Ei kuvausta

AuthController.php 4.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
  1. <?php
  2. class AuthController extends \BaseController
  3. {
  4. /**
  5. * Display a listing of the resource.
  6. * GET /auth
  7. *
  8. * @return Response
  9. */
  10. public function showLogin()
  11. {
  12. $title = "Online Learning Assessment System";
  13. return View::make('global.login', compact('title'));
  14. }
  15. public function login()
  16. {
  17. /** Validate data */
  18. $validator = Validator::make(
  19. Input::all(),
  20. array(
  21. 'email' => 'required|email',
  22. 'password' => 'required|min:4|max:16'
  23. )
  24. );
  25. if (!$validator->fails()) {
  26. // TODO: Remove this for production environment
  27. // if (App::environment('local', 'staging')) {
  28. // return $this->processLogin();
  29. // }
  30. try {
  31. // User input
  32. $username = str_replace('@upr.edu', '', Input::get('email'));
  33. $password = Input::get('password');
  34. // Radius connection info
  35. $radius = radius_auth_open();
  36. $radius_ip = '136.145.223.27';
  37. $radius_secret = '8reC6ujatArecHe63spech5Wa';
  38. radius_add_server($radius, $radius_ip, 1812, $radius_secret, 5, 3);
  39. // Create radius request and add params
  40. radius_create_request($radius, RADIUS_ACCESS_REQUEST);
  41. radius_put_attr($radius, RADIUS_USER_NAME, $username);
  42. radius_put_attr($radius, RADIUS_USER_PASSWORD, $password);
  43. $result = radius_send_request($radius);
  44. switch ($result) {
  45. // Credentials are correct
  46. case RADIUS_ACCESS_ACCEPT:
  47. return $this->processLogin();
  48. break;
  49. case RADIUS_ACCESS_REJECT:
  50. // If email is a workshop email,
  51. if (Input::get('email') == 'taller1@upr.edu' && Input::get('password') == 'o34eAvaluo') {
  52. return $this->processLogin();
  53. }
  54. // Tell user credentials are incorrect
  55. Session::flash('status', 'danger');
  56. Session::flash('message', 'Incorrect email/password combination.');
  57. return Redirect::action('AuthController@showLogin');
  58. break;
  59. // Throw exception in case of any other error
  60. default:
  61. throw new Exception("-", 1);
  62. break;
  63. }
  64. } catch (Exception $e) {
  65. // Tell user access is denied and return to login page.
  66. Session::flash('status', 'danger');
  67. Session::flash('message', 'An error occurred while connecting to the authentication service. Please try again later. If the problem persists, contact the help desk at x. 80400 or the administrators at oeae.uprrp.edu.');
  68. return Redirect::action('AuthController@showLogin');
  69. }
  70. return Redirect::route('login');
  71. } else {
  72. /** Prepare error message */
  73. $message = '<ul>';
  74. foreach ($validator->messages()->all('<li>:message</li>') as $validationError) {
  75. $message .= $validationError;
  76. }
  77. $message .= '</ul>';
  78. Session::flash('status', 'danger');
  79. Session::flash('message', $message);
  80. return Redirect::action('AuthController@showLogin');
  81. }
  82. }
  83. private function processLogin()
  84. {
  85. // Get user record in OLAS database, if it exists
  86. $user = User::where('email', Input::get('email'))->first();
  87. // If user exists in the database AND is authorized
  88. if ($user and $user->has_access) {
  89. // Log in user and direct to main page
  90. Auth::login($user);
  91. // Get last visible AND running term;
  92. $semester = Semester::where('is_visible', 1)
  93. ->where('start', '<=', date('Y-m-d H:i:s'))
  94. ->orderBy('start', 'DESC')
  95. ->first();
  96. Session::forget('current_semester');
  97. Session::put('current_semester', $semester);
  98. // Push into semesters variable
  99. $semesters_id = array();
  100. $semesters_info = array();
  101. $semesters_ids[] = $semester->id;
  102. $semesters_info[] = $semester->name . ' (' . $semester->code . ')';
  103. // Put semesters information arrays into Session
  104. Session::forget('semesters_ids');
  105. Session::put('semesters_ids', $semesters_ids);
  106. Session::forget('semesters_info');
  107. Session::put('semesters_info', $semesters_info);
  108. // Record last login
  109. User::where('id', Auth::user()->id)
  110. ->update(
  111. array(
  112. 'last_login' => DB::raw('NOW()')
  113. )
  114. );
  115. if (!Auth::user()->office_phone) {
  116. return Redirect::action('UsersController@edit');
  117. }
  118. // Redirect depending on user
  119. switch (Auth::user()->role) {
  120. case 1:
  121. return Redirect::intended('administrator');
  122. break;
  123. case 2:
  124. return Redirect::intended('school-coordinator');
  125. break;
  126. case 3:
  127. return Redirect::intended('program-coordinator');
  128. break;
  129. case 4:
  130. return Redirect::intended('professor');
  131. break;
  132. }
  133. } else {
  134. // Tell user access is denied and return to login page.
  135. Session::flash('status', 'danger');
  136. Session::flash('message', 'You are not an authorized user. You may request access by contacting oeae.uprrp.edu.');
  137. return Redirect::action('AuthController@showLogin');
  138. }
  139. }
  140. public function logout()
  141. {
  142. Auth::logout();
  143. Session::flush();
  144. return Redirect::action('AuthController@showLogin');
  145. }
  146. }