82 $this->
getStatus()->setAuthenticatedUserId(0);
105 $this->
getLogger()->warning(
'Desired user account is not authenticated');
108 include_once
'./Services/Object/classes/class.ilObjectFactory.php';
110 $user = $user_factory->getInstanceByObjId(
$session->getUserId(),
false);
113 $this->
getLogger()->info(
'Cannot instantiate user account for account migration: ' . $session->
getUserId());
121 $user->setExternalAccount(
ilSession::get(static::MIG_EXTERNAL_ACCOUNT));
126 $this->logger->warning(
'Provider: ' . get_class(
$provider) .
' does not support account migration.');
127 throw new InvalidArgumentException(
'Invalid auth provider given.');
145 foreach ($this->providers as
$provider) {
147 $this->logger->warning(
'Provider: ' . get_class(
$provider) .
' does not support account migration.');
148 throw new InvalidArgumentException(
'Invalid auth provider given.');
175 $this->
getLogger()->debug(
'Authentication user id: ' . $this->
getStatus()->getAuthenticatedUserId());
182 $this->
getLogger()->notice(
"Account migration required.");
204 $this->
getStatus()->setAuthenticatedUserId(ANONYMOUS_USER_ID);
205 #$this->getStatus()->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
222 include_once
'./Services/Object/classes/class.ilObjectFactory.php';
224 $user =
$factory->getInstanceByObjId($this->
getStatus()->getAuthenticatedUserId(),
false);
230 $this->
getLogger()->error(
'Cannot instantiate user account with id: ' . $this->
getStatus()->getAuthenticatedUserId());
232 $this->
getStatus()->setAuthenticatedUserId(0);
233 $this->
getStatus()->setReason(
'auth_err_invalid_user_account');
238 $this->
getLogger()->info(
'Authentication failed for inactive user with id and too may login attempts: ' . $this->
getStatus()->getAuthenticatedUserId());
240 $this->
getStatus()->setAuthenticatedUserId(0);
241 $this->
getStatus()->setReason(
'err_inactive_login_attempts');
246 $this->
getLogger()->info(
'Authentication failed for inactive user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
248 $this->
getStatus()->setAuthenticatedUserId(0);
249 $this->
getStatus()->setReason(
'err_inactive');
255 $this->
getLogger()->info(
'Authentication failed (time limit restriction) for user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
257 if (
$GLOBALS[
'ilSetting']->
get(
'user_reactivate_code')) {
258 $this->
getLogger()->debug(
'Accout reactivation codes are active');
261 $this->
getLogger()->debug(
'Accout reactivation codes are inactive');
263 $this->
getStatus()->setAuthenticatedUserId(0);
265 $this->
getStatus()->setReason(
'time_limit_reached');
271 $this->
getLogger()->info(
'Authentication failed (wrong ip) for user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
273 $this->
getStatus()->setAuthenticatedUserId(0);
277 $GLOBALS[
'DIC']->language()->txt(
'wrong_ip_detected'),
285 $this->
getLogger()->debug(
'Check simutaneous login');
287 $this->
getLogger()->info(
'Authentication failed: simultaneous logins forbidden for user: ' . $this->
getStatus()->getAuthenticatedUserId());
289 $this->
getStatus()->setAuthenticatedUserId(0);
290 $this->
getStatus()->setReason(
'simultaneous_login_detected');
295 include_once
"Services/User/classes/class.ilUserProfile.php";
296 include_once
'./Services/Context/classes/class.ilContext.php';
303 $user->setProfileIncomplete(
true);
312 include_once
'Services/Tracking/classes/class.ilOnlineTracking.php';
313 ilOnlineTracking::addUser($user->getId());
316 include_once
'Modules/Forum/classes/class.ilObjForum.php';
319 require_once
'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
326 $security_settings->isPasswordChangeOnFirstLoginEnabled() &&
327 $user->getLastLogin() ==
null
329 $user->resetLastPasswordChange();
331 $user->refreshLogin();
340 include_once
'./Services/Init/classes/class.ilInitialisation.php';
341 ilInitialisation::initUserAccount();
344 $user->hasToAcceptTermsOfServiceInSession(
true);
349 'logged in as ' . $user->getLogin() .
355 global $ilAppEventHandler;
356 $ilAppEventHandler->raise(
357 'Services/Authentication',
360 'username' => $user->getLogin())
381 if (in_array($user->
getId(), array(ANONYMOUS_USER_ID))) {
390 require_once
'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
392 $maxLoginAttempts = $security->getLoginMaxAttempts();
394 if (!(
int) $maxLoginAttempts) {
400 return $numLoginAttempts < $maxLoginAttempts;
419 if (trim($clientip) !=
"") {
420 $clientip = preg_replace(
"/[^0-9.?*,:]+/",
"", $clientip);
421 $clientip = str_replace(
".",
"\\.", $clientip);
422 $clientip = str_replace(array(
"?",
"*",
","), array(
"[0-9]",
"[0-9]*",
"|"), $clientip);
426 if (!preg_match(
"/^" . $clientip .
"$/",
$_SERVER[
"REMOTE_ADDR"])) {
439 $this->
getLogger()->debug(
'Setting prevent simultaneous session is: ' . (
string)
$GLOBALS[
'ilSetting']->
get(
'ps_prevent_simultaneous_logins'));
441 $GLOBALS[
'ilSetting']->
get(
'ps_prevent_simultaneous_logins') &&
454 $this->
getLogger()->debug(
'Authentication failed for all authentication methods.');
457 if (!in_array($user_id, array(ANONYMOUS_USER_ID))) {
463 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
465 $max_attempts = $security->getLoginMaxAttempts();
467 if ((
int) $max_attempts && $login_attempts >= $max_attempts) {
468 $this->
getStatus()->setReason(
'auth_err_login_attempts_deactivation');
469 $this->
getLogger()->warning(
'User account set to inactive due to exceeded login attempts.');
sprintf('%.4f', $callTime)
An exception for terminatinating execution or to throw for unit testing.
Description of class class.
const MIG_DESIRED_AUTHMODE
resetStatus()
Reset status.
checkActivation(ilObjUser $user)
Check activation.
checkIp(ilObjUser $user)
Check ip.
handleAuthenticationFail()
Handle failed authenication.
authenticate()
Try to authenticate user.
checkExceededLoginAttempts(\ilObjUser $user)
checkTimeLimit(ilObjUser $user)
Check time limit.
handleAccountMigration(ilAuthProviderAccountMigrationInterface $provider)
Handle account migration.
migrateAccountNew()
Create new user account.
const MIG_EXTERNAL_ACCOUNT
__construct(ilAuthSession $session, ilAuthStatus $status, ilAuthCredentials $credentials, array $providers)
Constructor.
checkSimultaneousLogins(ilObjUser $user)
Check simultaneous logins.
migrateAccount(ilAuthSession $session)
Migrate Account to existing user account.
getAuthSession()
Get auth session.
getCredentials()
Get auth credentials.
getProviders()
Get providers.
handleAuthenticationSuccess(ilAuthProviderInterface $provider)
Handle successful authentication.
const MIG_TRIGGER_AUTHMODE
getUserId()
Get authenticated user id.
Auth status implementation.
const STATUS_CODE_ACTIVATION_REQUIRED
const STATUS_AUTHENTICATED
const STATUS_AUTHENTICATION_FAILED
const STATUS_ACCOUNT_MIGRATION_REQUIRED
static getType()
Get context type.
const CONTEXT_LTI_PROVIDER
static getLogger($a_component_id)
Get component logger.
static _updateOldAccess($a_usr_id)
static _resetLoginAttempts($a_usr_id)
getActive()
get user active state @access public
static _lookupLogin($a_user_id)
lookup login
static _incrementLoginAttempts($a_usr_id)
static _lookupId($a_user_str)
Lookup id by login.
static _setUserInactive($a_usr_id)
static _getLoginAttempts($a_usr_id)
static hasActiveSession($a_user_id, $a_session_id)
Check for simultaneous login.
getClientIP()
get client ip number @access public
getId()
get object id @access public
static _getInstance()
Get instance of ilSecuritySettings.
static handleLoginEvent($a_login, ilAuthSession $auth_session)
when current session is allowed to be created it marks it with type regarding to the sessions user co...
static set($a_var, $a_val)
Set a value.
static get($a_var)
Get a value.
static isProfileIncomplete($a_user, $a_include_udf=true, $a_personal_data_only=true)
Check if all required personal data fields are set.
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Interface of auth credentials.
Description of class interface.
getExternalAccountName()
Get external account name.
getTriggerAuthMode()
Get auth mode which triggered the account migration 2_1 for ldap account migration with server id 1 1...
getUserAuthModeName()
Get user auth mode name ldap_1 for ldap account migration with server id 1 apache for apache auth.
Standard interface for auth provider implementations.
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']