Fixed error in Auth::authenticate causing phpCAS::client to be called twice.
[piwik-CASLogin.git] / Controller.php
1 <?php
2 /**
3  * Piwik - Open source web analytics
4  *
5  * @link http://piwik.org
6  * @license http://www.gnu.org/licenses/gpl-3.0.html Gpl v3 or later
7  * @version $Id: Controller.php 943 2009-03-01 23:36:36Z matt $
8  *
9  * @category Piwik_Plugins
10  * @package CASLogin
11  */
12
13 namespace Piwik\Plugins\CASLogin;
14
15 use Piwik\Config;
16 use Piwik\Nonce;
17 use Piwik\Piwik;
18 use Piwik\Plugins\UsersManager\API;
19 use Piwik\Url;
20 use Piwik\View;
21
22 /**
23  * @package CASLogin
24  */
25 class Controller extends \Piwik\Plugin\Controller
26 {
27         public function index()
28         {
29                 Piwik::redirectToModule('CoreHome');
30         }
31         
32         /**
33          * Configure common view properties
34          *
35          * @param Piwik_View $view
36          */
37         private function configureView($view)
38         {
39                 
40                 $this->setBasicVariablesView($view);
41                 $view->linkTitle = Piwik::getRandomTitle();
42
43                 $enableFramedLogins = Config::getInstance()->General['enable_framed_pages'];
44                 $view->enableFramedLogins = $enableFramedLogins;
45                 if(!$enableFramedLogins)
46                 {
47                         $view->setXFrameOptions('sameorigin');
48                 }
49                 $view->forceSslLogin = Config::getInstance()->General['force_ssl'];
50                 // crsf token: don't trust the submitted value; generate/fetch it from session data
51                 $view->nonce = Nonce::getNonce('Piwik_Login.login');
52         }
53     
54         /**
55          * Login form
56          *
57          * @param string $messageNoAccess Access error message
58          * @param string $currentUrl Current URL
59          * @return void
60          */
61         function login($messageNoAccess = null)
62         {
63                 $view = new View('@CASLogin/login');
64                 $view->AccessErrorString = $messageNoAccess;
65                 $view->linkTitle = Piwik::getRandomTitle();
66                 $config = Config::getInstance()->caslogin;
67                 $view->loginImage = isset($config['loginimage']) ? $config['loginimage'] : '';
68                 $view->subTemplate = 'genericForm.tpl';
69                 $this->configureView($view);
70                 echo $view->render();
71         }
72     
73     public function redirectToCAS() {
74                 // This is simply if we are coming back from CAS.
75         // the actual redirect happens in the authentication class.
76         if(Piwik::getCurrentUserLogin() != 'anonymous') {
77             Piwik::redirectToModule('CoreHome');
78         }
79     }
80
81         private function clearSession()
82         {       
83                 /* Note: some browsers don't respect server revokation */
84                 $auth = Zend_Registry::get('auth');
85                 $auth->setLogin(null);
86                 $auth->setTokenAuth(null);
87
88                 $access = Zend_Registry::get('access');
89                 $access->reloadAccess($auth);
90
91         $authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
92         $cookie = new Piwik_Cookie($authCookieName);
93         $cookie->delete();
94
95                 @Zend_Session::destroy(true);
96         }
97         
98         public function logout()
99         {
100         \phpCAS::logoutWithUrl(Url::getCurrentUrlWithoutQueryString() );
101         }
102 }