[Gemstracker-svn] SF.net SVN: gemstracker:[563] trunk/library/classes/Gems

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 563
          http://gemstracker.svn.sourceforge.net/gemstracker/?rev=563&view=rev
Author:   matijsdejong
Date:     2012-03-22 17:05:18 +0000 (Thu, 22 Mar 2012)
Log Message:
-----------
Moved IP check from Gems_Auth() to User->authenticate()
isAllowedIp() is no longer static, allowing per project overloading

Modified Paths:
--------------
    trunk/library/classes/Gems/Auth.php
    trunk/library/classes/Gems/User/User.php
    trunk/library/classes/Gems/Util.php

Modified: trunk/library/classes/Gems/Auth.php
===================================================================

--- trunk/library/classes/Gems/Auth.php	2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/Auth.php	2012-03-22 17:05:18 UTC (rev 563)
@@ -54,7 +54,6 @@
      */
     const ERROR_DATABASE_NOT_INSTALLED     = -11;
     const ERROR_PASSWORD_DELAY             = -12;
-    const ERROR_INVALID_IP                 = -13;
 
     /**
      * @var array Message templates
@@ -62,7 +61,6 @@
     protected $_messageTemplates = array(
         self::ERROR_DATABASE_NOT_INSTALLED     => 'Installation not complete! Login is not yet possible!',
         self::ERROR_PASSWORD_DELAY             => 'Your account is temporarily blocked, please wait %s seconds',
-        self::ERROR_INVALID_IP                 => 'You are not allowed to login from this location.'
     );
 
     /**
@@ -147,12 +145,7 @@
 
         // We only forward to auth adapter when we have no timeout to prevent hammering the auth system
         if (! isset($result) ) {
-            // Check if the client IP address is within allowed IP ranges
-            if (isset($formValues['allowed_ip_ranges']) && !Gems_Util::isAllowedIP($_SERVER['REMOTE_ADDR'], $formValues['allowed_ip_ranges'])) {
-                $result = $this->_error(self::ERROR_INVALID_IP);
-            } else {
-                $result = parent::authenticate($adapter);
-            }
+            $result = parent::authenticate($adapter);
         }
 
         if ($result->isValid()) {

Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php	2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/User/User.php	2012-03-22 17:05:18 UTC (rev 563)
@@ -251,9 +251,13 @@
      */
     public function authenticate($formValues)
     {
+        // Check if the client IP address is within allowed IP ranges
+        if (! $this->util->isAllowedIP($_SERVER['REMOTE_ADDR'], $this->getAllowedIPRanges())) {
+            return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $this->getLoginName(), array($this->translate->_('You are not allowed to login from this location.')));
+        }
+
         $auth = Gems_Auth::getInstance();
 
-        $formValues['allowed_ip_ranges'] = $this->getAllowedIPRanges();
         $formValues['organization'] = $this->getBaseOrganizationId();
         $formValues['userlogin'] = $this->getLoginName();
 

Modified: trunk/library/classes/Gems/Util.php
===================================================================
--- trunk/library/classes/Gems/Util.php	2012-03-22 16:35:44 UTC (rev 562)
+++ trunk/library/classes/Gems/Util.php	2012-03-22 17:05:18 UTC (rev 563)
@@ -193,7 +193,7 @@
      * Get the default user consent
      *
      * This is de consent description from gems__consents, not the consentCODE
-     * 
+     *
      * @return string
      */
     public function getDefaultConsent()
@@ -306,7 +306,7 @@
      * @param  string $ipRanges
      * @return bool
      */
-    public static function isAllowedIP($ip, $ipRanges = "")
+    public function isAllowedIP($ip, $ipRanges = "")
     {
         if (!strlen($ipRanges)) {
             return true;

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



