Changeset 1446 for branches/newtoken/wifidog/classes/Token.php

Timestamp:

02/11/10 17:34:27 (2 years ago)

Author:

gbastien

Message:

* Merged recent changes in the trunk into this branch
* New token architecture not yet fully functional, nor tested, but ...

• can now edit token templates for different context of tokens (from the edit netork interface at the bottom of page)
• Users connected through a wifidog gateway can view their connection token information

Files:

• branches/newtoken/wifidog/classes/Token.php (modified) (4 diffs)

branches/newtoken/wifidog/classes/Token.php

@@ -55 +55 @@
 class Token 
 {
-    public static function generateConnectionToken($mac, $network, $user) {
+    /**
+     * Generate a new access token for the connection
+     *
+     * @param string $mac              The mac address of the computer connecting
+     *
+     * @param string $network          The network the person is connecting to
+     *
+     * @param string $node             The node from which the connection originates
+     *
+     * TODO: eventually, the user should not be necessary for userless authentication.  But much
+     * of the code would need to be changed in order to support this kind of authentication.
+     * @param string $user             The user authenticating
+     * 
+     * @param string $node_ip=null     The ip address from which the connection originates
+     *
+     * @return tokenid | false
+     *
+     */
+    public static function generateConnectionToken($mac, $network, $node, $user, $node_ip = null) {
         $retval = false;
         if ($user->isUserValid()) {
             $db = AbstractDb::getObject();
-            $session = Session::getObject();
-            
+                        
             // Delete unused connection token
 
             $token = self :: generateToken();
-            if ($_SERVER['REMOTE_ADDR']) {
+            if (is_null($node_ip) && $_SERVER['REMOTE_ADDR']) {
                 $node_ip = $db->escapeString($_SERVER['REMOTE_ADDR']);
             }
             
-            if ($session && $node_ip && $session->get(SESS_NODE_ID_VAR)) {
+            if ($node_ip && $node) {
                 //echo "$session && $node_ip && {$session->get(SESS_NODE_ID_VAR)}";
-                $node_id = $db->escapeString($session->get(SESS_NODE_ID_VAR));
-                $abuseControlFault = User::isAbuseControlViolated($user, $mac, Node::getObject($node_id));
+                $node_id = $db->escapeString($node->getId());
+                $abuseControlFault = User::isAbuseControlViolated($user, $mac, $node);
                 if($abuseControlFault) {
                     throw new Exception ($abuseControlFault);
@@ -82 +99 @@
                 $sql = "DELETE FROM connections USING tokens "."WHERE tokens.token_id=connections.token_id AND token_status='".TOKEN_UNUSED."' AND user_id = '".$user->getId()."';\n";
                 $db->execSqlUpdate($sql, false);
-                // TODO:  Try to find a reusable token before creating a brand new one!
 
                // Check if we have any token templates
-                // TODO: token templates should be from a specific template and there should always be a template
                 $templates = TokenTemplate::getTemplatesForNetwork($network);
                 if (count($templates) == 0) {
                     // No templates found
-                    // create and return new token - we don't enforce token limits
+                    // create and return new token - we don't enforce token limits, this is for backward compatibility
                     $token = self :: generateToken();
                     $sql = "INSERT INTO tokens (token_owner, token_issuer, token_id, token_status) VALUES ('" . $user->getId() . "', '" . $user->getId() . "', '$token', '" . TOKEN_UNUSED . "');\n";
@@ -144 +159 @@
                                 $max_incoming_data_value = (!is_null($template->getMaxIncomingData())?$template->getMaxIncomingData():"null");
                                 $max_outgoing_data_value = (!is_null($template->getMaxOutgoingData())?$template->getMaxOutgoingData():"null");
-                                if (!is_null($template->getMaxUsageDuration()))
+                                
+                                if (!is_null($template->getMaxConnectionDuration()))
+                                    $expiry_date = "CURRENT_TIMESTAMP + '" . $template->getMaxConnectionDuration() . "'";
+                                elseif (!is_null($template->getMaxUsageDuration()))
                                     $expiry_date = "CURRENT_TIMESTAMP + '" . $template->getMaxUsageDuration() . "'";
                                 elseif (!is_null($template->getMaxWallClockDuration()))
@@ -164 +182 @@
             }
         }
-       
+        self::setCurrentToken($retval);
         return $retval;
     } 
     
-                /**
-     * Generate a new access token for the specified user
-     *
-     * @param string $validated_user       The user to generate a token for
-     *
-     * @param string $creator              The user generating the token
-     *
-     * @param string $token_template_id    The token template that the token should be associated with.
-     *                                     If templates aren't used then this the auth process will create
-     *                                     tokens automatically and we don't need to create tokens elsewhere.
-     *
-     * @param string $token_lot=null       Optional. The token lot the token is part of.
-     *
-     * @return tokenid
-     *
-     */
-    public static function generateTokenForUser($validated_user, $creator, $token_template_id, $token_lot = null) {
-        $db = AbstractDb::getObject();
-        $token = self::generateToken();
-
-        $db->execSqlUpdate("INSERT INTO tokens (token_owner, token_issuer, token_id, token_template_id, token_status) VALUES ('" . $validated_user->getId() . "', '" . $creator->getId() . "', '$token', '" . $token_template_id . "', '" . TOKEN_UNUSED . "');");
-
-        return $token;
-    }
-    
     public static function generateToken() {
         return md5(uniqid(rand(), 1));
+    }
+    
+    /**
+     * Instantiate the current user
+     *
+     * @return mixed A User object, or null if there was an error
+
+     */
+    public static function getCurrentToken() {
+        require_once ('classes/Session.php');
+        $session = Session::getObject();
+        $sessTokenId = $session->get('SESS_TOKEN_ID');
+        
+       /* if(!empty($sessCurrentUserId)){
+            try {
+                $user = self :: getObject($sessCurrentUserId);
+                //$user = new User($session->get(SESS_USER_ID_VAR));
+            } catch (Exception $e) {
+                $session->set(SESS_TOKEN_ID, null);
+            }
+        }*/
+        return $sessTokenId;
+    }
+
+    /**
+     * Associates the user passed in parameter with the session
+     *
+     * This should NOT be called by anything except the Authenticators
+     *
+     * @param object $user User a user object, or null
+     *
+     * @return bool True if everything went well setting the session
+
+     */
+    public static function setCurrentToken($tokenId) {
+
+        try {
+            $session = Session::getObject();
+            $session->set('SESS_TOKEN_ID', $tokenId);
+            return true;
+        } catch (Exception $e) {
+            return false;
+        }
+    }
+    
+                /** Set Smarty template values.  Standardization routine. 
+     * // TODO: implement this*/
+    public static function assignSmartyValues($smarty) {
+        
+        $tokenId = Token :: getCurrentToken();
+     
+        /**
+         * Define user security levels for the template
+         *
+         * These values are used in the default template of WiFoDog but could be
+         * used in a customized template to restrict certain links to specific
+         * user access levels.  Note however that they will all be deprecateb by the
+         * new roles system.
+         */
+        $smarty->assign('hasConnection', !empty($tokenId) ? true : false);
+        $smarty->assign('tokenId', $tokenId);
+        /*$smarty->assign('userIsValid', $user && !$user->isSplashOnlyUser() ? true : false);
+        $smarty->assign('userDEPRECATEDisSuperAdmin', $user && $user->DEPRECATEDisSuperAdmin());
+
+        if (isset ($_REQUEST['debug_request']) && ($user && $user->DEPRECATEDisSuperAdmin())) {
+            // Tell Smarty everything it needs to know
+            $smarty->assign('debugRequested', true);
+            $smarty->assign('debugOutput', print_r($_REQUEST, true));
+        }*/
     }
 }