Julien Issler avatar Julien Issler committed 6837c9b

ticket #461: jAuth: update usersession when needed (#461)

Comments (0)

Files changed (2)

lib/jelix/CREDITS

  - jForms: javascript check of secret control's confirmation does not work (#751)
  - jForms: some controls are selected by default if their values are "0" (#757)
  - jCoordinator: exception loop when response's constructor fails (#749)
+ - jAuth: update usersession when needed (#461)
 
 Bastien Jaillot (aka bastnic)
  - bug fix in jDaoGenerator (#282)

lib/jelix/auth/jAuth.class.php

 * @author     Laurent Jouanneau
 * @contributor Frédéric Guillot, Antoine Detante, Julien Issler
 * @copyright  2001-2005 CopixTeam, 2005-2008 Laurent Jouanneau, 2007 Frédéric Guillot, 2007 Antoine Detante
-* @copyright  2007 Julien Issler
+* @copyright  2007-2008 Julien Issler
 *
 * This classes were get originally from an experimental branch of the Copix project (Copix 2.3dev, http://www.copix.org)
 * Few lines of code are still copyrighted 2001-2005 CopixTeam (LGPL licence).
         if($config == null){
             global $gJCoord;
             $plugin = $gJCoord->getPlugin('auth');
-            if($plugin === null){
+            if($plugin === null)
                 throw new jException('jelix~auth.error.plugin.missing');
-            }
             $config = & $plugin->config;
 
             if (!isset($config['session_name'])
-                || $config['session_name'] == ''){
+                || $config['session_name'] == '')
+                $config['session_name'] = 'JELIX_USER';
 
-                $config['session_name'] = 'JELIX_USER';
-            }
-            if (!isset( $config['persistant_cookie_path']) 
-                ||  $config['persistant_cookie_path'] == '') {
+            if (!isset( $config['persistant_cookie_path'])
+                ||  $config['persistant_cookie_path'] == '')
                 $config['persistant_cookie_path'] = $GLOBALS['gJConfig']->urlengine['basePath'];
-            }
         }
         return $config;
     }
             $config = self::_getConfig();
             global $gJConfig;
             $db = strtolower($config['driver']);
-            if(!isset($gJConfig->_pluginsPathList_auth) 
+            if(!isset($gJConfig->_pluginsPathList_auth)
                 || !isset($gJConfig->_pluginsPathList_auth[$db])
-                || !file_exists($gJConfig->_pluginsPathList_auth[$db]) ){
+                || !file_exists($gJConfig->_pluginsPathList_auth[$db]) )
                 throw new jException('jelix~auth.error.driver.notfound',$db);
-            }
+
             require_once($gJConfig->_pluginsPathList_auth[$db].$db.'.auth.php');
             $dname = $config['driver'].'AuthDriver';
             $driver = new $dname($config[$config['driver']]);
 
     /**
      * Create a new user object
-     * 
+     *
      * You should call this method if you want to create a new user. It returns an object,
      * representing a user. Then you should fill its properties and give it to the saveNewUser
      * method.
-     * 
+     *
      * @param string $login the user login
      * @param string $password the user password (not encrypted)
      * @return object the returned object depends on the driver
     }
 
     /**
-     * Save a new user 
-     * 
+     * Save a new user
+     *
      * if the saving has succeed, a AuthNewUser event is sent
      * The given object should have been created by calling createUserObject method :
      *
      */
     public static function saveNewUser($user){
         $dr = self::_getDriver();
-        if($dr->saveNewUser($user)){
+        if($dr->saveNewUser($user))
             jEvent::notify ('AuthNewUser', array('user'=>$user));
-        }
         return $user;
     }
 
     /**
      * update user data
-     * 
+     *
      * It send a AuthUpdateUser event if the saving has succeed. If you want
      * to change the user password, you must use jAuth::changePassword method
      * instead of jAuth::updateUser method.
      *   jAuth::updateUser($user);
      *  </pre>
      *  the type of $user depends of the driver, so it can have other properties.
-     * 
+     *
      * @param object $user  user data
      */
     public static function updateUser($user){
         $dr = self::_getDriver();
-        if($user = $dr->updateUser($user)){
-            jEvent::notify ('AuthUpdateUser', array('user'=>$user));
+        if($dr->updateUser($user) === false)
+            return false;
+
+        if(self::isConnected() && self::getUserSession()->login === $user->login){
+            $config = self::_getConfig();
+            $_SESSION[$config['session_name']] = self::getUser($login);
         }
+        jEvent::notify ('AuthUpdateUser', array('user'=>$user));
+        return true;
     }
 
     /**
         $dr = self::_getDriver();
         $eventresp = jEvent::notify ('AuthCanRemoveUser', array('login'=>$login));
         foreach($eventresp->getResponse() as $rep){
-            if(!isset($rep['canremove']) || $rep['canremove'] === false){
+            if(!isset($rep['canremove']) || $rep['canremove'] === false)
                 return false;
-            }
         }
+        if($dr->removeUser($login)===false)
+            return false;
         jEvent::notify ('AuthRemoveUser', array('login'=>$login));
-        return $dr->removeUser($login);
+        if(self::isConnected() && self::getUserSession()->login === $login)
+            self::logout();
+        return true;
     }
 
     /**
      */
     public static function changePassword($login, $newpassword){
         $dr = self::_getDriver();
-        return $dr->changePassword($login, $newpassword);
+        if($dr->changePassword($login, $newpassword)===false)
+            return false;
+        if(self::isConnected() && self::getUserSession()->login === $login){
+            $config = self::_getConfig();
+            $_SESSION[$config['session_name']] = self::getUser($login);
+        }
+        return true;
     }
 
     /**
 
             $eventresp = jEvent::notify ('AuthCanLogin', array('login'=>$login, 'user'=>$user));
             foreach($eventresp->getResponse() as $rep){
-                if(!isset($rep['canlogin']) || $rep['canlogin'] === false){
+                if(!isset($rep['canlogin']) || $rep['canlogin'] === false)
                     return false;
-                }
             }
 
             $_SESSION[$config['session_name']] = $user;
     */
     public static function getUserSession (){
         $config = self::_getConfig();
-        if (! isset ($_SESSION[$config['session_name']])){
+        if (! isset ($_SESSION[$config['session_name']]))
             $_SESSION[$config['session_name']] = new jAuthDummyUser();
-        }
         return $_SESSION[$config['session_name']];
     }
 
     public static function getRandomPassword($length = 10){
         $letter = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
         $pass = '';
-        for($i=0;$i<$length;$i++){
+        for($i=0;$i<$length;$i++)
             $pass .= $letter{rand(0,61)};
-        }
         return $pass;
     }
 }
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.