PDF rausgenommen

msd2/tracking/piwik/core/Session/SessionInitializer.php

@@ -0,0 +1,117 @@
+<?php
+/**
+ * Piwik - free/libre analytics platform
+ *
+ * @link http://piwik.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ */
+namespace Piwik\Session;
+
+use Exception;
+use Piwik\Auth as AuthInterface;
+use Piwik\AuthResult;
+use Piwik\Piwik;
+use Piwik\Session;
+
+/**
+ * Initializes authenticated sessions using an Auth implementation.
+ */
+class SessionInitializer
+{
+    /**
+     * Authenticates the user and, if successful, initializes an authenticated session.
+     *
+     * @param \Piwik\Auth $auth The Auth implementation to use.
+     * @throws Exception If authentication fails or the user is not allowed to login for some reason.
+     */
+    public function initSession(AuthInterface $auth)
+    {
+        $this->regenerateSessionId();
+
+        $authResult = $this->doAuthenticateSession($auth);
+
+        if (!$authResult->wasAuthenticationSuccessful()) {
+
+            Piwik::postEvent('Login.authenticate.failed', array($auth->getLogin()));
+
+            $this->processFailedSession();
+        } else {
+
+            Piwik::postEvent('Login.authenticate.successful', array($auth->getLogin()));
+
+            $this->processSuccessfulSession($authResult);
+        }
+    }
+
+    /**
+     * Authenticates the user.
+     *
+     * Derived classes can override this method to customize authentication logic or impose
+     * extra requirements on the user trying to login.
+     *
+     * @param AuthInterface $auth The Auth implementation to use when authenticating.
+     * @return AuthResult
+     */
+    protected function doAuthenticateSession(AuthInterface $auth)
+    {
+        Piwik::postEvent(
+            'Login.authenticate',
+            array(
+                $auth->getLogin(),
+            )
+        );
+
+        return $auth->authenticate();
+    }
+
+    /**
+     * Executed when the session could not authenticate.
+     *
+     * @throws Exception always.
+     */
+    protected function processFailedSession()
+    {
+        throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect'));
+    }
+
+    /**
+     * Executed when the session was successfully authenticated.
+     *
+     * @param AuthResult $authResult The successful authentication result.
+     */
+    protected function processSuccessfulSession(AuthResult $authResult)
+    {
+        $sessionIdentifier = new SessionFingerprint();
+        $sessionIdentifier->initialize($authResult->getIdentity(), $this->isRemembered());
+
+        /**
+         * @ignore
+         */
+        Piwik::postEvent('Login.authenticate.processSuccessfulSession.end', array($authResult->getIdentity()));
+    }
+
+    protected function regenerateSessionId()
+    {
+        Session::regenerateId();
+    }
+
+    /**
+     * Accessor to compute the hashed authentication token.
+     *
+     * @param string $login user login
+     * @param string $token_auth authentication token
+     * @return string hashed authentication token
+     * @deprecated
+     */
+    public static function getHashTokenAuth($login, $token_auth)
+    {
+        return md5($login . $token_auth);
+    }
+
+    private function isRemembered()
+    {
+        $cookieParams = session_get_cookie_params();
+        return $cookieParams['lifetime'] > 0;
+    }
+}