requiresSetup()) && $icinga->setupTokenExists()) { $this->redirectNow(Url::fromPath('setup')); } $form = new LoginForm(); if (RememberMe::hasCookie() && $this->hasDb()) { $authenticated = false; try { $rememberMeOld = RememberMe::fromCookie(); $authenticated = $rememberMeOld->authenticate(); if ($authenticated) { $rememberMe = $rememberMeOld->renew(); $this->getResponse()->setCookie($rememberMe->getCookie()); $rememberMe->persist($rememberMeOld->getAesCrypt()->getIV()); } } catch (RuntimeException $e) { Logger::error("Can't authenticate user via remember me cookie: %s", $e->getMessage()); } catch (AuthenticationException $e) { Logger::error($e); } if (! $authenticated) { $this->getResponse()->setCookie(RememberMe::forget()); } } if ($this->Auth()->isAuthenticated()) { // Call provided AuthenticationHook(s) when login action is called // but icinga web user is already authenticated AuthenticationHook::triggerLogin($this->Auth()->getUser()); $redirect = $this->params->get('redirect'); if ($redirect) { $redirectUrl = Url::fromPath($redirect, [], $this->getRequest()); if ($redirectUrl->isExternal()) { $this->httpBadRequest('nope'); } } else { $redirectUrl = $form->getRedirectUrl(); } $this->redirectNow($redirectUrl); } if (! $requiresSetup) { $cookies = new CookieHelper($this->getRequest()); if (! $cookies->isSupported()) { $this ->getResponse() ->setBody("Cookies must be enabled to run this application.\n") ->setHttpResponseCode(403) ->sendResponse(); exit; } $form->handleRequest(); } $loginButtons = []; $request = ServerRequest::fromGlobals(); foreach (LoginButtonHook::all() as $class => $hook) { try { foreach ($hook->getButtons() as $index => $button) { assert($button instanceof LoginButton); $loginButtons[] = (new LoginButtonForm( sha1("$class!$index"), $button, ClassLoader::classBelongsToModule($class) ? ClassLoader::extractModuleName($class) : null )) ->on(LoginButtonForm::ON_SUCCESS, function () use ($button): void { ($button->onClick)(); }) ->handleRequest($request); } } catch (Throwable $e) { Logger::error('Failed to execute login button hook: %s', $e); continue; } } $this->view->form = $form; $this->view->loginButtons = $loginButtons; $this->view->defaultTitle = $this->translate('Icinga Web 2 Login'); $this->view->requiresSetup = $requiresSetup; } /** * Log out the current user */ public function logoutAction() { $auth = $this->Auth(); if (! $auth->isAuthenticated()) { $this->redirectToLogin(); } // Get info whether the user is externally authenticated before removing authorization which destroys the // session and the user object $isExternalUser = $auth->getUser()->isExternalUser(); // Call provided AuthenticationHook(s) when logout action is called AuthenticationHook::triggerLogout($auth->getUser()); $auth->removeAuthorization(); if ($isExternalUser) { $this->view->layout()->setLayout('external-logout'); $this->getResponse()->setHttpResponseCode(401); } else { if (RememberMe::hasCookie() && $this->hasDb()) { $this->getResponse()->setCookie(RememberMe::forget()); } $this->redirectToLogin(); } } }