commit efc44d8948c417dfb3f1259c3479c0db48857e63
parent a0d0bd42e8201627ee650129402b6b2d84d9779c
Author: Felicitus <felicitus@felicitus.de>
Date: Wed, 22 Sep 2010 13:37:49 +0200
Refactored login mechanism
Diffstat:
3 files changed, 47 insertions(+), 6 deletions(-)
diff --git a/src/de/RaumZeitLabor/PartDB2/Auth/AuthManagerService.php b/src/de/RaumZeitLabor/PartDB2/Auth/AuthManagerService.php
@@ -5,8 +5,7 @@ declare(encoding = 'UTF-8');
use de\RaumZeitLabor\PartDB2\Service\AnonService,
de\RaumZeitLabor\PartDB2\Auth\User,
de\RaumZeitLabor\PartDB2\Auth\UserManager,
- de\RaumZeitLabor\PartDB2\Session\SessionManager,
- de\RaumZeitLabor\PartDB2\Auth\Exceptions\InvalidLoginDataException;
+ de\RaumZeitLabor\PartDB2\Session\SessionManager;
class AuthManagerService extends AnonService {
public function login () {
@@ -17,7 +16,7 @@ class AuthManagerService extends AnonService {
$user = new User;
- $user->setUsername ($this->getParameter("username"));
+ $user->setRawUsername ($this->getParameter("username"));
$user->setHashedPassword($this->getParameter("password"));
$authenticatedUser = UserManager::getInstance()->authenticate($user);
@@ -33,5 +32,7 @@ class AuthManagerService extends AnonService {
}
+
+
}
?>
\ No newline at end of file
diff --git a/src/de/RaumZeitLabor/PartDB2/Auth/User.php b/src/de/RaumZeitLabor/PartDB2/Auth/User.php
@@ -11,6 +11,12 @@ class User {
/** @Column(length=32) */
private $password;
+ /**
+ * Creates a new user object.
+ *
+ * @param string $username The username to set (optional)
+ * @param string $password The password to set (optional)
+ */
public function __construct ($username = null, $password = null) {
if ($username !== null) {
$this->setUsername($username);
@@ -28,7 +34,7 @@ class User {
*
* Replaces space with an underscore.
*
- * @param string $username
+ * @param string $username The username to set. Applies automatic username modification.
* @return nothing
*/
public function setUsername ($username) {
@@ -45,6 +51,19 @@ class User {
}
/**
+ * Sets the raw username, without replacing any special chars.
+ *
+ * This method should only be used for building a temporary user
+ * for login checks.
+ *
+ * @param string $username The raw username
+ * @return nothing
+ */
+ public function setRawUsername ($username) {
+ $this->username = $username;
+ }
+
+ /**
* Returns the username.
* @param none
* @return string The username
@@ -63,6 +82,11 @@ class User {
$this->setHashedPassword(md5($password));
}
+ /**
+ * Returns the user's md5-hashed password.
+ * @param none
+ * @return string The md5-hashed password
+ */
public function getHashedPassword () {
return $this->password;
}
@@ -77,10 +101,25 @@ class User {
$this->password = $hashedPassword;
}
+ /**
+ * Compares the given un-hashed password with the
+ * object's hashed password.
+ *
+ *
+ * @param string $password The unhashed password
+ * @return boolean true if the passwords match, false otherwise
+ */
public function comparePassword ($password) {
return $this->compareHashedPassword(md5($password));
}
+ /**
+ * Compares the given hashed password with the object's
+ * hashed password.
+ *
+ * @param string $hashedPassword The md5-hashed password
+ * @return boolean true if the passwords match, false otherwise
+ */
public function compareHashedPassword ($hashedPassword) {
if ($hashedPassword == $this->password) {
return true;
diff --git a/src/de/RaumZeitLabor/PartDB2/Auth/UserManager.php b/src/de/RaumZeitLabor/PartDB2/Auth/UserManager.php
@@ -6,7 +6,8 @@ use de\RaumZeitLabor\PartDB2\Util\Singleton,
de\RaumZeitLabor\PartDB2\Auth\User,
de\RaumZeitLabor\PartDB2\PartDB2,
de\RaumZeitLabor\PartDB2\Auth\Exceptions\UserAlreadyExistsException,
- de\RaumZeitLabor\PartDB2\Auth\Exceptions\UserDoesNotExistException;
+ de\RaumZeitLabor\PartDB2\Auth\Exceptions\UserDoesNotExistException,
+ de\RaumZeitLabor\PartDB2\Auth\Exceptions\InvalidLoginDataException;
class UserManager extends Singleton {
@@ -46,7 +47,7 @@ class UserManager extends Singleton {
);
if ($result == null) {
- return false;
+ throw new InvalidLoginDataException();
} else {
return $result;
}
