AuthenticationController::getInstance() - Code Metrics - adamjakab/SuiteCRM - Measure and Improve Code Quality continuously with Scrutinizer

AuthenticationController::getInstance() A
last analyzed 2016-05-10 08:39 UTC

↳ Parent: Project

Complexity

Conditions	2
Paths	2

Size

Total Lines	8
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Metric	Value
cc	2
eloc	4
nc	2
nop	1
dl	0
loc	8
ccs	0
cts	4
cp	0
crap	6
rs	9.4285

<?php
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
/*********************************************************************************
 * SugarCRM Community Edition is a customer relationship management program developed by
 * SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.

 * SuiteCRM is an extension to SugarCRM Community Edition developed by Salesagility Ltd.
 * Copyright (C) 2011 - 2014 Salesagility Ltd.
 *
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Affero General Public License version 3 as published by the
 * Free Software Foundation with the addition of the following permission added
 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 * details.
 *
 * You should have received a copy of the GNU Affero General Public License along with
 * this program; if not, see http://www.gnu.org/licenses or write to the Free
 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301 USA.
 *
 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
 * SW2-130, Cupertino, CA 95014, USA. or at email address [email protected].
 *
 * The interactive user interfaces in modified source and object code versions
 * of this program must display Appropriate Legal Notices, as required under
 * Section 5 of the GNU Affero General Public License version 3.
 *
 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
 * these Appropriate Legal Notices must retain the display of the "Powered by
 * SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
 * reasonably feasible for  technical reasons, the Appropriate Legal Notices must
 * display the words  "Powered by SugarCRM" and "Supercharged by SuiteCRM".
 ********************************************************************************/



class AuthenticationController
{
	public $loggedIn = false; //if a user has attempted to login
	public $authenticated = false;
	public $loginSuccess = false;// if a user has successfully logged in

	protected static $authcontrollerinstance = null;

    /**
     * @var SugarAuthenticate
     */
    public $authController;

	/**
	 * Creates an instance of the authentication controller and loads it
	 *
	 * @param STRING $type - the authentication Controller
	 * @return AuthenticationController -

	 */
	public function __construct($type = null)
	{
        $this->authController = $this->getAuthController($type);
	}

    /**
     * Get auth controller object
     * @param string $type 
     * @return SugarAuthenticate
     */
    protected function getAuthController($type)
    {
        if (!$type) {
            $type = !empty($GLOBALS['sugar_config']['authenticationClass'])
                ? $GLOBALS['sugar_config']['authenticationClass'] : 'SugarAuthenticate';
        }

        if ($type == 'SugarAuthenticate' && !empty($GLOBALS['system_config']->settings['system_ldap_enabled']) && empty($_SESSION['sugar_user'])) {
            $type = 'LDAPAuthenticate';
        }

        // check in custom dir first, in case someone want's to override an auth controller
		if (file_exists('custom/modules/Users/authentication/'.$type.'/' . $type . '.php')) {
            require_once('custom/modules/Users/authentication/'.$type.'/' . $type . '.php');
        } elseif (file_exists('modules/Users/authentication/'.$type.'/' . $type . '.php')) {
            require_once('modules/Users/authentication/'.$type.'/' . $type . '.php');
        } else {
            require_once('modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php');
            $type = 'SugarAuthenticate';
        }

        if (!empty($_REQUEST['no_saml']) 
            && (is_subclass_of($type, 'SAMLAuthenticate') || 'SAMLAuthenticate' == $type)) {
            $type = 'SugarAuthenticate';
        }

        return new $type();
    }

	/**
	 * Returns an instance of the authentication controller
	 *
	 * @param string $type this is the type of authetnication you want to use default is SugarAuthenticate
	 * @return an instance of the authetnciation controller
	 */
	public static function getInstance($type = null)
	{
		if (empty(self::$authcontrollerinstance)) {
			self::$authcontrollerinstance = new AuthenticationController($type);
		}

		return self::$authcontrollerinstance;
	}

	/**
	 * This function is called when a user initially tries to login.
	 *
	 * @param string $username
	 * @param string $password
	 * @param array $PARAMS
	 * @return boolean true if the user successfully logs in or false otherwise.
	 */
	public function login($username, $password, $PARAMS = array())
	{
		//kbrill bug #13225
		$_SESSION['loginAttempts'] = (isset($_SESSION['loginAttempts']))? $_SESSION['loginAttempts'] + 1: 1;
		unset($GLOBALS['login_error']);

		if($this->loggedIn)return $this->loginSuccess;
		LogicHook::initialize()->call_custom_logic('Users', 'before_login');

		$this->loginSuccess = $this->authController->loginAuthenticate($username, $password, false, $PARAMS);
		$this->loggedIn = true;

		if($this->loginSuccess){
			//Ensure the user is authorized
			checkAuthUserStatus();

			//loginLicense();
			if(!empty($GLOBALS['login_error'])){
				unset($_SESSION['authenticated_user_id']);
				$GLOBALS['log']->fatal('FAILED LOGIN: potential hack attempt:'.$GLOBALS['login_error']);
				$this->loginSuccess = false;
				return false;
			}

			//call business logic hook
			if(isset($GLOBALS['current_user']))
				$GLOBALS['current_user']->call_custom_logic('after_login');

			// Check for running Admin Wizard
			$config = new Administration();
			$config->retrieveSettings();
		    if ( is_admin($GLOBALS['current_user']) && empty($config->settings['system_adminwizard']) && $_REQUEST['action'] != 'AdminWizard' ) {
				$GLOBALS['module'] = 'Configurator';
				$GLOBALS['action'] = 'AdminWizard';
				ob_clean();
				header("Location: index.php?module=Configurator&action=AdminWizard");
				sugar_cleanup(true);
			}

			$ut = $GLOBALS['current_user']->getPreference('ut');
			$checkTimeZone = true;
			if (is_array($PARAMS) && !empty($PARAMS) && isset($PARAMS['passwordEncrypted'])) {
				$checkTimeZone = false;
			} // if
			if(empty($ut) && $checkTimeZone && $_REQUEST['action'] != 'SetTimezone' && $_REQUEST['action'] != 'SaveTimezone' ) {
				$GLOBALS['module'] = 'Users';
				$GLOBALS['action'] = 'Wizard';
				ob_clean();
				header("Location: index.php?module=Users&action=Wizard");
				sugar_cleanup(true);
			}
		}else{
			//kbrill bug #13225
			LogicHook::initialize();
			$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
			$GLOBALS['log']->fatal('FAILED LOGIN:attempts[' .$_SESSION['loginAttempts'] .'] - '. $username);
		}
		// if password has expired, set a session variable

		return $this->loginSuccess;
	}

	/**
	 * This is called on every page hit.
	 * It returns true if the current session is authenticated or false otherwise
	 *
	 * @return booelan
	 */
	public function sessionAuthenticate()
	{
		if(!$this->authenticated){
			$this->authenticated = $this->authController->sessionAuthenticate();
		}
		if($this->authenticated){
			if(!isset($_SESSION['userStats']['pages'])){
			    $_SESSION['userStats']['loginTime'] = time();
			    $_SESSION['userStats']['pages'] = 0;
			}
			$_SESSION['userStats']['lastTime'] = time();
			$_SESSION['userStats']['pages']++;

		}
		return $this->authenticated;
	}

	/**
	 * Called when a user requests to logout. Should invalidate the session and redirect
	 * to the login page.
	 */
	public function logout()
	{
		$GLOBALS['current_user']->call_custom_logic('before_logout');
		$this->authController->logout();
		LogicHook::initialize();
		$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
	}
}


1			<?php
2			if(!defined('sugarEntry') \|\| !sugarEntry) die('Not A Valid Entry Point');
3			/*********************************************************************************
4			* SugarCRM Community Edition is a customer relationship management program developed by
5			* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
6
7			* SuiteCRM is an extension to SugarCRM Community Edition developed by Salesagility Ltd.
8			* Copyright (C) 2011 - 2014 Salesagility Ltd.
9			*
10			* This program is free software; you can redistribute it and/or modify it under
11			* the terms of the GNU Affero General Public License version 3 as published by the
12			* Free Software Foundation with the addition of the following permission added
13			* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
14			* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
15			* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
16			*
17			* This program is distributed in the hope that it will be useful, but WITHOUT
18			* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
19			* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
20			* details.
21			*
22			* You should have received a copy of the GNU Affero General Public License along with
23			* this program; if not, see http://www.gnu.org/licenses or write to the Free
24			* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
25			* 02110-1301 USA.
26			*
27			* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
28			* SW2-130, Cupertino, CA 95014, USA. or at email address [email protected].
29			*
30			* The interactive user interfaces in modified source and object code versions
31			* of this program must display Appropriate Legal Notices, as required under
32			* Section 5 of the GNU Affero General Public License version 3.
33			*
34			* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
35			* these Appropriate Legal Notices must retain the display of the "Powered by
36			* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
37			* reasonably feasible for technical reasons, the Appropriate Legal Notices must
38			* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
39			********************************************************************************/
40
41
42
43			class AuthenticationController
44			{
45			public $loggedIn = false; //if a user has attempted to login
46			public $authenticated = false;
47			public $loginSuccess = false;// if a user has successfully logged in
48
49			protected static $authcontrollerinstance = null;
50
51			/**
52			* @var SugarAuthenticate
53			*/
54			public $authController;
55
56			/**
57			* Creates an instance of the authentication controller and loads it
58			*
59			* @param STRING $type - the authentication Controller
60			* @return AuthenticationController -
			0 ignored issues – show Comprehensibility Best Practice introduced 2016-03-07 15:42 UTC by Report Bug Copy Issue Report Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Adding a `@return` annotation to a constructor is not recommended, since a constructor does not have a meaningful return value. Please refer to the PHP core documentation on constructors. Loading history...
61			*/
62			public function __construct($type = null)
63			{
64			$this->authController = $this->getAuthController($type);
65			}
66
67			/**
68			* Get auth controller object
69			* @param string $type
70			* @return SugarAuthenticate
71			*/
72			protected function getAuthController($type)
73			{
74			if (!$type) {
75			$type = !empty($GLOBALS['sugar_config']['authenticationClass'])
76			? $GLOBALS['sugar_config']['authenticationClass'] : 'SugarAuthenticate';
77			}
78
79			if ($type == 'SugarAuthenticate' && !empty($GLOBALS['system_config']->settings['system_ldap_enabled']) && empty($_SESSION['sugar_user'])) {
80			$type = 'LDAPAuthenticate';
81			}
82
83			// check in custom dir first, in case someone want's to override an auth controller
84			if (file_exists('custom/modules/Users/authentication/'.$type.'/' . $type . '.php')) {
85			require_once('custom/modules/Users/authentication/'.$type.'/' . $type . '.php');
86			} elseif (file_exists('modules/Users/authentication/'.$type.'/' . $type . '.php')) {
87			require_once('modules/Users/authentication/'.$type.'/' . $type . '.php');
88			} else {
89			require_once('modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php');
90			$type = 'SugarAuthenticate';
91			}
92
93			if (!empty($_REQUEST['no_saml'])
94			&& (is_subclass_of($type, 'SAMLAuthenticate') \|\| 'SAMLAuthenticate' == $type)) {
95			$type = 'SugarAuthenticate';
96			}
97
98			return new $type();
99			}
100
101			/**
102			* Returns an instance of the authentication controller
103			*
104			* @param string $type this is the type of authetnication you want to use default is SugarAuthenticate
105			* @return an instance of the authetnciation controller
106			*/
107			public static function getInstance($type = null)
108			{
109			if (empty(self::$authcontrollerinstance)) {
110			self::$authcontrollerinstance = new AuthenticationController($type);
111			}
112
113			return self::$authcontrollerinstance;
114			}
115
116			/**
117			* This function is called when a user initially tries to login.
118			*
119			* @param string $username
120			* @param string $password
121			* @param array $PARAMS
122			* @return boolean true if the user successfully logs in or false otherwise.
123			*/
124			public function login($username, $password, $PARAMS = array())
125			{
126			//kbrill bug #13225
127			$_SESSION['loginAttempts'] = (isset($_SESSION['loginAttempts']))? $_SESSION['loginAttempts'] + 1: 1;
128			unset($GLOBALS['login_error']);
129
130			if($this->loggedIn)return $this->loginSuccess;
131			LogicHook::initialize()->call_custom_logic('Users', 'before_login');
132
133			$this->loginSuccess = $this->authController->loginAuthenticate($username, $password, false, $PARAMS);
134			$this->loggedIn = true;
135
136			if($this->loginSuccess){
137			//Ensure the user is authorized
138			checkAuthUserStatus();
139
140			//loginLicense();
141			if(!empty($GLOBALS['login_error'])){
142			unset($_SESSION['authenticated_user_id']);
143			$GLOBALS['log']->fatal('FAILED LOGIN: potential hack attempt:'.$GLOBALS['login_error']);
144			$this->loginSuccess = false;
145			return false;
146			}
147
148			//call business logic hook
149			if(isset($GLOBALS['current_user']))
150			$GLOBALS['current_user']->call_custom_logic('after_login');
151
152			// Check for running Admin Wizard
153			$config = new Administration();
154			$config->retrieveSettings();
155			if ( is_admin($GLOBALS['current_user']) && empty($config->settings['system_adminwizard']) && $_REQUEST['action'] != 'AdminWizard' ) {
156			$GLOBALS['module'] = 'Configurator';
157			$GLOBALS['action'] = 'AdminWizard';
158			ob_clean();
159			header("Location: index.php?module=Configurator&action=AdminWizard");
160			sugar_cleanup(true);
161			}
162
163			$ut = $GLOBALS['current_user']->getPreference('ut');
164			$checkTimeZone = true;
165			if (is_array($PARAMS) && !empty($PARAMS) && isset($PARAMS['passwordEncrypted'])) {
166			$checkTimeZone = false;
167			} // if
168			if(empty($ut) && $checkTimeZone && $_REQUEST['action'] != 'SetTimezone' && $_REQUEST['action'] != 'SaveTimezone' ) {
169			$GLOBALS['module'] = 'Users';
170			$GLOBALS['action'] = 'Wizard';
171			ob_clean();
172			header("Location: index.php?module=Users&action=Wizard");
173			sugar_cleanup(true);
174			}
175			}else{
176			//kbrill bug #13225
177			LogicHook::initialize();
178			$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
179			$GLOBALS['log']->fatal('FAILED LOGIN:attempts[' .$_SESSION['loginAttempts'] .'] - '. $username);
180			}
181			// if password has expired, set a session variable
182
183			return $this->loginSuccess;
184			}
185
186			/**
187			* This is called on every page hit.
188			* It returns true if the current session is authenticated or false otherwise
189			*
190			* @return booelan
191			*/
192			public function sessionAuthenticate()
193			{
194			if(!$this->authenticated){
195			$this->authenticated = $this->authController->sessionAuthenticate();
196			}
197			if($this->authenticated){
198			if(!isset($_SESSION['userStats']['pages'])){
199			$_SESSION['userStats']['loginTime'] = time();
200			$_SESSION['userStats']['pages'] = 0;
201			}
202			$_SESSION['userStats']['lastTime'] = time();
203			$_SESSION['userStats']['pages']++;
204
205			}
206			return $this->authenticated;
207			}
208
209			/**
210			* Called when a user requests to logout. Should invalidate the session and redirect
211			* to the login page.
212			*/
213			public function logout()
214			{
215			$GLOBALS['current_user']->call_custom_logic('before_logout');
216			$this->authController->logout();
217			LogicHook::initialize();
218			$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
219			}
220			}
221

adamjakab / SuiteCRM

AuthenticationController::getInstance() A last analyzed 2016-05-10 08:39 UTC

Complexity

Size

Duplication

Code Coverage

Duplication Side-by-Side

Filter issues like

AuthenticationController::getInstance() A
last analyzed 2016-05-10 08:39 UTC