Menu
▾
▴
[Gemstracker-svn] SF.net SVN: gemstracker:[563] trunk/library/classes/Gems
|
From: <gem...@li...> - 2012-03-22 17:05:29
|
Revision: 563
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=563&view=rev
Author: matijsdejong
Date: 2012-03-22 17:05:18 +0000 (Thu, 22 Mar 2012)
Log Message:
-----------
Moved IP check from Gems_Auth() to User->authenticate()
isAllowedIp() is no longer static, allowing per project overloading
Modified Paths:
--------------
trunk/library/classes/Gems/Auth.php
trunk/library/classes/Gems/User/User.php
trunk/library/classes/Gems/Util.php
Modified: trunk/library/classes/Gems/Auth.php
===================================================================
--- trunk/library/classes/Gems/Auth.php 2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/Auth.php 2012-03-22 17:05:18 UTC (rev 563)
@@ -54,7 +54,6 @@
*/
const ERROR_DATABASE_NOT_INSTALLED = -11;
const ERROR_PASSWORD_DELAY = -12;
- const ERROR_INVALID_IP = -13;
/**
* @var array Message templates
@@ -62,7 +61,6 @@
protected $_messageTemplates = array(
self::ERROR_DATABASE_NOT_INSTALLED => 'Installation not complete! Login is not yet possible!',
self::ERROR_PASSWORD_DELAY => 'Your account is temporarily blocked, please wait %s seconds',
- self::ERROR_INVALID_IP => 'You are not allowed to login from this location.'
);
/**
@@ -147,12 +145,7 @@
// We only forward to auth adapter when we have no timeout to prevent hammering the auth system
if (! isset($result) ) {
- // Check if the client IP address is within allowed IP ranges
- if (isset($formValues['allowed_ip_ranges']) && !Gems_Util::isAllowedIP($_SERVER['REMOTE_ADDR'], $formValues['allowed_ip_ranges'])) {
- $result = $this->_error(self::ERROR_INVALID_IP);
- } else {
- $result = parent::authenticate($adapter);
- }
+ $result = parent::authenticate($adapter);
}
if ($result->isValid()) {
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/User/User.php 2012-03-22 17:05:18 UTC (rev 563)
@@ -251,9 +251,13 @@
*/
public function authenticate($formValues)
{
+ // Check if the client IP address is within allowed IP ranges
+ if (! $this->util->isAllowedIP($_SERVER['REMOTE_ADDR'], $this->getAllowedIPRanges())) {
+ return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $this->getLoginName(), array($this->translate->_('You are not allowed to login from this location.')));
+ }
+
$auth = Gems_Auth::getInstance();
- $formValues['allowed_ip_ranges'] = $this->getAllowedIPRanges();
$formValues['organization'] = $this->getBaseOrganizationId();
$formValues['userlogin'] = $this->getLoginName();
Modified: trunk/library/classes/Gems/Util.php
===================================================================
--- trunk/library/classes/Gems/Util.php 2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/Util.php 2012-03-22 17:05:18 UTC (rev 563)
@@ -193,7 +193,7 @@
* Get the default user consent
*
* This is de consent description from gems__consents, not the consentCODE
- *
+ *
* @return string
*/
public function getDefaultConsent()
@@ -306,7 +306,7 @@
* @param string $ipRanges
* @return bool
*/
- public static function isAllowedIP($ip, $ipRanges = "")
+ public function isAllowedIP($ip, $ipRanges = "")
{
if (!strlen($ipRanges)) {
return true;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
