protected final function _prepare()
 {
     if ($this->hasProvidedArgument('server')) {
         $this->_current_remote_server = $this->getProvidedArgument('server');
     } elseif (file_exists(THEBUGGENIE_PATH . '.remote_server')) {
         $this->_current_remote_server = file_get_contents(THEBUGGENIE_PATH . '.remote_server');
     } else {
         throw new Exception("Please specify an installation of The Bug Genie to connect to by running the set_remote command first.");
     }
     if ($this->hasProvidedArgument('username')) {
         $this->_current_remote_user = $this->getProvidedArgument('username');
     } elseif (file_exists(THEBUGGENIE_PATH . '.remote_username')) {
         $this->_current_remote_user = file_get_contents(THEBUGGENIE_PATH . '.remote_username');
     } else {
         $this->_current_remote_user = TBGContext::getCurrentCLIusername();
     }
     if (file_exists(THEBUGGENIE_PATH . '.remote_password_hash')) {
         $this->_current_remote_password_hash = file_get_contents(THEBUGGENIE_PATH . '.remote_password_hash');
     } else {
         $this->cliEcho('Please enter the password for user ');
         $this->cliEcho($this->_getCurrentRemoteUser(), 'white', 'bold');
         $this->cliEcho(' (the password will not be stored): ');
         $this->_current_remote_password_hash = TBGUser::hashPassword($this->_getCliInput());
     }
 }
 public function do_execute()
 {
     $this->cliEcho('Authenticating with server: ');
     $this->cliEcho($this->getProvidedArgument('server_url'), 'white', 'bold');
     $this->cliEcho("\n");
     $path = THEBUGGENIE_CONFIG_PATH;
     try {
         file_put_contents($path . '.remote_server', $this->getProvidedArgument('server_url'));
     } catch (Exception $e) {
         $path = getenv('HOME') . DS;
         file_put_contents($path . '.remote_server', $this->getProvidedArgument('server_url'));
     }
     $this->cliEcho('Authenticating as user: '******'username', TBGContext::getCurrentCLIusername());
     $this->cliEcho($username, 'white', 'bold');
     $this->cliEcho("\n");
     file_put_contents($path . '.remote_username', $username);
     $this->_current_remote_server = file_get_contents($path . '.remote_server');
     $this->cliEcho("\n");
     $this->cliEcho('You need to authenticate using an application-specific password.');
     $this->cliEcho("\n");
     $this->cliEcho("Create an application password from your account's 'Security' tab.");
     $this->cliEcho("\n");
     $this->cliEcho("Enter the application-specific password: "******"Authentication successful!\n", 'white', 'bold');
 }
Beispiel #3
0
 /**
  * Returns the logged in user, or default user if not logged in
  *
  * @param TBGRequest $request
  * @param TBGAction  $action
  *
  * @return TBGUser
  */
 public static function loginCheck(TBGRequest $request, TBGAction $action)
 {
     try {
         $authentication_method = $action->getAuthenticationMethodForAction(TBGContext::getRouting()->getCurrentRouteAction());
         $user = null;
         $external = false;
         switch ($authentication_method) {
             case TBGAction::AUTHENTICATION_METHOD_ELEVATED:
             case TBGAction::AUTHENTICATION_METHOD_CORE:
                 $username = $request['tbg3_username'];
                 $password = $request['tbg3_password'];
                 if ($authentication_method == TBGAction::AUTHENTICATION_METHOD_ELEVATED) {
                     $elevated_password = $request['tbg3_elevated_password'];
                 }
                 $raw = true;
                 // If no username and password specified, check if we have a session that exists already
                 if ($username === null && $password === null) {
                     if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
                         $username = TBGContext::getRequest()->getCookie('tbg3_username');
                         $password = TBGContext::getRequest()->getCookie('tbg3_password');
                         $user = TBGUsersTable::getTable()->getByUsername($username);
                         if ($authentication_method == TBGAction::AUTHENTICATION_METHOD_ELEVATED) {
                             $elevated_password = TBGContext::getRequest()->getCookie('tbg3_elevated_password');
                             if ($user instanceof TBGUser && !$user->hasPasswordHash($password)) {
                                 $user = null;
                             } else {
                                 if ($user instanceof TBGUser && !$user->hasPasswordHash($elevated_password)) {
                                     TBGContext::setUser($user);
                                     TBGContext::getRouting()->setCurrentRouteName('elevated_login_page');
                                     throw new TBGElevatedLoginException('reenter');
                                 }
                             }
                         } else {
                             if ($user instanceof TBGUser && !$user->hasPasswordHash($password)) {
                                 $user = null;
                             }
                         }
                         $raw = false;
                         if (!$user instanceof TBGUser) {
                             TBGContext::logout();
                             throw new Exception('No such login');
                         }
                     }
                 }
                 // If we have authentication details, validate them
                 if (TBGSettings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
                     $external = true;
                     TBGLogging::log('Authenticating with backend: ' . TBGSettings::getAuthenticationBackend(), 'auth', TBGLogging::LEVEL_INFO);
                     try {
                         $mod = TBGContext::getModule(TBGSettings::getAuthenticationBackend());
                         if ($mod->getType() !== TBGModule::MODULE_AUTH) {
                             TBGLogging::log('Auth module is not the right type', 'auth', TBGLogging::LEVEL_FATAL);
                         }
                         if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
                             $user = $mod->verifyLogin($username, $password);
                         } else {
                             $user = $mod->doLogin($username, $password);
                         }
                         if (!$user instanceof TBGUser) {
                             // Invalid
                             TBGContext::logout();
                             throw new Exception('No such login');
                             //TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
                         }
                     } catch (Exception $e) {
                         throw $e;
                     }
                 } elseif (TBGSettings::isUsingExternalAuthenticationBackend()) {
                     $external = true;
                     TBGLogging::log('Authenticating without credentials with backend: ' . TBGSettings::getAuthenticationBackend(), 'auth', TBGLogging::LEVEL_INFO);
                     try {
                         $mod = TBGContext::getModule(TBGSettings::getAuthenticationBackend());
                         if ($mod->getType() !== TBGModule::MODULE_AUTH) {
                             TBGLogging::log('Auth module is not the right type', 'auth', TBGLogging::LEVEL_FATAL);
                         }
                         $user = $mod->doAutoLogin();
                         if ($user == false) {
                             // Invalid
                             TBGContext::logout();
                             throw new Exception('No such login');
                             //TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
                         }
                     } catch (Exception $e) {
                         throw $e;
                     }
                 } elseif ($username !== null && $password !== null && !$user instanceof TBGUser) {
                     $external = false;
                     TBGLogging::log('Using internal authentication', 'auth', TBGLogging::LEVEL_INFO);
                     $user = TBGUsersTable::getTable()->getByUsername($username);
                     if (!$user->hasPassword($password)) {
                         $user = null;
                     }
                     if (!$user instanceof TBGUser) {
                         TBGContext::logout();
                     }
                 }
                 break;
             case TBGAction::AUTHENTICATION_METHOD_DUMMY:
                 $user = TBGUsersTable::getTable()->getByUserID(TBGSettings::getDefaultUserID());
                 break;
             case TBGAction::AUTHENTICATION_METHOD_CLI:
                 $user = TBGUsersTable::getTable()->getByUsername(TBGContext::getCurrentCLIusername());
                 break;
             case TBGAction::AUTHENTICATION_METHOD_RSS_KEY:
                 $user = TBGUsersTable::getTable()->getByRssKey($request['rsskey']);
                 break;
             case TBGAction::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
                 $user = TBGUsersTable::getTable()->getByUsername($request['api_username']);
                 if (!$user->authenticateApplicationPassword($request['api_token'])) {
                     $user = null;
                 }
                 break;
             default:
                 if (!TBGSettings::isLoginRequired()) {
                     $user = TBGUsersTable::getTable()->getByUserID(TBGSettings::getDefaultUserID());
                 }
         }
         if ($user instanceof TBGUser) {
             if (!$user->isActivated()) {
                 throw new Exception('This account has not been activated yet');
             } elseif (!$user->isEnabled()) {
                 throw new Exception('This account has been suspended');
             } elseif (!$user->isConfirmedMemberOfScope(TBGContext::getScope())) {
                 if (!TBGSettings::isRegistrationAllowed()) {
                     throw new Exception('This account does not have access to this scope');
                 }
             }
             if ($external == false && $authentication_method == TBGAction::AUTHENTICATION_METHOD_CORE) {
                 $password = $user->getHashPassword();
                 if (!$request->hasCookie('tbg3_username')) {
                     if ($request->getParameter('tbg3_rememberme')) {
                         TBGContext::getResponse()->setCookie('tbg3_username', $user->getUsername());
                         TBGContext::getResponse()->setCookie('tbg3_password', $user->getPassword());
                     } else {
                         TBGContext::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
                         TBGContext::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
                     }
                 }
             }
         } elseif (TBGSettings::isLoginRequired()) {
             throw new Exception('Login required');
         } else {
             throw new Exception('No such login');
         }
     } catch (Exception $e) {
         throw $e;
     }
     return $user;
 }
 /**
  * Returns the logged in user, or default user if not logged in
  *
  * @param string $uname
  * @param string $upwd
  * 
  * @return TBGUser
  */
 public static function loginCheck($username = null, $password = null)
 {
     try {
         $row = null;
         // If no username and password specified, check if we have a session that exists already
         if ($username === null && $password === null) {
             if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
                 $username = TBGContext::getRequest()->getCookie('tbg3_username');
                 $password = TBGContext::getRequest()->getCookie('tbg3_password');
                 $row = TBGUsersTable::getTable()->getByUsernameAndPassword($username, $password);
                 if (!$row) {
                     TBGContext::getResponse()->deleteCookie('tbg3_username');
                     TBGContext::getResponse()->deleteCookie('tbg3_password');
                     throw new Exception('No such login');
                     //TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
                 }
             }
         }
         // If we have authentication details, validate them
         if (TBGSettings::getAuthenticationBackend() !== null && TBGSettings::getAuthenticationBackend() !== 'tbg' && $username !== null && $password !== null) {
             TBGLogging::log('Authenticating with backend: ' . TBGSettings::getAuthenticationBackend(), 'auth', TBGLogging::LEVEL_INFO);
             try {
                 $mod = TBGContext::getModule(TBGSettings::getAuthenticationBackend());
                 if ($mod->getType() !== TBGModule::MODULE_AUTH) {
                     TBGLogging::log('Auth module is not the right type', 'auth', TBGLogging::LEVEL_FATAL);
                     throw new Exception('Invalid module type');
                 }
                 if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
                     $row = $mod->verifyLogin($username, $password);
                 } else {
                     $row = $mod->doLogin($username, $password);
                 }
                 if (!$row) {
                     // Invalid
                     TBGContext::getResponse()->deleteCookie('tbg3_username');
                     TBGContext::getResponse()->deleteCookie('tbg3_password');
                     throw new Exception('No such login');
                     //TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
                 }
             } catch (Exception $e) {
                 throw $e;
             }
         } elseif ($username !== null && $password !== null) {
             TBGLogging::log('Using internal authentication', 'auth', TBGLogging::LEVEL_INFO);
             // First test a pre-encrypted password
             $row = TBGUsersTable::getTable()->getByUsernameAndPassword($username, $password);
             if (!$row) {
                 // Then test an unencrypted password
                 $row = TBGUsersTable::getTable()->getByUsernameAndPassword($username, self::hashPassword($password));
                 if (!$row) {
                     // This is a legacy account from a 2.1 upgrade - try md5
                     $row = TBGUsersTable::getTable()->getByUsernameAndPassword($username, md5($password));
                     if (!$row) {
                         // Invalid
                         TBGContext::getResponse()->deleteCookie('tbg3_username');
                         TBGContext::getResponse()->deleteCookie('tbg3_password');
                         throw new Exception('No such login');
                         //TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
                     } else {
                         // convert md5 to new password type
                         $user = new TBGUser($row->get(TBGUsersTable::ID), $row);
                         $user->changePassword($password);
                         $user->save();
                         unset($user);
                     }
                 }
             }
         } elseif (TBGContext::isCLI()) {
             $row = TBGUsersTable::getTable()->getByUsername(TBGContext::getCurrentCLIusername());
         } elseif (!TBGSettings::isLoginRequired()) {
             $row = TBGUsersTable::getTable()->getByUserID(TBGSettings::getDefaultUserID());
         }
         if ($row) {
             if (!$row->get(TBGScopesTable::ENABLED)) {
                 throw new Exception('This account belongs to a scope that is not active');
             } elseif (!$row->get(TBGUsersTable::ACTIVATED)) {
                 throw new Exception('This account has not been activated yet');
             } elseif (!$row->get(TBGUsersTable::ENABLED)) {
                 throw new Exception('This account has been suspended');
             }
             $user = TBGContext::factory()->TBGUser($row->get(TBGUsersTable::ID), $row);
         } elseif (TBGSettings::isLoginRequired()) {
             throw new Exception('Login required');
         } else {
             throw new Exception('No such login');
         }
     } catch (Exception $e) {
         throw $e;
     }
     return $user;
 }