説明なし

AuthController.php 4.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184
  1. <?php
  2. class AuthController extends \BaseController {
  3. /**
  4. * Display a listing of the resource.
  5. * GET /auth
  6. *
  7. * @return Response
  8. */
  9. public function showLogin()
  10. {
  11. $title ="Online Learning Assessment System";
  12. return View::make('global.login', compact('title'));
  13. }
  14. public function login()
  15. {
  16. /** Validate data */
  17. $validator = Validator::make(
  18. Input::all(),
  19. array(
  20. 'email'=>'required|email',
  21. 'password'=>'required|min:4|max:16'
  22. )
  23. );
  24. if(!$validator->fails())
  25. {
  26. // TODO: Remove this for production environment
  27. if (App::environment('local', 'staging')) {
  28. return $this->processLogin();
  29. }
  30. try {
  31. // User input
  32. $username = str_replace('@upr.edu', '', Input::get('email'));
  33. $password = Input::get('password');
  34. // Radius connection info
  35. $radius = radius_auth_open();
  36. $radius_ip = '136.145.223.27';
  37. $radius_secret = '8reC6ujatArecHe63spech5Wa';
  38. radius_add_server($radius, $radius_ip, 1812, $radius_secret, 5, 3);
  39. // Create radius request and add params
  40. radius_create_request($radius, RADIUS_ACCESS_REQUEST);
  41. radius_put_attr($radius, RADIUS_USER_NAME, $username);
  42. radius_put_attr($radius, RADIUS_USER_PASSWORD, $password);
  43. $result = radius_send_request($radius);
  44. switch ($result) {
  45. // Credentials are correct
  46. case RADIUS_ACCESS_ACCEPT:
  47. return $this->processLogin();
  48. break;
  49. case RADIUS_ACCESS_REJECT:
  50. // If email is a workshop email,
  51. if(Input::get('email') == 'taller1@upr.edu' && Input::get('password') == 'o34eAvaluo'){
  52. return $this->processLogin();
  53. }
  54. // Tell user credentials are incorrect
  55. Session::flash('status', 'danger');
  56. Session::flash('message', 'Incorrect email/password combination.');
  57. return Redirect::action('AuthController@showLogin');
  58. break;
  59. // Throw exception in case of any other error
  60. default:
  61. throw new Exception("-", 1);
  62. break;
  63. }
  64. }
  65. catch(Exception $e){
  66. // Tell user access is denied and return to login page.
  67. Session::flash('status', 'danger');
  68. Session::flash('message', 'An error occurred while connecting to the authentication service. Please try again later. If the problem persists, contact the help desk at x. 80400 or the administrators at oeae.uprrp.edu.');
  69. return Redirect::action('AuthController@showLogin');
  70. }
  71. return Redirect::route('login');
  72. }
  73. else
  74. {
  75. /** Prepare error message */
  76. $message = '<ul>';
  77. foreach ($validator->messages()->all('<li>:message</li>') as $validationError)
  78. {
  79. $message.=$validationError;
  80. }
  81. $message.='</ul>';
  82. Session::flash('status', 'danger');
  83. Session::flash('message', $message);
  84. return Redirect::action('AuthController@showLogin');
  85. }
  86. }
  87. private function processLogin(){
  88. // Get user record in OLAS database, if it exists
  89. $user = User::where('email', Input::get('email'))->first();
  90. // If user exists in the database AND is authorized
  91. if($user and $user->has_access)
  92. {
  93. // Log in user and direct to main page
  94. Auth::login($user);
  95. // Get last visible AND running term;
  96. $semester = Semester::
  97. where('is_visible', 1)
  98. ->where('start', '<=', date('Y-m-d H:i:s'))
  99. ->orderBy('start', 'DESC')
  100. ->first();
  101. Session::forget('current_semester');
  102. Session::put('current_semester', $semester);
  103. // Push into semesters variable
  104. $semesters_id = array();
  105. $semesters_info = array();
  106. $semesters_ids[] = $semester->id;
  107. $semesters_info[] = $semester->name.' ('.$semester->code.')';
  108. // Put semesters information arrays into Session
  109. Session::forget('semesters_ids');
  110. Session::put('semesters_ids', $semesters_ids);
  111. Session::forget('semesters_info');
  112. Session::put('semesters_info', $semesters_info);
  113. // Record last login
  114. User::where('id', Auth::user()->id)
  115. ->update(array(
  116. 'last_login' => DB::raw('NOW()')
  117. )
  118. );
  119. if(!Auth::user()->office_phone){
  120. return Redirect::action('UsersController@edit');
  121. }
  122. // Redirect depending on user
  123. switch (Auth::user()->role) {
  124. case 1:
  125. return Redirect::intended('administrator');
  126. break;
  127. case 2:
  128. return Redirect::intended('school-coordinator');
  129. break;
  130. case 3:
  131. return Redirect::intended('program-coordinator');
  132. break;
  133. case 4:
  134. return Redirect::intended('professor');
  135. break;
  136. }
  137. }
  138. else
  139. {
  140. // Tell user access is denied and return to login page.
  141. Session::flash('status', 'danger');
  142. Session::flash('message', 'You are not an authorized user. You may request access by contacting oeae.uprrp.edu.');
  143. return Redirect::action('AuthController@showLogin');
  144. }
  145. }
  146. public function logout()
  147. {
  148. Auth::logout();
  149. Session::flush();
  150. return Redirect::action('AuthController@showLogin');
  151. }
  152. }