public function switchAction($action, $httpVars, $fileVars)
 {
     switch ($action) {
         case "logout":
             AuthService::disconnect();
             $loggingResult = 2;
             session_destroy();
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::loggingResult($loggingResult, null, null, null);
             AJXP_XMLWriter::close();
             break;
         case "get_seed":
             $seed = AuthService::generateSeed();
             if (AuthService::suspectBruteForceLogin()) {
                 HTMLWriter::charsetHeader('application/json');
                 print json_encode(array("seed" => $seed, "captcha" => true));
             } else {
                 HTMLWriter::charsetHeader("text/plain");
                 print $seed;
             }
             break;
         case "get_captcha":
             include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
             CaptchaProvider::sendCaptcha();
             //exit(0) ;
             break;
         case "back":
             AJXP_XMLWriter::header("url");
             echo AuthService::getLogoutAddress(false);
             AJXP_XMLWriter::close("url");
             //exit(1);
             break;
         default:
             break;
     }
     return "";
 }
 function tryToLogUser(&$httpVars, $isLast = false)
 {
     // CATCH THE STANDARD LOGIN OPERATION
     if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") {
         return false;
     }
     if (AJXP_Utils::userAgentIsNativePydioApp()) {
         return false;
     }
     $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
     $duoActive = false;
     if (!empty($userId)) {
         $uObject = ConfService::getConfStorageImpl()->createUserObject($userId);
         if ($uObject != null) {
             $duoActive = $uObject->mergedRole->filterParameterValue("authfront.duosecurity", "DUO_AUTH_ACTIVE", AJXP_REPO_SCOPE_ALL, false);
         }
     }
     if (!$duoActive) {
         return false;
     }
     $rememberLogin = "";
     $rememberPass = "";
     $secureToken = "";
     $loggedUser = null;
     include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
     if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
         $loggingResult = -4;
     } else {
         $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
         $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
         $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
         $cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
         $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
         if ($rememberMe && $loggingResult == 1) {
             $rememberLogin = "******";
             $rememberPass = "******";
         }
         if ($loggingResult == 1) {
             session_regenerate_id(true);
             $secureToken = AuthService::generateSecureToken();
         }
         if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
             $loggingResult = -4;
             // Force captcha reload
         }
     }
     $loggedUser = AuthService::getLoggedUser();
     if ($loggedUser != null) {
         $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if (isset($httpVars["tmp_repository_id"])) {
             $passId = $httpVars["tmp_repository_id"];
         } else {
             if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
                 $passId = $force;
             }
         }
         $res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
         if (!$res) {
             AuthService::disconnect();
             $loggingResult = -3;
         }
     }
     if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
         AuthService::refreshRememberCookie($loggedUser);
     }
     AJXP_XMLWriter::header();
     AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
     AJXP_XMLWriter::close();
     if ($loggingResult > 0 && $loggedUser != null) {
         require_once $this->getBaseDir() . "/duo_php/duo_web.php";
         $appUnique = $this->getFilteredOption("DUO_AUTH_AKEY");
         $iKey = $this->getFilteredOption("DUO_AUTH_IKEY");
         $sKey = $this->getFilteredOption("DUO_AUTH_SKEY");
         $res = Duo::signRequest($iKey, $sKey, $appUnique, $loggedUser->getId());
         $loggedUser->personalRole->setParameterValue("authfront.duosecurity", "DUO_AUTH_LAST_SIGNATURE", $res);
         $loggedUser->setLock("duo_show_iframe");
         $loggedUser->save("superuser");
     }
     //        if($loggingResult > 0 || $isLast){
     exit;
     //       }
 }
 public function switchAction($action, $httpVars, $fileVars)
 {
     if (!isset($this->actions[$action])) {
         return;
     }
     $mess = ConfService::getMessages();
     switch ($action) {
         case "login":
             if (!AuthService::usersEnabled()) {
                 return;
             }
             $rememberLogin = "";
             $rememberPass = "";
             $secureToken = "";
             $loggedUser = null;
             include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
             if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
                 $loggingResult = -4;
             } else {
                 $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
                 $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
                 $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
                 $cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
                 $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
                 if ($rememberMe && $loggingResult == 1) {
                     $rememberLogin = "******";
                     $rememberPass = "******";
                     $loggedUser = AuthService::getLoggedUser();
                 }
                 if ($loggingResult == 1) {
                     session_regenerate_id(true);
                     $secureToken = AuthService::generateSecureToken();
                 }
                 if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
                     $loggingResult = -4;
                     // Force captcha reload
                 }
             }
             $loggedUser = AuthService::getLoggedUser();
             if ($loggedUser != null) {
                 $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
                 $passId = -1;
                 if (isset($httpVars["tmp_repository_id"])) {
                     $passId = $httpVars["tmp_repository_id"];
                 } else {
                     if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
                         $passId = $force;
                     }
                 }
                 $res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
                 if (!$res) {
                     AuthService::disconnect();
                     $loggingResult = -3;
                 }
             }
             if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
                 AuthService::refreshRememberCookie($loggedUser);
             }
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
             AJXP_XMLWriter::close();
             break;
             //------------------------------------
             //	CHANGE USER PASSWORD
             //------------------------------------
         //------------------------------------
         //	CHANGE USER PASSWORD
         //------------------------------------
         case "pass_change":
             $userObject = AuthService::getLoggedUser();
             if ($userObject == null || $userObject->getId() == "guest") {
                 header("Content-Type:text/plain");
                 print "SUCCESS";
                 break;
             }
             $oldPass = $httpVars["old_pass"];
             $newPass = $httpVars["new_pass"];
             $passSeed = $httpVars["pass_seed"];
             if (strlen($newPass) < ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth")) {
                 header("Content-Type:text/plain");
                 print "PASS_ERROR";
                 break;
             }
             if (AuthService::checkPassword($userObject->getId(), $oldPass, false, $passSeed)) {
                 AuthService::updatePassword($userObject->getId(), $newPass);
                 if ($userObject->getLock() == "pass_change") {
                     $userObject->removeLock();
                     $userObject->save("superuser");
                 }
             } else {
                 header("Content-Type:text/plain");
                 print "PASS_ERROR";
                 break;
             }
             header("Content-Type:text/plain");
             print "SUCCESS";
             break;
         case "logout":
             AuthService::disconnect();
             $loggingResult = 2;
             session_destroy();
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::loggingResult($loggingResult, null, null, null);
             AJXP_XMLWriter::close();
             break;
         case "get_seed":
             $seed = AuthService::generateSeed();
             if (AuthService::suspectBruteForceLogin()) {
                 HTMLWriter::charsetHeader('application/json');
                 print json_encode(array("seed" => $seed, "captcha" => true));
             } else {
                 HTMLWriter::charsetHeader("text/plain");
                 print $seed;
             }
             //exit(0);
             break;
         case "get_secure_token":
             HTMLWriter::charsetHeader("text/plain");
             print AuthService::generateSecureToken();
             //exit(0);
             break;
         case "get_captcha":
             include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
             CaptchaProvider::sendCaptcha();
             //exit(0) ;
             break;
         case "back":
             AJXP_XMLWriter::header("url");
             echo AuthService::getLogoutAddress(false);
             AJXP_XMLWriter::close("url");
             //exit(1);
             break;
         default:
             break;
     }
     return "";
 }
Example #4
0
     exit(0);
 } else {
     if ($action == "logout") {
         AuthService::disconnect();
         $loggingResult = 2;
         session_destroy();
     } else {
         if ($action == "back") {
             AJXP_XMLWriter::header("url");
             echo AuthService::getLogoutAddress(false);
             AJXP_XMLWriter::close("url");
             exit(1);
         } else {
             if ($action == "login") {
                 include_once INSTALL_PATH . "/server/classes/class.CaptchaProvider.php";
                 if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
                     $loggingResult = -4;
                 } else {
                     $userId = isset($httpVars["userid"]) ? $httpVars["userid"] : null;
                     $userPass = isset($httpVars["password"]) ? $httpVars["password"] : null;
                     $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
                     $cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
                     $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
                     if ($rememberMe && $loggingResult == 1) {
                         $rememberLogin = $userId;
                         $loggedUser = AuthService::getLoggedUser();
                         $rememberPass = $loggedUser->getCookieString();
                     }
                     if ($loggingResult == 1) {
                         session_regenerate_id(true);
                         $secureToken = AuthService::generateSecureToken();