Commit ae62afb2 authored by thejoelinux's avatar thejoelinux

raccordement de l'authentification sur le SAAS - pas encore fini

parent 7f2a216e
......@@ -36,6 +36,36 @@ class User extends Record {
}
public static function validate($name, $password) {
// don't validate yourself - ask the SAAS
$postdata = http_build_query(
array(
'o' => 'users',
'a' => 'appli_login',
'app_instance_key' => $GLOBALS["saas_key"],
'name' => $name,
'password' => base64_encode($password)
)
);
$opts = array('http' =>
array(
'method' => 'POST',
'header' => 'Content-type: application/x-www-form-urlencoded',
'content' => $postdata
)
);
$context = stream_context_create($opts);
$json_user_info = file_get_contents($GLOBALS["saas_api_url"], false, $context);
if($json_user_info == "") {
return false;
}
$user = json_decode($json_user_info);
$_SESSION["logged_user"] = $user;
return $user;
/*
// SQL SELECT users
$sql = "SELECT id, name, email, active, password_digest
FROM users
......@@ -49,6 +79,7 @@ class User extends Record {
$user->alert_msg = "Echec de l'authentification";
}
return $user;
*/
}
public function update_password() {
......
......@@ -30,6 +30,7 @@ class AppController {
// DEBUG $this->twig->addExtension(new Twig_Extension_Debug());
$this->context["global"] = $GLOBALS;
$this->context["request"] = $_REQUEST;
$this->set("session", $_SESSION);
if(!method_exists($this, "_".$_REQUEST["a"])) {
$this->render("bad_method");
......
......@@ -16,15 +16,12 @@ $data = new data();
//$session_db = new session_db();
new session_saas();
global $logged_user;
$logged_user = new User(0);
if(!array_key_exists("user_id", $_SESSION)) {
if(!array_key_exists("logged_user", $_SESSION)) {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "submit_login") {
// try to authenticate
$logged_user = User::validate($GLOBALS["data"]->db_escape_string($_REQUEST["name"]),
$_SESSION["logged_user"] = User::validate($GLOBALS["data"]->db_escape_string($_REQUEST["name"]),
$GLOBALS["data"]->db_escape_string($_REQUEST["passwd"]));
if($logged_user->id != 0) {
$_SESSION["user_id"] = $logged_user->id;
if($_SESSION["logged_user"]->id != 0) {
$_REQUEST["o"] = "home";
$_REQUEST["a"] = "index";
} else {
......@@ -35,14 +32,15 @@ if(!array_key_exists("user_id", $_SESSION)) {
} else {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "logout") {
// logout
unset($_SESSION["user_id"]);
unset($_SESSION["logged_user"]);
$_REQUEST["a"] = "login";
} else {
// stay authenticated
$logged_user = User::fetch($_SESSION["user_id"]);
// the user is in the session - you should not ask the saas for every page
// $logged_user = User::fetch($_SESSION["user_id"]);
}
}
if($logged_user->id == 0) {
if($_SESSION["logged_user"]->id == 0) {
// not authenticated
$_REQUEST["o"] = "users";
} else {
......
......@@ -30,10 +30,10 @@
<a class="navbar-brand" href="index.php">
<img id="logo" src="images/ludo-associative.jpg" alt="associative - ludotheque"></a>
</div>
{% if global['logged_user'].id %}
{% if session['logged_user'].id %}
<div id="navbar" class="collapse navbar-collapse navbar-right">
<ul class="nav navbar-nav">
{% if global['logged_user'].roles['games'] %}
{% if session['logged_user'].roles['games'] %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
aria-expanded="false">Jeux...<span class="caret"></span></a>
......@@ -44,21 +44,21 @@
</ul>
</li>
{% endif %}
{% if global['logged_user'].roles['members'] %}
{% if session['logged_user'].roles['members'] %}
<li><a href="index.php?o=members">Adhérents</a></li>
{% endif %}
{% if global['logged_user'].roles['admin'] %}
{% if session['logged_user'].roles['admin'] %}
<li><a href="index.php?o=users&a=list">Comptes</a></li>
{% endif %}
{% if global['logged_user'].roles['games'] or user.roles['members'] %}
{% if session['logged_user'].roles['games'] or user.roles['members'] %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
aria-expanded="false">Options <span class="caret"></span></a>
<ul class="dropdown-menu">
{% if global['logged_user'].roles['games'] %}
{% if session['logged_user'].roles['games'] %}
<li><a href="index.php?o=esar_categories&a=list">Catégories Esar</a></li>
{% endif %}
{% if global['logged_user'].roles['members'] %}
{% if session['logged_user'].roles['members'] %}
<li><a href="index.php?o=membership_types&a=list">Types d'adhésion</a></li>
<li><a href="index.php?o=payment_methods&a=list">Méthodes de paiement</a></li>
{% endif %}
......@@ -67,7 +67,7 @@
{% endif %}
</ul>
<ul class="nav navbar-nav navbar-right">
<li><a href="index.php?o=users&a=options&i={{ global['logged_user'].id }}"><span class="glyphicon glyphicon-user"></span></a></li>
<li><a href="index.php?o=users&a=options&i={{ session['logged_user'].id }}"><span class="glyphicon glyphicon-user"></span></a></li>
<li><a href="index.php?a=logout"><span class="glyphicon glyphicon-log-out"></span></a></li>
</ul>
<form class="navbar-form navbar-right">
......@@ -112,7 +112,7 @@ REQUEST :
<script src="js/bootstrap-switch.min.js"></script>
<script src="js/bootstrap-multiselect.js"></script>
<script src="js/bootstrap-slider.min.js"></script>
{% if global['logged_user'].id %}
{% if session['logged_user'].id %}
<script src="js/functions.js"></script>
{% endif %}
</body>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment