fixing up the frontend login

infinitas · Nov 22, 2012 · c1a96bc · c1a96bc
1 parent 798a5fd
commit c1a96bc
Show file tree

Hide file tree

Showing 5 changed files with 64 additions and 100 deletions.
diff --git a/Core/Security/Controller/Component/InfinitasSecurityComponent.php b/Core/Security/Controller/Component/InfinitasSecurityComponent.php
@@ -71,14 +71,12 @@ protected function _detectBot() {
  * @return void
  */
 	protected function _setupAuth() {
-		//$this->Controller->Auth->allow();
 		$this->Controller->Auth->allow('display');
 
 		if (!isset($this->Controller->request->params['prefix']) || $this->Controller->request->params['prefix'] != 'admin') {
 			$this->Controller->Auth->allow();
 		}
 
-		//$this->Controller->Auth->authorize	= array('Actions' => array('actionPath' => 'controllers/'));
 		$this->Controller->Auth->loginAction  = array('plugin' => 'users', 'controller' => 'users', 'action' => 'login');
 
 		if(Configure::read('Website.login_type') == 'email') {
@@ -161,12 +159,22 @@ protected function _checkBadLogins() {
 		if($this->Controller->Auth->user('id') || empty($this->Controller->request->data)) {
 			return true;
 		}
+		$field = null;
+		if(!empty($this->Controller->request->data['User']['username'])) {
+			$field = $this->Controller->request->data['User']['username'];
+		} else if(!empty($this->Controller->request->data['User']['email'])) {
+			$field = $this->Controller->request->data['User']['email'];
+		}
+
+		if (!$field) {
+			return false;
+		}
 
 		$old = $this->Controller->Session->read('Infinitas.Security.loginAttempts');
 		if (count($old) > 0) {
 			$this->risk = ClassRegistry::init('Security.IpAddress')->findSimmilarAttempts(
 				$this->Controller->RequestHandler->getClientIp(),
-				$this->Controller->request->data['User']['username']
+				$field
 			);
 		}
 

diff --git a/Core/Users/Controller/UsersController.php b/Core/Users/Controller/UsersController.php
@@ -38,9 +38,7 @@ public function beforeRender() {
 
 			if($this->request->params['admin']) {
 				$this->layout = 'admin_login';
-			}
-
-			else if($this->theme && file_exists(APP . 'View' . DS . 'Themed' . DS . $this->theme . DS . 'Layouts' . DS . 'front_login.ctp')) {
+			} else if($this->theme && file_exists(APP . 'View' . DS . 'Themed' . DS . $this->theme . DS . 'Layouts' . DS . 'front_login.ctp')) {
 				$this->layout = 'front_login';
 			}
 		}
@@ -162,34 +160,34 @@ public function login() {
 
 			$this->_createCookie();
 
-			if($this->Auth->login()) {
-				$this->{$this->modelClass}->recursive = -1;
+			if (!empty($this->request->data)) {
+				if($this->Auth->login()) {
+					$this->{$this->modelClass}->recursive = -1;
 
-				$lastLogon = $this->{$this->modelClass}->getLastLogon($this->Auth->user('id'));
-				$data = $this->_getUserData();
+					$lastLogon = $this->{$this->modelClass}->getLastLogon($this->Auth->user('id'));
+					$data = $this->_getUserData();
 
-				if ($this->{$this->modelClass}->save($data)) {
-					$currentUser = $this->Auth->user();
+					if ($this->{$this->modelClass}->save($data)) {
+						$currentUser = $this->Auth->user();
 
-					$this->Session->write('Auth.User', array_merge($data[$this->modelClass], $currentUser));
-					$this->notice(
-						sprintf(
-							__d('users', 'Welcome back %s, your last login was from %s, %s on %s. (%s)'),
-							$currentUser['username'],
-							$lastLogon[$this->modelClass]['country'],
-							$lastLogon[$this->modelClass]['city'],
-							$lastLogon[$this->modelClass]['last_login'],
-							$lastLogon[$this->modelClass]['ip_address']
-						)
-					);
-				}
+						$this->Session->write('Auth.User', array_merge($data[$this->modelClass], $currentUser));
+						$this->notice(
+							sprintf(
+								__d('users', 'Welcome back %s, your last login was from %s, %s on %s. (%s)'),
+								$currentUser['username'],
+								$lastLogon[$this->modelClass]['country'],
+								$lastLogon[$this->modelClass]['city'],
+								$lastLogon[$this->modelClass]['last_login'],
+								$lastLogon[$this->modelClass]['ip_address']
+							)
+						);
+					}
 
-				$this->Event->trigger('userLogin', $currentUser);
-				unset($lastLogon, $data);
-				$this->redirect($this->Auth->redirect());
-			}
+					$this->Event->trigger('userLogin', $currentUser);
+					unset($lastLogon, $data);
+					$this->redirect($this->Auth->redirect());
+				}
 
-			if (!(empty($this->request->data)) && !$this->Auth->user()) {
 				$this->InfinitasSecurity->badLoginAttempt($this->request->data[$this->modelClass]);
 				$this->notice(__d('users', 'Your login details have not been recognised'), array('level' => 'warning'));
 			}

diff --git a/Core/Users/View/Elements/login.ctp b/Core/Users/View/Elements/login.ctp
@@ -1,21 +1,21 @@
 <?php
-	/* 
+	/*
 	 * Short Description / title.
-	 * 
+	 *
 	 * Overview of what the file does. About a paragraph or two
-	 * 
+	 *
 	 * Copyright (c) 2010 Carl Sutton ( dogmatic69 )
-	 * 
+	 *
 	 * @filesource
 	 * @copyright Copyright (c) 2010 Carl Sutton ( dogmatic69 )
 	 * @link http://www.infinitas-cms.org
 	 * @package {see_below}
 	 * @subpackage {see_below}
 	 * @license http://www.opensource.org/licenses/mit-license.php The MIT License
 	 * @since {check_current_milestone_in_lighthouse}
-	 * 
+	 *
 	 * @author {your_name}
-	 * 
+	 *
 	 * Licensed under The MIT License
 	 * Redistributions of files must retain the above copyright notice.
 	 */
@@ -42,7 +42,7 @@
 				echo $this->Form->input('password', array('label' => false, 'value' => __('Password')));
 				echo $this->Form->submit('Login', array('class' => 'niceLink'));
 			echo $this->Form->end();
-			
+
 			$links = array('');
 			$links[] = $this->Html->link(
 				__('Forgot your password'),

diff --git a/Core/Users/View/Elements/logout.ctp b/Core/Users/View/Elements/logout.ctp
@@ -1,63 +1,21 @@
 <?php
-	/* 
-	 * Short Description / title.
-	 * 
-	 * Overview of what the file does. About a paragraph or two
-	 * 
-	 * Copyright (c) 2010 Carl Sutton ( dogmatic69 )
-	 * 
-	 * @filesource
-	 * @copyright Copyright (c) 2010 Carl Sutton ( dogmatic69 )
-	 * @link http://www.infinitas-cms.org
-	 * @package {see_below}
-	 * @subpackage {see_below}
-	 * @license http://www.opensource.org/licenses/mit-license.php The MIT License
-	 * @since {check_current_milestone_in_lighthouse}
-	 * 
-	 * @author {your_name}
-	 * 
-	 * Licensed under The MIT License
-	 * Redistributions of files must retain the above copyright notice.
-	 */
+/**
+ * Logout element
+ *
+ * @copyright Copyright (c) 2010 Carl Sutton ( dogmatic69 )
+ * @link http://www.infinitas-cms.org
+ * @package Infinitas.Users.View
+ * @license http://www.opensource.org/licenses/mit-license.php The MIT License
+ * @since 0.6a
+ *
+ * @author Carl Sutton <dogmatic69@infinitas-cms.org>
+ */
 
-	echo $this->Html->link(
-		__('logout'),
-		array(
-			'plugin' => 'users',
-			'controller' => 'users',
-			'action' => 'logout'
-		),
-		array(
-			'class' => 'niceLink'
-		)
-	);
-?>
-<div id="login-box">
-	<div class="siteLogout">
-		<?php
-			echo sprintf(__('Welcome back to %s'), Configure::read('Website.name'));
-			echo $this->Html->link(__('Logout'), array('plugin' => 'users', 'controller' => 'users', 'action' => 'logout'), array('class' => 'niceLink'));
-		?>
-	</div>
-	<div class="login-links">
-		<?php
-			echo $this->Html->link(
-				__('Manage Your profile'),
-				array(
-					'plugin' => 'users',
-					'controller' => 'users',
-					'action' => 'view',
-					AuthComponent::user('id')
-				)
-			), '<br/>',
-			$this->Html->link(
-				__('See whats going on'),
-				array(
-					'plugin' => 'feed',
-					'controller' => 'feeds',
-					'action' => 'index'
-				)
-			);
-		?>
-	</div>
-</div>
+echo $this->Html->tag('div', implode('', array(
+	__d('users', 'Welcome, %s', $this->Html->tag('em', AuthComponent::user('prefered_name'))),
+	$this->Html->link($this->Html->tag('i', '', array('class' => 'icon-remove-circle')), array(
+		'plugin' => 'users',
+		'controller' => 'users',
+		'action' => 'logout'
+	), array('escape' => false))
+)), array('class' => 'pull-right welcome'));
diff --git a/Core/Users/View/Elements/modules/login.ctp b/Core/Users/View/Elements/modules/login.ctp
@@ -1,7 +1,7 @@
 <?php
 /*
  * Login module
- * 
+ *
  * @copyright Copyright (c) 2010 Carl Sutton ( dogmatic69 )
  * @link http://www.infinitas-cms.org
  * @package Infinitas.Users.View
@@ -12,7 +12,7 @@
  */
 
 	if(AuthComponent::user('id')) {
-		echo $this->element('logout', array('plugin' => 'users'));
+		echo $this->element('Users.logout');
 	} else {
 		echo $this->Form->create('User', array(
 			'url' => array(
@@ -26,7 +26,7 @@
 			),
 			'class' => 'navbar-form pull-right'
 		));
-			echo $this->Form->input('usename', array(
+			echo $this->Form->input('username', array(
 				'placeholder' => __d('users', 'Username'),
 				'class' => 'span2'
 			));