/** Database authentication */
function databaseAuthenticate($email, $password, $SessionCachePolicy, $rememberme)
{
global $loginerror;
$loginerror = '';
include dirname(__DIR__) . '/config/config.php';
$db = pdo_connect("{$CDASH_DB_HOST}", "{$CDASH_DB_LOGIN}", "{$CDASH_DB_PASS}");
pdo_select_db("{$CDASH_DB_NAME}", $db);
$sql = 'SELECT id,password FROM ' . qid('user') . " WHERE email='" . pdo_real_escape_string($email) . "'";
$result = pdo_query("{$sql}");
if (pdo_num_rows($result) == 0) {
pdo_free_result($result);
$loginerror = 'Wrong email or password.';
return false;
}
$user_array = pdo_fetch_array($result);
$pass = $user_array['password'];
// Check if the account is locked out.
if (accountIsLocked($user_array['id'])) {
return false;
}
// External authentication
if ($password === null && isset($CDASH_EXTERNAL_AUTH) && $CDASH_EXTERNAL_AUTH) {
// create the session array
$sessionArray = array('login' => $login, 'password' => 'this is not a valid password', 'passwd' => $user_array['password'], 'ID' => session_id(), 'valid' => 1, 'loginid' => $user_array['id']);
$_SESSION['cdash'] = $sessionArray;
pdo_free_result($result);
return true;
// authentication succeeded
} elseif (md5($password) == $pass) {
// Authentication is successful.
if ($rememberme) {
setRememberMeCookie($user_array['id']);
}
session_name('CDash');
session_cache_limiter($SessionCachePolicy);
session_set_cookie_params($CDASH_COOKIE_EXPIRATION_TIME);
@ini_set('session.gc_maxlifetime', $CDASH_COOKIE_EXPIRATION_TIME + 600);
session_start();
// create the session array
if (isset($_SESSION['cdash']['password'])) {
$password = $_SESSION['cdash']['password'];
}
$sessionArray = array('login' => $email, 'passwd' => $pass, 'ID' => session_id(), 'valid' => 1, 'loginid' => $user_array['id']);
$_SESSION['cdash'] = $sessionArray;
checkForExpiredPassword();
clearUnsuccessfulAttempts($user_array['id']);
return true;
}
incrementUnsuccessfulAttempts($user_array['id']);
$loginerror = 'Wrong email or password.';
return false;
}
/** Google authentication */
function googleAuthenticate($code)
{
$state = getGoogleAuthenticateState();
if ($state === false) {
return;
}
include dirname(__DIR__) . '/config/config.php';
global $CDASH_DB_HOST, $CDASH_DB_LOGIN, $CDASH_DB_PASS, $CDASH_DB_NAME;
$SessionCachePolicy = 'private_no_expire';
// initialize the session
session_name('CDash');
session_cache_limiter($SessionCachePolicy);
session_set_cookie_params($CDASH_COOKIE_EXPIRATION_TIME);
@ini_set('session.gc_maxlifetime', $CDASH_COOKIE_EXPIRATION_TIME + 600);
session_start();
// check that the anti-forgery token is valid
if ($state->csrfToken != $_SESSION['cdash']['csrfToken']) {
add_log('state anti-forgery token mismatch: ' . $state->csrfToken . ' vs ' . $_SESSION['cdash']['csrfToken'], 'googleAuthenticate', LOG_ERR);
return;
}
$redirectURI = strtok(get_server_URI(false), '?');
// The return value of get_server_URI can be inconsistent.
// It simply returns $CDASH_BASE_URL if that variable is set, yielding a
// return value like http://mydomain.com/CDash.
// If this variable is not set, then it will return the full URI including
// the current script, ie
// http://mydomain.com/CDash/googleauth_callback.php.
//
// Make sure that redirectURI contains the path to our callback script.
if (strpos($redirectURI, 'googleauth_callback.php') === false) {
$redirectURI .= '/googleauth_callback.php';
}
try {
$config = new Google_Config();
if ($CDASH_MEMCACHE_ENABLED) {
$config->setCacheClass('Google_Cache_Memcache');
list($server, $port) = $CDASH_MEMCACHE_SERVER;
$config->setClassConfig('Google_Cache_Memcache', 'host', $server);
$config->setClassConfig('Google_Cache_Memcache', 'port', $port);
}
$client = new Google_Client($config);
$client->setClientId($GOOGLE_CLIENT_ID);
$client->setClientSecret($GOOGLE_CLIENT_SECRET);
$client->setRedirectUri($redirectURI);
$client->authenticate($_GET['code']);
$oauth = new Google_Service_Oauth2($client);
$me = $oauth->userinfo->get();
$tokenResponse = json_decode($client->getAccessToken());
} catch (Google_Auth_Exception $e) {
add_log('Google access token request failed: ' . $e->getMessage(), 'googleAuthenticate', LOG_ERR);
return;
}
// Check if this email address appears in our user database
$email = strtolower($me->getEmail());
$db = pdo_connect("{$CDASH_DB_HOST}", "{$CDASH_DB_LOGIN}", "{$CDASH_DB_PASS}");
pdo_select_db("{$CDASH_DB_NAME}", $db);
$sql = 'SELECT id,password FROM ' . qid('user') . " WHERE email='" . pdo_real_escape_string($email) . "'";
$result = pdo_query("{$sql}");
if (pdo_num_rows($result) == 0) {
// if no match is found, redirect to pre-filled out registration page
pdo_free_result($result);
$firstname = $me->getGivenName();
$lastname = $me->getFamilyName();
header("Location: register.php?firstname={$firstname}&lastname={$lastname}&email={$email}");
return false;
}
$user_array = pdo_fetch_array($result);
$pass = $user_array['password'];
if ($state->rememberMe) {
require_once 'include/login_functions.php';
setRememberMeCookie($user_array['id']);
}
$sessionArray = array('login' => $email, 'passwd' => $user_array['password'], 'ID' => session_id(), 'valid' => 1, 'loginid' => $user_array['id']);
$_SESSION['cdash'] = $sessionArray;
session_write_close();
pdo_free_result($result);
header("Location: {$state->requestedURI}");
return true;
// authentication succeeded
}
