From a42973013e0897beee2b51fea9834f257c51537b Mon Sep 17 00:00:00 2001 From: Gustavo Martin Morcuende Date: Sun, 13 May 2012 21:23:43 +0200 Subject: [PATCH] Cookies for login page. Just is left the domain. It does not work with localhost, hopefully it will with the production's domain. --- apps/companyfront/config/app.yml | 1 + apps/companyfront/config/factories.yml | 7 +++++ apps/companyfront/config/filters.yml | 2 ++ apps/companyfront/config/routing.yml | 6 ++-- apps/companyfront/config/settings.yml | 2 +- .../lib/sfGuardRememberMeFilter.class.php | 5 ++++ .../lib/user/sfGuardSecurityUser.class.php | 14 +++++++-- .../lib/BasesfGuardAuthActions.class.php | 33 +++++++++++----------- 8 files changed, 49 insertions(+), 21 deletions(-) diff --git a/apps/companyfront/config/app.yml b/apps/companyfront/config/app.yml index 5b598b9..4e4dcc4 100644 --- a/apps/companyfront/config/app.yml +++ b/apps/companyfront/config/app.yml @@ -12,4 +12,5 @@ all: success_signout_url: @sf_guard_signin # used by BasesfGuardAuthActions.class.php. After logout we are redirected to this page signin_url_path: login # used by sfGuardRememberMeFilter.class.php. The Remember cookie must not be used when using the login page remember_cookie_path: /companyfront.php # used by sfGuardSecurityUser.class.php. The scope of the Remeber cookie + remember_cookie_domain: .localhost diff --git a/apps/companyfront/config/factories.yml b/apps/companyfront/config/factories.yml index 956bc0e..2358540 100644 --- a/apps/companyfront/config/factories.yml +++ b/apps/companyfront/config/factories.yml @@ -8,6 +8,13 @@ prod: level: err loggers: ~ + storage: + class: sfSessionStorage + param: + session_name: mobicompany + session_cookie_path: /companyfront.php + session_cookie_lifetime: 0 # The cookie will be deleted in the browser when it is closed + test: storage: class: sfSessionTestStorage diff --git a/apps/companyfront/config/filters.yml b/apps/companyfront/config/filters.yml index 6f6ac0f..cc999d0 100644 --- a/apps/companyfront/config/filters.yml +++ b/apps/companyfront/config/filters.yml @@ -2,6 +2,8 @@ # http://www.symfony-project.org/reference/1_4/en/12-Filters rendering: ~ +remember_me: + class: sfGuardRememberMeFilter security: ~ # insert your own filters here diff --git a/apps/companyfront/config/routing.yml b/apps/companyfront/config/routing.yml index 746237e..b27bbb3 100644 --- a/apps/companyfront/config/routing.yml +++ b/apps/companyfront/config/routing.yml @@ -3,8 +3,10 @@ # default rules homepage: - url: / - param: { module: default, action: index } + url: / + class: sfDoctrineRoute + param: { module: office, action: index } + options: { model: Office, type: object } office_index: url: /office/index diff --git a/apps/companyfront/config/settings.yml b/apps/companyfront/config/settings.yml index f0ce0b6..f1642a6 100644 --- a/apps/companyfront/config/settings.yml +++ b/apps/companyfront/config/settings.yml @@ -3,7 +3,7 @@ prod: .settings: - no_script_name: true + no_script_name: false logging_enabled: false dev: diff --git a/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php index 7ee152c..2f8002f 100644 --- a/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php +++ b/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php @@ -35,11 +35,16 @@ class sfGuardRememberMeFilter extends sfFilter { $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); + $currentPath = trim($this->context->getRequest()->getPathInfo(), "/"); + $loginPath = sfConfig::get('app_sf_guard_plugin_signin_url_path'); + if ( $this->isFirstCall() && $this->context->getUser()->isAnonymous() && + (strcmp($currentPath, $loginPath)!=0) + && $cookie = $this->context->getRequest()->getCookie($cookieName) ) { diff --git a/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php b/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php index 9a3b1ba..04ac60d 100644 --- a/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php +++ b/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php @@ -160,7 +160,12 @@ class sfGuardSecurityUser extends sfBasicSecurityUser // make key as a cookie $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); - sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age); + + //My remember cookie MUST depend on the path and in the future it will on the domain as well. + //FIXME: WHEN HAVING A DOMAIN TO ADD IT HERE AS WELL!!!! + // AND THE CONFIGURATION PARAMETER ON /config/app.yml!!!! + $path = sfConfig::get('app_sf_guard_plugin_remember_cookie_path', '/'); + sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age, $path); } } @@ -187,7 +192,12 @@ class sfGuardSecurityUser extends sfBasicSecurityUser $this->setAuthenticated(false); $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600); $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); - sfContext::getInstance()->getResponse()->setCookie($remember_cookie, '', time() - $expiration_age); + + //My remember cookie MUST depend on the path and in the future it will on the domain as well. + //FIXME: WHEN HAVING A DOMAIN TO ADD IT HERE AS WELL!!!! + // AND THE CONFIGURATION PARAMETER ON /config/app.yml!!!! + $path = sfConfig::get('app_sf_guard_plugin_remember_cookie_path', '/'); + sfContext::getInstance()->getResponse()->setCookie($remember_cookie, '', time() - $expiration_age, $path); } /** diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php index 3da937d..bd92b8e 100644 --- a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php @@ -44,28 +44,29 @@ class BasesfGuardAuthActions extends sfActions return $this->redirect('' != $signinUrl ? $signinUrl : '@homepage'); } } - else - { - if ($request->isXmlHttpRequest()) - { - $this->getResponse()->setHeaderOnly(true); - $this->getResponse()->setStatusCode(401); + // I do not understand this stuff. Anyway, for me login just works with POST, so... why do I need this code? + //else + //{ + // if ($request->isXmlHttpRequest()) + // { + // $this->getResponse()->setHeaderOnly(true); + // $this->getResponse()->setStatusCode(401); - return sfView::NONE; - } + // return sfView::NONE; + // } // if we have been forwarded, then the referer is the current URL // if not, this is the referer of the current request - $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); + // $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); - $module = sfConfig::get('sf_login_module'); - if ($this->getModuleName() != $module) - { - return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); - } + // $module = sfConfig::get('sf_login_module'); + // if ($this->getModuleName() != $module) + // { + // return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); + // } - $this->getResponse()->setStatusCode(401); - } + // $this->getResponse()->setStatusCode(401); + //} } public function executeSignout($request) -- 2.1.4