RdbAdmin Module

LoginSubController extends BaseController
in package
uses SessionsTrait, UsersTrait

Description of Login

Tags
author

mr.v

Table of Contents

Properties

$Input  : Input
$Languages  : Languages
$runnedCronResult  : array<string|int, mixed>
$totalLoggedInSessions  : int
$userSessionCookieData  : array<string|int, mixed>

Methods

__construct()  : mixed
{@inheritDoc}
doLogin2faVerify()  : array<string|int, mixed>
Do verify 2 step verification login.
doLoginSuccessSetCookie()  : mixed
On check login success, set logged in cookie.
handleLoginFail()  : array<string|int, mixed>
Handle login failed.
handleLoginSuccess()  : array<string|int, mixed>
Handle login success.
send2faCodeEmail()  : array<string|int, mixed>
Send 2 step verification code to email.
addUpdateUserFormValidation()  : array<string|int, mixed>
Form validation for add and update user.
decryptUserFieldsKey()  : string
Decrypt user fields key.
doLogin2faClearData()  : mixed
Clear 2 step verification code, time, temp data, cache, session (user_id).
doLoginFailedRecordLogins()  : mixed
On check login failed, record logins (failed) if configuration was disabled brute-force prevention.
doLoginFailedRegisterBruteForceFailedAuth()  : mixed
On check login failed, if brute-force attack prevention is enabled then it will be register the failed authentication.
doLoginFailedSendLoginResetEmail()  : mixed
On login failed, if uset status is disabled and contain word about simultaneous login locked or contain key in user_fields table then re-send the login with reset password link.
doLoginFailedSetErrorMessage()  : array<string|int, mixed>
On check login failed, set the error message, set http response code (example: 4xx).
doLoginSucceessRecordLogins()  : mixed
On check login success, record logins.
doLoginSuccessUpdateLastLogin()  : mixed
On check login success, update last login date/time.
generateUserFieldsKey()  : array<string|int, mixed>
Generate user fields key.
getCookieExpires()  : array<string|int, mixed>
Get cookie expires.
getPageHtmlClasses()  : string
Get page HTML classes.
getPageHtmlTitle()  : string
Get page HTML title including site name if it was set.
getUserUrlsMethods()  : array<string|int, mixed>
Get URLs and methods about user pages.
isUserLoggedIn()  : bool
Check if user is logged in.
logoutUser()  : mixed
Logout target user.
maybeRunCron()  : mixed
Maybe run cron job if config is set to not use server cron.
responseJson()  : string
{@inheritDoc}
responseXml()  : string
{@inheritDoc}
sessionTraitLogoutAll()  : mixed
Logout all succeeded login sessions, lock user account, send login link to user's email.
setBasicConfig()  : mixed
Setup basic PHP configurations such as default timezone.
setHeaderAllowOrigin()  : mixed
Set header allow origin for CORS.
isModuleExcute()  : bool
Check if current call is `Modules->execute()`
sessionsTraitCheckIsLoggedInFromContainer()  : array<string|int, mixed>
Check is logged in from container if exists.
sessionTraitLogoutPreviousSessions()  : mixed
Logout all sessions before latest succeeded login. (logout only succeeded login).

Properties

$runnedCronResult

protected array<string|int, mixed> $runnedCronResult = []

Runned cron jobs result. This is for use in case that set cron job, cron tab to run by URL. The CronController will be call to this BaseController. So, it is no need to using Libraries\Cron class to run jobs again. Just get the run result from this property. This property will be set by maybeRunCron() method.

$totalLoggedInSessions

protected int $totalLoggedInSessions = 0

The number of sessions that found this user logged in. This property is able to access after called to isUserLoggedIn() method.

$userSessionCookieData

protected array<string|int, mixed> $userSessionCookieData = []

The cookie data of logged in user. This property is able to access after called to isUserLoggedIn() method.

Methods

__construct()

{@inheritDoc}

public __construct(Container $Container) : mixed
Parameters
$Container : Container

doLogin2faVerify()

Do verify 2 step verification login.

public doLogin2faVerify(int $user_id, array<string|int, mixed> $output, UserFieldsDb $UserFieldsDb, Url $Url) : array<string|int, mixed>

If success:
Clear code, time, temp data, session (user_id).
Call to handleLoginSuccess() method.
If not request via ajax or rest api.
Redirect to new url.
Else.
Return redirect url and login status result.
If fail:
If not over 3 times.
It will be show http response code, error message, error form status.
If over 3 times.
If this request has not done via rest api or ajax then it will be redirect to new url if failed over x times.
Clear code, time, temp data, session (user_id).

Parameters
$user_id : int
$output : array<string|int, mixed>
$UserFieldsDb : UserFieldsDb
$Url : Url
Return values
array<string|int, mixed>

Return associative array with keys:
'gobackUrl' (string - optional) Go back URL on success only.
'redirectUrl' (string - optional) Redirect URL.
'formResultStatus' (string - optional) Alert message status.
'formResultMessage' (string, array) Alert messages.
'submitTimes' (int) Number of submit failed.

doLoginSuccessSetCookie()

On check login success, set logged in cookie.

public doLoginSuccessSetCookie(array<string|int, mixed> $doLoginResult, int $cookieExpires) : mixed

This method was called from handleLoginSuccess() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$cookieExpires : int

The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire.

handleLoginFail()

Handle login failed.

public handleLoginFail(array<string|int, mixed> $data, array<string|int, mixed> $output, array<string|int, mixed> $doLoginResult, UsersDb $UsersDb, UserLoginsDb $UserLoginsDb, BruteForceLoginPrevention $BruteForceLoginPrevention) : array<string|int, mixed>

Set error message, record failed logins, register brute-force failed auth.
In case that account was locked because simultaneous login setting then re-send email.

Parameters
$data : array<string|int, mixed>
$output : array<string|int, mixed>
$doLoginResult : array<string|int, mixed>
$UsersDb : UsersDb
$UserLoginsDb : UserLoginsDb
$BruteForceLoginPrevention : BruteForceLoginPrevention
Return values
array<string|int, mixed>

handleLoginSuccess()

Handle login success.

public handleLoginSuccess(array<string|int, mixed> $data, array<string|int, mixed> $output, array<string|int, mixed> $doLoginResult, UserLoginsDb $UserLoginsDb, BruteForceLoginPrevention $BruteForceLoginPrevention) : array<string|int, mixed>

The processes in this method are:

  • set session key to $doLoginResult['user']['sessionKey'] array.
  • update last login to users table.
  • set login cookie.
  • set new device cookie (for brute-force attack prevention).
  • delete brute-force locked-out.
  • record logins data (user agent, ip, session key, success status, etc).
  • set output success message and status.
Parameters
$data : array<string|int, mixed>

The form data.

$output : array<string|int, mixed>

The output views data. Require array that contain keys:
['configDb']['rdbadmin_UserLoginRememberLength'],
['configDb']['rdbadmin_UserLoginNotRememberLength']

$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$UserLoginsDb : UserLoginsDb

UserLoginsDb model class.

$BruteForceLoginPrevention : BruteForceLoginPrevention

BruteForceLoginPrevention class.

Return values
array<string|int, mixed>

Return associative array with keys:
'formResultStatus' (string) if there is alert message(s).
'formResultMessage' (string) if there is alert message(s).
'loggedIn' (bool) true if login success, false for otherwise.
'loggedInData' (array) some user data.

send2faCodeEmail()

Send 2 step verification code to email.

public send2faCodeEmail(array<string|int, mixed> $data, array<string|int, mixed> $output, array<string|int, mixed> $doLoginResult, UsersDb $UsersDb, UserFieldsDb $UserFieldsDb) : array<string|int, mixed>

This method will be set http response code if contains error.
If send success, this method will be write temp data to db and set user id to session to use it later.

Parameters
$data : array<string|int, mixed>

The form data.

$output : array<string|int, mixed>

The output views data.

$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$UsersDb : UsersDb

UsersDb model class.

$UserFieldsDb : UserFieldsDb

UserFieldsDb model class.

Return values
array<string|int, mixed>

Return associative array with the same $output as in argument. Additional keys are:
'formResultStatus' (string) if contain alert message(s).
'formResultMessage' (array) if contain alert message(s).
'emailSent' (bool) if sent successfully it will be true otherwise will be false.

addUpdateUserFormValidation()

Form validation for add and update user.

protected addUpdateUserFormValidation(array<string|int, mixed> $data[, array<string|int, mixed> $dataField = [] ][, array<string|int, mixed> $dataUsersRoles = [] ][, string $saveType = 'insert' ][, string|int $user_id = '' ]) : array<string|int, mixed>

Validate required and valid form fields.
Validate that selected roles did not have higher priority that the user who add or update them.
Validate username and email must not exists.
This method was called from doAddAction() method.

Parameters
$data : array<string|int, mixed>

The associative array form data.

$dataField : array<string|int, mixed> = []

Associative array for user_fields table.

$dataUsersRoles : array<string|int, mixed> = []

Associative array for users_roles table.

$saveType : string = 'insert'

Type of saving data. It can be 'insert' or 'update'. Default is 'insert'.

$user_id : string|int = ''

The user_id to check where $saveType is 'update' that any user else data must be unique.

Return values
array<string|int, mixed>

Return associative array with keys if contain at least one error:
formResultStatus (if error),
formResultMessage (if error) The result message,
formFieldsValidation (optional) Fields that contain errors,
responseStatus (optional) For HTTP response status,

decryptUserFieldsKey()

Decrypt user fields key.

protected decryptUserFieldsKey(string|object $encryptedKey) : string
Parameters
$encryptedKey : string|object

The encrypted key string. Or you may set user_fields object from PDO query instead.

Return values
string

Return decrypted key string or return empty string if failed to decrypted.

doLogin2faClearData()

Clear 2 step verification code, time, temp data, cache, session (user_id).

protected doLogin2faClearData(int $user_id, UserFieldsDb $UserFieldsDb) : mixed
Parameters
$user_id : int

The user ID.

$UserFieldsDb : UserFieldsDb

UserFieldsDb model class.

doLoginFailedRecordLogins()

On check login failed, record logins (failed) if configuration was disabled brute-force prevention.

protected doLoginFailedRecordLogins(array<string|int, mixed> $doLoginResult, array<string|int, mixed> $output, string $untranslatedMessage, UserLoginsDb $UserLoginsDb) : mixed

if configuration was enabled brute-force prevention via dc, it will be already record there in BruteForceLoginPrevention->registerFailedAuth().
This method was called from handleLoginFail() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$output : array<string|int, mixed>

The output array that contain configDb in key.

$untranslatedMessage : string

The error message that was not translated.

$UserLoginsDb : UserLoginsDb

UserLoginsDb model class.

doLoginFailedRegisterBruteForceFailedAuth()

On check login failed, if brute-force attack prevention is enabled then it will be register the failed authentication.

protected doLoginFailedRegisterBruteForceFailedAuth(array<string|int, mixed> $doLoginResult, array<string|int, mixed> $regFailedData, BruteForceLoginPrevention $BruteForceLoginPrevention) : mixed

This method was called from handleLoginFail() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$regFailedData : array<string|int, mixed>

The register data. For more information please read in BruteForceLoginPrevention->registerFailedAuth() method.

$BruteForceLoginPrevention : BruteForceLoginPrevention

BruteForceLoginPrevention class.

Tags
see
BruteForceLoginPrevention::registerFailedAuth()

doLoginFailedSendLoginResetEmail()

On login failed, if uset status is disabled and contain word about simultaneous login locked or contain key in user_fields table then re-send the login with reset password link.

protected doLoginFailedSendLoginResetEmail(array<string|int, mixed> $doLoginResult, array<string|int, mixed> &$output, UserLoginsDb $UserLoginsDb) : mixed

This will not check if password is correct or not (in case that users forgot their password so, the forgot password link will not working in this case).
This method will set or add error message(s) and also set http response code (example: 4xx).
This method was called from handleLoginFail() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$output : array<string|int, mixed>

The associative output used in doLogin() method. This method will modify the output.

$UserLoginsDb : UserLoginsDb

UserLoginsDb model class.

doLoginFailedSetErrorMessage()

On check login failed, set the error message, set http response code (example: 4xx).

protected doLoginFailedSetErrorMessage(array<string|int, mixed> $doLoginResult, UsersDb $UsersDb) : array<string|int, mixed>

This method was called from handleLoginFail() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$UsersDb : UsersDb

UsersDb model class.

Return values
array<string|int, mixed>

Return associative array with keys: formResultMessage (string) The error message that was translated.
untranslatedMessage (string) The error message that was not translated.

doLoginSucceessRecordLogins()

On check login success, record logins.

protected doLoginSucceessRecordLogins(array<string|int, mixed> $doLoginResult, string|null $deviceCookieSignature, UserLoginsDb $UserLoginsDb[, array<string|int, mixed> $recordLoginsData = [] ]) : mixed

This method was called from handleLoginSuccess() method.

Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

$deviceCookieSignature : string|null

Device cookie signature got from $BruteForceLoginPrevention->deviceCookieSignature property.

$UserLoginsDb : UserLoginsDb

UserLoginsDb model class.

$recordLoginsData : array<string|int, mixed> = []

Additional record logins data.

doLoginSuccessUpdateLastLogin()

On check login success, update last login date/time.

protected doLoginSuccessUpdateLastLogin(array<string|int, mixed> $doLoginResult) : mixed
Parameters
$doLoginResult : array<string|int, mixed>

The check login result that have got from \Rdb\Modules\RdbAdmin\Models\UsersDb->checkLogin() method.

generateUserFieldsKey()

Generate user fields key.

protected generateUserFieldsKey([int $length = 8 ]) : array<string|int, mixed>

Generate keys that can be use in change email confirmation, register confirmation, etc.

Parameters
$length : int = 8

The length of key.

Return values
array<string|int, mixed>

Return associative array with 'readableKey', 'encryptedKey' keys.

getCookieExpires()

Get cookie expires.

protected getCookieExpires(array<string|int, mixed> $data, array<string|int, mixed> $output) : array<string|int, mixed>

This method was called from handleLoginSuccess() method.

Parameters
$data : array<string|int, mixed>

The form data.

$output : array<string|int, mixed>

The output views data. Require array that contain keys:
['configDb']['rdbadmin_UserLoginRememberLength'],
['configDb']['rdbadmin_UserLoginNotRememberLength']

Return values
array<string|int, mixed>

Return associative array with keys: expireDay (int) expires in day,
expireTimestamp (int) expires in timestamp but it can be 0 (for session expires).

getPageHtmlClasses()

Get page HTML classes.

protected getPageHtmlClasses([array<string|int, mixed> $classes = [] ]) : string
Parameters
$classes : array<string|int, mixed> = []

The classes to set for this html page.

Tags
todo

[rdb] Remove auto generate class name rdba-page-, use new one rdba-pagehtml- to prevent duplicate use in many cases. Remove this in v2.0

todo

[rdb] Remove auto generate class name rdba-class-, use new one rdba-calledclass- to prevent duplicate use in many cases. Remove this in v2.0

Return values
string

Return generated html classes names.

getPageHtmlTitle()

Get page HTML title including site name if it was set.

protected getPageHtmlTitle(string $title[, string|null|false $siteName = false ]) : string
Parameters
$title : string

The site title.

$siteName : string|null|false = false

Site name should be string.
Set to empty string or null will not include the site name.
Set to false to automatic get the site name from config DB.

Tags
throws
InvalidArgumentException
Return values
string

getUserUrlsMethods()

Get URLs and methods about user pages.

protected getUserUrlsMethods([string $user_id = '' ]) : array<string|int, mixed>
Parameters
$user_id : string = ''

The user ID.

Return values
array<string|int, mixed>

Return associative array.

isUserLoggedIn()

Check if user is logged in.

protected isUserLoggedIn([int $user_id = null ][, string $userlogin_session_key = '' ]) : bool

After called this method and it was true then you can access total sessions via totalLoggedInSessions property.
After called this method and cookie is valid then you can access cookie data via userSessionCookieData property.
If there is simultaneous login and user's setting is something that is not allowed (such as logout previous, logout all), it will be process here.

Parameters
$user_id : int = null

The user ID. Set to null (default) to auto detect from cookie.

$userlogin_session_key : string = ''

The logged in session key. Set to empty string (default) to auto detect from cookie.

Return values
bool

Return true if logged in, false for not.

logoutUser()

Logout target user.

protected logoutUser([array<string|int, mixed> $cookieData = [] ][, bool $logoutAllDevice = false ]) : mixed
Parameters
$cookieData : array<string|int, mixed> = []

The associative array of cookie data. This value can get from Cookie class. The array keys are:
user_id (required).
sessionKey (optional) For delete specific session key from user_logins table.

$logoutAllDevice : bool = false

Set to true to logout all device, false for specific session key.

maybeRunCron()

Maybe run cron job if config is set to not use server cron.

protected maybeRunCron() : mixed

responseJson()

{@inheritDoc}

protected responseJson(mixed $output) : string
Parameters
$output : mixed
Return values
string

responseXml()

{@inheritDoc}

protected responseXml(mixed $output) : string
Parameters
$output : mixed
Return values
string

sessionTraitLogoutAll()

Logout all succeeded login sessions, lock user account, send login link to user's email.

protected sessionTraitLogoutAll(int $user_id, UserLoginsDb $UserLoginsDb, UserFieldsDb $UserFieldsDb) : mixed

This method also set cache that email was sent recently.
This method was called from isUserLoggedIn().
This method was called from LoginController->doLogin().

Parameters
$user_id : int
$UserLoginsDb : UserLoginsDb
$UserFieldsDb : UserFieldsDb

setBasicConfig()

Setup basic PHP configurations such as default timezone.

protected setBasicConfig() : mixed

setHeaderAllowOrigin()

Set header allow origin for CORS.

protected setHeaderAllowOrigin() : mixed

isModuleExcute()

Check if current call is `Modules->execute()`

private isModuleExcute() : bool

This method was called from maybeRunCron(), __construct().

Tags
since
1.2.9
Return values
bool

Return true if it is, false if it is not.

sessionsTraitCheckIsLoggedInFromContainer()

Check is logged in from container if exists.

private sessionsTraitCheckIsLoggedInFromContainer() : array<string|int, mixed>

The check data in container must not older than N seconds.

Tags
since
1.2.9
Return values
array<string|int, mixed>

Return indexed array where first index is UsersSessionsTrait object in the container if exists. This value can be null.
Second index is result of "is logged in". This value can be null.

sessionTraitLogoutPreviousSessions()

Logout all sessions before latest succeeded login. (logout only succeeded login).

private sessionTraitLogoutPreviousSessions(int $user_id, UserLoginsDb $UserLoginsDb) : mixed

This method was called from isUserLoggedIn().

Parameters
$user_id : int
$UserLoginsDb : UserLoginsDb 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results