|
|
|
}
|
|
|
|
//Authentifié => on met à jour la session
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$identity = $auth->getIdentity();
|
|
|
|
$identity->time = time() + $identity->timeout;
|
|
|
|
$auth->getStorage()->write($identity);
|
|
|
|
|
|
|
|
if (Zend_Session::namespaceIsset('login')){
|
|
|
|
Zend_Session::namespaceUnset('login');
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|