dmBridge PHP API
DMTEUserController.php
00001 <?php
00002 #
00003 # dmBridge: a data access framework for CONTENTdm(R)
00004 #
00005 # Copyright © 2009, 2010, 2011 Board of Regents of the Nevada System of Higher
00006 # Education, on behalf of the University of Nevada, Las Vegas
00007 #
00008 
00015 class DMTEUserController extends DMAbstractController {
00016 
00017    private function authenticate($alias) {
00018       try {
00019          $as = DMAuthenticationServiceFactory::getService();
00020          $rep = $this->getHTTPRequest()->getRepresentation();
00021          $user = new DMUser($rep->getFormValue("username"));
00022          $result = $as->authenticate($user, $rep->getFormValue("password"));
00023          if ($result) {
00024             $this->getSession()->setUser($user);
00025             $dest_params = "objects";
00026             if ($rep->getFormValue("destination_params")) {
00027                $dest_params = $rep->getFormValue("destination_params");
00028             }
00029             DMHTTPRequest::redirectToParams($dest_params);
00030             die;
00031          } else {
00032             // mitigate brute-force attacks
00033             sleep(DMAbstractController::AUTHENTICATION_DELAY);
00034             header("HTTP/1.1 401 Unauthorized");
00035             $this->getSession()->setFlash(new DMFlash(
00036                   DMLocalizedString::getString("LOGIN_FAILED"), false));
00037          }
00038       } catch (DMException $e) {
00039          $this->getSession()->setFlash(
00040                new DMFlash($e->getMessage(), false));
00041       }
00042 
00043       $this->loginPage($alias);
00044    }
00045 
00046    public function index($alias) {
00047       if (!$alias) {
00048          $alias = "/dmdefault";
00049       }
00050       $alias = DMCollection::getSanitizedAlias($alias);
00051       if ($this->getHTTPRequest()->getMethod() == DMHTTPMethod::POST) {
00052          $this->authenticate($alias);
00053       } else {
00054          $this->loginPage($alias);
00055       }
00056    }
00057 
00058    private function loginPage($alias) {
00059       $col = null;
00060       if ($alias != "/dmdefault") {
00061          $col = DMCollectionFactory::getCollection($alias);
00062       }
00063       $path = "/templates/user/login.html.php";
00064       $tpl = $this->getTemplateSet()->getTemplateAtPathname($path);
00065       global $view;
00066       $view = new DMLoginView($tpl, $this->getSession(),
00067             $col);
00068    }
00069 
00076    public function logout($alias) {
00077       $alias = DMCollection::getSanitizedAlias($alias);
00078 
00079       $user = $this->getSession()->getUser();
00080       if ($user) {
00081          $this->getSession()->setFlash(new DMFlash(
00082                DMLocalizedString::getString("LOGOUT_SUCCESS"), false));
00083          $as = DMAuthenticationServiceFactory::getService();
00084          $as->logout($user);
00085       }
00086 
00087       $params = $alias ? "objects" . $alias : "objects";
00088       DMHTTPRequest::redirectToParams($params);
00089       die;
00090    }
00091 
00092 }
00093 
 All Data Structures Functions Variables