105 $this->
getLogger()->warning(
'Desired user account is not authenticated');
108 include_once
'./Services/Object/classes/class.ilObjectFactory.php';
110 $user = $user_factory->getInstanceByObjId(
$session->getUserId(),
false);
113 $this->
getLogger()->info(
'Cannot instantiate user account for account migration: ' . $session->
getUserId());
121 $user->setExternalAccount(
ilSession::get(static::MIG_EXTERNAL_ACCOUNT));
126 $this->logger->warning(
'Provider: ' . get_class($provider) .
' does not support account migration.');
127 throw new InvalidArgumentException(
'Invalid auth provider given.');
130 $provider->migrateAccount($this->
getStatus());
145 foreach ($this->providers as $provider) {
147 $this->logger->warning(
'Provider: ' . get_class($provider) .
' does not support account migration.');
148 throw new InvalidArgumentException(
'Invalid auth provider given.');
150 $provider->createNewAccount($this->
getStatus());
171 $this->
getLogger()->debug(
'Trying authentication against: ' . get_class($provider));
173 $provider->doAuthentication($this->
getStatus());
175 $this->
getLogger()->debug(
'Authentication user id: ' . $this->
getStatus()->getAuthenticatedUserId());
182 $this->
getLogger()->notice(
"Account migration required.");
187 $this->
getLogger()->debug(
'Authentication failed against: ' . get_class($provider));
205 #$this->getStatus()->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
222 include_once
'./Services/Object/classes/class.ilObjectFactory.php';
224 $user =
$factory->getInstanceByObjId($this->
getStatus()->getAuthenticatedUserId(),
false);
230 $this->
getLogger()->error(
'Cannot instantiate user account with id: ' . $this->
getStatus()->getAuthenticatedUserId());
233 $this->
getStatus()->setReason(
'auth_err_invalid_user_account');
238 $this->
getLogger()->info(
'Authentication failed for inactive user with id and too may login attempts: ' . $this->
getStatus()->getAuthenticatedUserId());
241 $this->
getStatus()->setReason(
'auth_err_login_attempts_deactivation');
246 $this->
getLogger()->info(
'Authentication failed for inactive user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
249 $this->
getStatus()->setReason(
'err_inactive');
255 $this->
getLogger()->info(
'Authentication failed (time limit restriction) for user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
257 if (
$GLOBALS[
'DIC'][
'ilSetting']->
get(
'user_reactivate_code')) {
258 $this->
getLogger()->debug(
'Accout reactivation codes are active');
261 $this->
getLogger()->debug(
'Accout reactivation codes are inactive');
265 $this->
getStatus()->setReason(
'time_limit_reached');
271 $this->
getLogger()->info(
'Authentication failed (wrong ip) for user with id: ' . $this->
getStatus()->getAuthenticatedUserId());
285 $this->
getLogger()->debug(
'Check simutaneous login');
287 $this->
getLogger()->info(
'Authentication failed: simultaneous logins forbidden for user: ' . $this->
getStatus()->getAuthenticatedUserId());
290 $this->
getStatus()->setReason(
'simultaneous_login_detected');
295 include_once
"Services/User/classes/class.ilUserProfile.php";
296 include_once
'./Services/Context/classes/class.ilContext.php';
303 $user->setProfileIncomplete(
true);
312 include_once
'Services/Tracking/classes/class.ilOnlineTracking.php';
313 ilOnlineTracking::addUser($user->getId());
316 include_once
'Modules/Forum/classes/class.ilObjForum.php';
319 require_once
'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
326 $security_settings->isPasswordChangeOnFirstLoginEnabled() &&
327 $user->getLastLogin() ==
null
329 $user->resetLastPasswordChange();
331 $user->refreshLogin();
340 include_once
'./Services/Init/classes/class.ilInitialisation.php';
344 $user->hasToAcceptTermsOfServiceInSession(
true);
349 'logged in as ' . $user->getLogin() .
357 $ilAppEventHandler =
$DIC[
'ilAppEventHandler'];
358 $ilAppEventHandler->raise(
359 'Services/Authentication',
362 'username' => $user->getLogin())
392 require_once
'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
394 $maxLoginAttempts = $security->getLoginMaxAttempts();
396 if (!(
int) $maxLoginAttempts) {
402 return $numLoginAttempts < $maxLoginAttempts;
421 if (trim($clientip) !=
"") {
422 $clientip = preg_replace(
"/[^0-9.?*,:]+/",
"", $clientip);
423 $clientip = str_replace(
".",
"\\.", $clientip);
424 $clientip = str_replace(array(
"?",
"*",
","), array(
"[0-9]",
"[0-9]*",
"|"), $clientip);
428 if (!preg_match(
"/^" . $clientip .
"$/",
$_SERVER[
"REMOTE_ADDR"])) {
441 $this->
getLogger()->debug(
'Setting prevent simultaneous session is: ' . (
string)
$GLOBALS[
'DIC'][
'ilSetting']->
get(
'ps_prevent_simultaneous_logins'));
443 $GLOBALS[
'DIC'][
'ilSetting']->
get(
'ps_prevent_simultaneous_logins') &&
456 $this->
getLogger()->debug(
'Authentication failed for all authentication methods.');
465 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
467 $max_attempts = $security->getLoginMaxAttempts();
469 if ((
int) $max_attempts && $login_attempts >= $max_attempts) {
470 $this->
getStatus()->setReason(
'auth_err_login_attempts_deactivation');
471 $this->
getLogger()->warning(
'User account set to inactive due to exceeded login attempts.');
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
An exception for terminatinating execution or to throw for unit testing.
Description of class class.
const MIG_DESIRED_AUTHMODE
resetStatus()
Reset status.
checkActivation(ilObjUser $user)
Check activation.
checkIp(ilObjUser $user)
Check ip.
handleAuthenticationFail()
Handle failed authenication.
authenticate()
Try to authenticate user.
checkExceededLoginAttempts(\ilObjUser $user)
checkTimeLimit(ilObjUser $user)
Check time limit.
handleAccountMigration(ilAuthProviderAccountMigrationInterface $provider)
Handle account migration.
migrateAccountNew()
Create new user account.
const MIG_EXTERNAL_ACCOUNT
__construct(ilAuthSession $session, ilAuthStatus $status, ilAuthCredentials $credentials, array $providers)
Constructor.
checkSimultaneousLogins(ilObjUser $user)
Check simultaneous logins.
migrateAccount(ilAuthSession $session)
Migrate Account to existing user account.
getAuthSession()
Get auth session.
getCredentials()
Get auth credentials.
getProviders()
Get providers.
handleAuthenticationSuccess(ilAuthProviderInterface $provider)
Handle successful authentication.
const MIG_TRIGGER_AUTHMODE
getUserId()
Get authenticated user id.
Auth status implementation.
const STATUS_CODE_ACTIVATION_REQUIRED
const STATUS_AUTHENTICATED
const STATUS_AUTHENTICATION_FAILED
const STATUS_ACCOUNT_MIGRATION_REQUIRED
static getType()
Get context type.
const CONTEXT_LTI_PROVIDER
static initUserAccount()
Init user with current account id.
static getLogger($a_component_id)
Get component logger.
static _updateOldAccess($a_usr_id)
static _resetLoginAttempts($a_usr_id)
getActive()
get user active state @access public
static _lookupLogin($a_user_id)
lookup login
static _incrementLoginAttempts($a_usr_id)
static _lookupId($a_user_str)
Lookup id by login.
static _setUserInactive($a_usr_id)
static _getLoginAttempts($a_usr_id)
static hasActiveSession($a_user_id, $a_session_id)
Check for simultaneous login.
getClientIP()
get client ip number @access public
Class ilObjectFactory This class offers methods to get instances of the type-specific object classes ...
getId()
get object id @access public
static _getInstance()
Get instance of ilSecuritySettings.
static handleLoginEvent($a_login, ilAuthSession $auth_session)
when current session is allowed to be created it marks it with type regarding to the sessions user co...
static set($a_var, $a_val)
Set a value.
static get($a_var)
Get a value.
static isProfileIncomplete($a_user, $a_include_udf=true, $a_personal_data_only=true)
Check if all required personal data fields are set.
Interface of auth credentials.
Description of class interface.
getExternalAccountName()
Get external account name.
getTriggerAuthMode()
Get auth mode which triggered the account migration 2_1 for ldap account migration with server id 1 1...
getUserAuthModeName()
Get user auth mode name ldap_1 for ldap account migration with server id 1 apache for apache auth.
Standard interface for auth provider implementations.