Added filterable to summary and histogram controllers
[ninja.git] / application / helpers / ninja_auth.php
blobdf8f15d65b2e7155491e875d40aab609af29b978
1 <?php
2 /**
3 * This helper class provides various routines for authenticating
4 * users against a database that stores passwords with multiple
5 * different hash-types
6 */
7 class ninja_auth
9 /**
10 * Does the required steps to log in a user via the specified auth_method
11 * (the last bit means you have to make sure that session/config has properly
12 * stringified auth_method).
14 * FIXME: what's an auth method in this context?
16 * @param $username The user's username
17 * @param $password The user's password
18 * @param $auth_method optional, authentication method to use
19 * @returns TRUE if everything was OK, or a string controller you're suggested to redirect to
21 public static function login_user($username, $password, $auth_method = false) {
22 $auth = Auth::instance();
24 $result = $auth->login($username, $password, $auth_method);
27 * If no user: Not authenticated, handle event...
29 if (!$result) {
30 # This brute force protection is absolutely fool-proof, as long
31 # as nobody uses evil hacker tools like curl or "Clean History"
32 $session = Session::instance();
34 $session->set('login_attempts', $session->get('login_attempts')+1);
36 $max_attempts = Kohana::config('auth.max_attempts');
37 # set login error to user
38 $error_msg = _("Login failed - please try again");
39 if ($max_attempts) {
40 $error_msg .= " (".($max_attempts - $session->get('login_attempts'))." left)";
43 if ($max_attempts && $session->get('login_attempts') >= $max_attempts) {
44 $error_msg = sprintf(_("You have been locked out due to %s failed login attempts"), $session->get('login_attempts'));
45 $session->set('error_msg', $error_msg);
46 $session->set('locked_out', true);
47 return 'default/locked_out';
50 $session->set_flash('error_msg', $error_msg);
51 return 'default/show_login';
53 else {
54 /* FIXME: Is limited user? Treat all as limited for now...
55 * above else should be: else if(limited user) {
58 /**
59 * Take care of access for limited users
61 * Check that user has access to view some objects
62 * or logout with a message
65 $ls = Livestatus::instance();
66 $host_totals = $ls->getHostTotals();
68 $redirect = false;
69 if ($host_totals->total == 0) {
70 $service_totals = $ls->getServiceTotals();
71 if ($service_totals->total == 0) {
72 Session::instance()->set_flash('error_msg',
73 _("You have been denied access since you aren't authorized for any objects."));
74 return 'default/show_login';
78 return true;
81 /**
82 * Check if the user has tried
83 * to login too many times
85 * @return bool
87 public static function is_locked_out()
89 $session = Session::instance();
90 if ($session->get('locked_out') && Kohana::config('auth.max_attempts')) {
91 return true;
93 return false;