forked from dominik-th/matomo-plugin-LoginOIDC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Auth.php
89 lines (79 loc) · 2.03 KB
/
Auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
/**
* Matomo - free/libre analytics platform
*
* @link https://matomo.org
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
*
*/
namespace Piwik\Plugins\LoginOIDC;
use Piwik\AuthResult;
use Piwik\Plugins\UsersManager\Model;
class Auth extends \Piwik\Plugins\Login\Auth
{
/**
* Forces a successful login.
*
* @var bool
*/
protected $forceLogin;
/**
* @var Model
*/
private $userModel;
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
$this->userModel = new Model();
}
/**
* Authenticates user.
*
* @return AuthResult
*/
public function authenticate()
{
if ($this->forceLogin && !empty($this->login)) {
$user = $this->userModel->getUser($this->login);
return $this->authenticationSuccess($user);
}
return parent::authenticate();
}
/**
* Returns positive AuthResult for a specific user.
* See: {@link \Piwik\Plugins\Login\Auth::authenticationSuccess()} method.
*
* @return AuthResult
*/
private function authenticationSuccess(array $user)
{
if (empty($this->token_auth)) {
$this->token_auth = $this->userModel->generateRandomTokenAuth();
// we generated one randomly which will then be stored in the session and used across the session
}
$isSuperUser = (int) $user['superuser_access'];
$code = $isSuperUser ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS;
return new AuthResult($code, $user['login'], $this->token_auth);
}
/**
* Returns if forceful login is enabled.
*
* @return bool
*/
public function getForceLogin()
{
return $this->forceLogin;
}
/**
* Sets the forceful login.
*
* @param bool $forceLogin true if authentication should succeed.
*/
public function setForceLogin(bool $forceLogin)
{
$this->forceLogin = $forceLogin;
}
}