icingaweb2/application/controllers/AuthenticationController.php

<?php
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */

namespace Icinga\Controllers;

use Icinga\Application\Icinga;
use Icinga\Forms\Authentication\LoginForm;
use Icinga\Web\Controller;
use Icinga\Web\Url;

/**
 * Application wide controller for authentication
 */
class AuthenticationController extends Controller
{
    /**
     * {@inheritdoc}
     */
    protected $requiresAuthentication = false;

    /**
     * {@inheritdoc}
     */
    protected $innerLayout = 'inline';

    /**
     * Log into the application
     */
    public function loginAction()
    {
        $icinga = Icinga::app();
        if (($requiresSetup = $icinga->requiresSetup()) && $icinga->setupTokenExists()) {
            $this->redirectNow(Url::fromPath('setup'));
        }
        $form = new LoginForm();
        if ($this->Auth()->isAuthenticated()) {
            $this->redirectNow($form->getRedirectUrl());
        }
        if (! $requiresSetup) {
            if (! $this->getRequest()->hasCookieSupport()) {
                $this
                    ->getResponse()
                    ->setBody("Cookies must be enabled to run this application.\n")
                    ->setHttpResponseCode(403)
                    ->sendResponse();
                exit();
            }
            $form->handleRequest();
        }
        $this->view->form = $form;
        $this->view->title = $this->translate('Icinga Web 2 Login');
        $this->view->requiresSetup = $requiresSetup;
    }

    /**
     * Log out the current user
     */
    public function logoutAction()
    {
        $auth = $this->Auth();
        if (! $auth->isAuthenticated()) {
            $this->redirectToLogin();
        }
        // Get info whether the user is externally authenticated before removing authorization which destroys the
        // session and the user object
        $isExternalUser = $auth->getUser()->isExternalUser();
        $auth->removeAuthorization();
        if ($isExternalUser) {
            $this->getResponse()->setHttpResponseCode(401);
        } else {
            $this->redirectToLogin();
        }
    }
}
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`<?php`
Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL 2015-02-04 04:46:36 -05:00			`/* Icinga Web 2 \| (c) 2013-2015 Icinga Development Team \| GPLv2+ */`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00
Namespace the AuthenticationController refs #5786 2015-08-27 07:09:58 -04:00			`namespace Icinga\Controllers;`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00
Optimize imports in AuthenticationController.php 2014-12-29 08:30:47 -05:00			`use Icinga\Application\Icinga;`
			`use Icinga\Forms\Authentication\LoginForm;`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`use Icinga\Web\Controller;`
Fix layout re-rendering after login (thank you, automerge) 2014-03-06 06:07:24 -05:00			`use Icinga\Web\Url;`
Refactor Form-builder [WIP] Refactor Form-builder so that it is an abstract extension class of Zend_Form. refs #4355 2013-07-12 10:10:56 -04:00
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`/**`
Application/Controllers: Follow our Coding Standards refs #4512 2013-08-16 08:56:23 -04:00			`* Application wide controller for authentication`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`*/`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`class AuthenticationController extends Controller`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`{`
			`/**`
Do not show the full layout on the login page ... refs #9892 2015-08-13 02:12:30 -04:00			`* {@inheritdoc}`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`*/`
Fix pagination and remove ModuleController, rename handlesAuth This commit introduces the following changes: - Count is now performed after joins are added to the selection query, therefore returning the correct number - MonitoringControllerTest now needn't to mock ModuleActionController (which is now removed) - handlesAuthentication is now requiresAuthentication - Redirection to login is now directly handled in the ActionController constructor, so we don't need to overwrite the preDispatch method refs #4589 refs #4591 refs #4572 2013-08-30 09:50:49 -04:00			`protected $requiresAuthentication = false;`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00
Do not show the full layout on the login page ... refs #9892 2015-08-13 02:12:30 -04:00			`/**`
			`* {@inheritdoc}`
			`*/`
			`protected $innerLayout = 'inline';`

Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`/**`
Application/Controllers: Follow our Coding Standards refs #4512 2013-08-16 08:56:23 -04:00			`* Log into the application`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`*/`
			`public function loginAction()`
			`{`
Use the setup related utility functions in AuthenticationController.php 2014-12-29 08:30:06 -05:00			`$icinga = Icinga::app();`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`if (($requiresSetup = $icinga->requiresSetup()) && $icinga->setupTokenExists()) {`
Do not redirect to the wizard in case of an empty config.ini 2014-11-18 07:13:02 -05:00			`$this->redirectNow(Url::fromPath('setup'));`
Redirect to /setup if necessary A user gets now redirected to /setup in case he is not logged in, the token file exists and no config.ini was found. refs #7163 2014-09-10 08:48:33 -04:00			`}`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`$form = new LoginForm();`
			`if ($this->Auth()->isAuthenticated()) {`
			`$this->redirectNow($form->getRedirectUrl());`
Fix Authentication workflow - The authentication controller now uses the Authentication/Manager class, also there were some issues in the Session creation, this has been removed from the Bootstrap now, as the Controller must decide how to open a session (read-only or read/write). - The tests reflect a few chagnes, as the move from the CSRF token generation to the Formbuilder. - Notificaiton now doesn't use Zend Session refs #4340 2013-06-24 12:46:45 -04:00			`}`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`if (! $requiresSetup) {`
AuthenticationController: Add cookie detection to login action refs #7383 2015-08-13 05:21:05 -04:00			`if (! $this->getRequest()->hasCookieSupport()) {`
Use Request::setBody() for cookies disabled message 2015-08-27 07:21:43 -04:00			`$this`
			`->getResponse()`
			`->setBody("Cookies must be enabled to run this application.\n")`
			`->setHttpResponseCode(403)`
			`->sendResponse();`
AuthenticationController: Add cookie detection to login action refs #7383 2015-08-13 05:21:05 -04:00			`exit();`
			`}`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`$form->handleRequest();`
			`}`
			`$this->view->form = $form;`
			`$this->view->title = $this->translate('Icinga Web 2 Login');`
			`$this->view->requiresSetup = $requiresSetup;`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`}`

			`/**`
Application/Controllers: Follow our Coding Standards refs #4512 2013-08-16 08:56:23 -04:00			`* Log out the current user`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`*/`
			`public function logoutAction()`
			`{`
AuthenticationController: use Auth() helper function 2014-06-22 14:08:55 -04:00			`$auth = $this->Auth();`
Fix that logout of unauthenticated users throws exceptions 2014-10-01 02:13:17 -04:00			`if (! $auth->isAuthenticated()) {`
			`$this->redirectToLogin();`
			`}`
lib: Rename remote user to external user We renamed our backend. Code now reflects this. refs #9660 2015-07-29 09:44:32 -04:00			`// Get info whether the user is externally authenticated before removing authorization which destroys the`
			`// session and the user object`
			`$isExternalUser = $auth->getUser()->isExternalUser();`
Fix Authentication workflow - The authentication controller now uses the Authentication/Manager class, also there were some issues in the Session creation, this has been removed from the Bootstrap now, as the Controller must decide how to open a session (read-only or read/write). - The tests reflect a few chagnes, as the move from the CSRF token generation to the Formbuilder. - Notificaiton now doesn't use Zend Session refs #4340 2013-06-24 12:46:45 -04:00			`$auth->removeAuthorization();`
lib: Rename remote user to external user We renamed our backend. Code now reflects this. refs #9660 2015-07-29 09:44:32 -04:00			`if ($isExternalUser) {`
Relax auth controller complexity refs #9660 2015-07-29 08:17:07 -04:00			`$this->getResponse()->setHttpResponseCode(401);`
Add extern authentication Provide a new settings authenticationMode and delegate the authentication handling to the webserver when the external authentication mode is set. Add a new view 'logout' that will be shown after logout from external authentication as the regular redirect to login is not possible. refs #5405 2014-02-26 11:36:20 -05:00			`} else {`
Fix that logout of unauthenticated users throws exceptions 2014-10-01 02:13:17 -04:00			`$this->redirectToLogin();`
Add extern authentication Provide a new settings authenticationMode and delegate the authentication handling to the webserver when the external authentication mode is set. Add a new view 'logout' that will be shown after logout from external authentication as the regular redirect to login is not possible. refs #5405 2014-02-26 11:36:20 -05:00			`}`
Test and move bootstrapping/web code to source tree Move code from incubator to web. Only files needed to show welcome moved. refs #4249 2013-06-14 07:51:44 -04:00			`}`
			`}`