Ejemplo n.º 1
0
 /**
  * Authenticates the user based on the current request.
  *
  * If authentication is successful, true must be returned.
  * If authentication fails, an exception must be thrown.
  *
  * @param DAV\Server $server
  * @param string $realm
  * @throws DAV\Exception\NotAuthenticated
  * @return bool
  */
 function authenticate(DAV\Server $server, $realm)
 {
     $auth = new HTTP\Auth\Basic($realm, $server->httpRequest, $server->httpResponse);
     $userpass = $auth->getCredentials($server->httpRequest);
     if (!$userpass) {
         $auth->requireLogin();
         throw new DAV\Exception\NotAuthenticated('No basic authentication headers were found');
     }
     // Authenticates the user
     if (!$this->validateUserPass($userpass[0], $userpass[1])) {
         $auth->requireLogin();
         throw new DAV\Exception\NotAuthenticated('Username or password does not match');
     }
     $this->currentUser = $userpass[0];
     return true;
 }
Ejemplo n.º 2
0
 function testRequireLogin()
 {
     $response = new Response();
     $basic = new Basic('Dagger', new Request(), $response);
     $basic->requireLogin();
     $this->assertEquals('Basic realm="Dagger"', $response->getHeader('WWW-Authenticate'));
     $this->assertEquals(401, $response->getStatus());
 }
Ejemplo n.º 3
0
 * @copyright Copyright (C) 2009-2015 fruux GmbH (https://fruux.com/).
 * @author Evert Pot (http://evertpot.com/)
 * @license http://sabre.io/license/ Modified BSD License
 */
$userList = ["user1" => "password", "user2" => "password"];
use Sabre\HTTP\Sapi;
use Sabre\HTTP\Response;
use Sabre\HTTP\Auth;
// Find the autoloader
$paths = [__DIR__ . '/../vendor/autoload.php', __DIR__ . '/../../../autoload.php', __DIR__ . '/vendor/autoload.php'];
foreach ($paths as $path) {
    if (file_exists($path)) {
        include $path;
        break;
    }
}
$request = Sapi::getRequest();
$response = new Response();
$basicAuth = new Auth\Basic("Locked down area", $request, $response);
if (!($userPass = $basicAuth->getCredentials())) {
    // No username or password given
    $basicAuth->requireLogin();
} elseif (!isset($userList[$userPass[0]]) || $userList[$userPass[0]] !== $userPass[1]) {
    // Username or password are incorrect
    $basicAuth->requireLogin();
} else {
    // Success !
    $response->setBody('You are logged in!');
}
// Sending the response
Sapi::sendResponse($response);
Ejemplo n.º 4
0
 /**
  * This method is called when a user could not be authenticated, and
  * authentication was required for the current request.
  *
  * This gives you the opportunity to set authentication headers. The 401
  * status code will already be set.
  *
  * In this case of Basic Auth, this would for example mean that the
  * following header needs to be set:
  *
  * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
  *
  * Keep in mind that in the case of multiple authentication backends, other
  * WWW-Authenticate headers may already have been set, and you'll want to
  * append your own WWW-Authenticate header instead of overwriting the
  * existing one.
  *
  * @param RequestInterface $request
  * @param ResponseInterface $response
  * @return void
  */
 function challenge(RequestInterface $request, ResponseInterface $response)
 {
     $auth = new HTTP\Auth\Basic($this->realm, $request, $response);
     $auth->requireLogin();
 }