2 /** @package verysimple::Phreeze */
5 * import supporting libraries
7 require_once("Model/DAO/AccountDAO.php");
8 require_once("verysimple/Authentication/IAuthenticatable.php");
10 // these are some generic permission settings. You should set your own in
11 // your account object
12 define("ACCOUNT_PERMISSION_NONE", 0);
13 define("ACCOUNT_PERMISSION_READ", 1);
14 define("ACCOUNT_PERMISSION_WRITE", 2);
15 define("ACCOUNT_PERMISSION_ADMIN", 4);
19 * @package verysimple::Phreeze
23 * This is a sample account object that can be extended under the condition that your
24 * account object meets the following criteria:
26 * The Model is name Account with the following properties/methods:
27 * - Id (int/primary key)
30 * - Modifed (datetime)
31 * - GetRole (returns a role object with a 'Permission' property that contains a bit-wise integer)
33 * Extending your account object from this base class will provide the following features:
34 * - Your class implements IAuthenticatable for use with Controller authentication
35 * - Login method will load this object
36 * - Password changes will be detected on save and passwords will be one-way crypted
38 * @package verysimple::Phreeze
39 * @author VerySimple Inc.
40 * @copyright 1997-2007 VerySimple, Inc.
41 * @license http://www.gnu.org/licenses/lgpl.html LGPL
44 class AuthAccount
extends AccountDAO
implements IAuthenticatable
46 /** @var string this is public for serialization */
47 public $_original_password = "";
50 * Checks if the current user is "anonymous" meaning they have not authenticated
52 * @return bool true if user is anonymous
54 function IsAnonymous()
58 function PasswordWasChanged()
60 return ($this->Password
!= $this->_original_password
&& $this->Password
!= "");
64 * Returns true if the current account has the specified permission
66 * @param int $permission
67 * a bitwise integer representing a unique permission in the application
68 * @return bool true if the current account is authorize for the given permission
70 function IsAuthorized($permission)
72 if ($this->IsAnonymous()) {
76 return (($this->GetRole()->Permission
& $permission) > 0);
80 * Attempts to authenticate based on the provided username/password.
82 * successful, the object is populated with data from the data store
84 * @param string $username
85 * @param string $password
86 * @return bool true if login was successful
88 function Login($username, $password)
90 // for backwards compatibility with Phreeze 2x, look in multiple places for the AccountCriteria class
91 if (! class_exists("AccountCriteria")) {
92 @include_once
("Model/AccountCriteria.php");
95 if (! class_exists("AccountCriteria")) {
96 @include_once
("Model/DAO/AccountCriteria.php");
99 if (! class_exists("AccountCriteria")) {
100 throw new Exception("Unable to locate AccountCriteria class.");
103 if ($username == "" ||
$password == "") {
107 $this->_phreezer
->Observe("AuthAccount.Login Searching For Matching Account...");
109 $criteria = new AccountCriteria();
110 // set both the name and the _Equals properties for backwards compatibility
111 if (property_exists($criteria, 'Username')) {
112 $criteria->Username
= $username;
115 $criteria->Username_Equals
= $username;
116 if (property_exists($criteria, 'Password')) {
117 $criteria->Password
= base64_encode(crypt($password, $username));
120 $criteria->Password_Equals
= base64_encode(crypt($password, $username));
122 $ds = $this->_phreezer
->Query("Account", $criteria);
124 // we have to clear the cache, this resolves an issue where logging in repeatedly
125 // will retain the same cached child objects
128 if ($account = $ds->Next()) {
129 // we can't do $this = $account, so instead just clone all the properties:
130 $this->LoadFromObject($account);
131 $this->GetRole(); // this triggers the role to load so it will be cached
133 // we need to update the login date and count
134 // $this->LastLogin = date('Y-m-d H:i:s');
135 // $this->LoginCount++;
145 * if the password has changed since load, then we want to crypt it
146 * otherwise we don't want to touch it because it is already crypted
148 * @param bool $is_insert
151 function OnSave($is_insert)
153 // if the password has changed since load, then we want to crypt it
154 // otherwise we don't want to touch it because it is already crypted
155 if ($is_insert ||
$this->PasswordWasChanged()) {
156 $this->_phreezer
->Observe("Account->OnSave: The password has changed");
157 $this->Password
= base64_encode(crypt($this->Password
, $this->Username
));
159 $this->Password
= $this->_original_password
;
160 $this->_phreezer
->Observe("Account->OnSave: The password was not changed");
163 // update the modified date
164 $this->Modified
= date('Y-m-d H:i:s');
169 * stores the original password so we can detect if it has been changed
173 $this->_original_password
= $this->Password
;
177 * Updates the password for this account
179 * @param string $new_pass
181 function UpdatePassword($new_pass)
183 $this->_original_password
= ""; // force Save to crypt the password
184 $this->Password
= $new_pass; // base64_encode(crypt($this->Password,$this->Username));