public function bootstrap() { $config = $this->getConfig(); $enabled = $config->get('cas-enabled'); if (in_array($enabled, array('all', 'staff'))) { require_once 'cas.php'; CasStaffAuthBackend::bootstrap($this->getConfig()); StaffAuthenticationBackend::register(new CasStaffAuthBackend()); } if (in_array($enabled, array('all', 'client'))) { require_once 'cas.php'; CasClientAuthBackend::bootstrap($this->getConfig()); UserAuthenticationBackend::register(new CasClientAuthBackend()); } }
public function defaultAction() { $loader = new \Twig_Loader_Filesystem(EQUIPMENT_VIEWS_DIR); $twig = new \Twig_Environment($loader); $args = array(); $args['title'] = 'Plugin Maintenance'; global $ost; $staff = \StaffAuthenticationBackend::getUser(); $tocken = $ost->getCSRF(); $args['staff'] = $staff; $args['linktoken'] = $ost->getLinkToken(); $args['tocken'] = $tocken->getToken(); $args['tocken_name'] = $tocken->getTokenName(); echo $twig->render('maintenanceTemplate.html.twig', $args); }
public function render($template, $args = array()) { $loader = new \Twig_Loader_Filesystem(EQUIPMENT_VIEWS_DIR); $twig = new \Twig_Environment($loader); global $ost; $staff = \StaffAuthenticationBackend::getUser(); $tocken = $ost->getCSRF(); $args['staff'] = $staff; $args['linktoken'] = $ost->getLinkToken(); $args['tocken'] = $tocken->getToken(); $args['tocken_name'] = $tocken->getTokenName(); if (!empty($_SESSION['flash'])) { $args['flash'] = $_SESSION['flash']; unset($_SESSION['flash']); } echo $twig->render($template, $args); }
$dest = $dest && (!strstr($dest, 'login.php') && !strstr($dest, 'ajax.php')) ? $dest : 'index.php'; $show_reset = false; if ($_POST) { // Lookup support backends for this staff $username = trim($_POST['userid']); if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) { session_write_close(); Http::redirect($dest); require_once 'index.php'; //Just incase header is messed up. exit; } $msg = $errors['err'] ? $errors['err'] : 'Invalid login'; $show_reset = true; } elseif ($_GET['do']) { switch ($_GET['do']) { case 'ext': // Lookup external backend if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk'])) { $bk->triggerAuth(); } } Http::redirect('login.php'); } elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) { if (($user = StaffAuthenticationBackend::processSignOn($errors, false)) && $user instanceof StaffSession) { @header("Location: {$dest}"); } } define("OSTSCPINC", TRUE); //Make includes happy! include_once INCLUDE_DIR . 'staff/login.tpl.php';
/* First order of the day is see if the user is logged in and with a valid session. * User must be valid staff beyond this point * ONLY super admins can access the helpdesk on offline state. */ if (!function_exists('staffLoginPage')) { //Ajax interface can pre-declare the function to trap expired sessions. function staffLoginPage($msg) { global $ost, $cfg; $_SESSION['_staff']['auth']['dest'] = '/' . ltrim($_SERVER['REQUEST_URI'], '/'); $_SESSION['_staff']['auth']['msg'] = $msg; require SCP_DIR . 'login.php'; exit; } } $thisstaff = StaffAuthenticationBackend::getUser(); //1) is the user Logged in for real && is staff. if (!$thisstaff || !$thisstaff->getId() || !$thisstaff->isValid()) { if (isset($_SESSION['_staff']['auth']['msg'])) { $msg = $_SESSION['_staff']['auth']['msg']; unset($_SESSION['_staff']['auth']['msg']); } elseif ($thisstaff && !$thisstaff->isValid()) { $msg = 'Session timed out due to inactivity'; } else { $msg = 'Authentication Required'; } staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if (!$thisstaff->isAdmin()) {
function getAuthBackend() { list($authkey, ) = explode(':', $this->getAuthKey()); return StaffAuthenticationBackend::getBackend($authkey); }
function addRemoteCollaborator($tid, $bk, $id) { global $thisstaff; if (!($ticket = Ticket::lookup($tid)) || !$ticket->checkStaffAccess($thisstaff)) { Http::response(404, 'No such ticket'); } elseif (!$bk || !$id) { Http::response(422, 'Backend and user id required'); } elseif (!($backend = StaffAuthenticationBackend::getBackend($bk))) { Http::response(404, 'User not found'); } $user_info = $backend->lookup($id); $form = UserForm::getUserForm()->getForm($user_info); $info = array(); if (!$user_info) { $info['error'] = 'Unable to find user in directory'; } return self::_addcollaborator($ticket, null, $form, $info); }
case 'sendmail': if ($staff = Staff::lookup($_POST['userid'])) { if (!$staff->hasPassword()) { $msg = 'Unable to reset password. Contact your administrator'; } elseif (!$staff->sendResetEmail()) { $tpl = 'pwreset.sent.php'; } } else { $msg = 'Unable to verify username ' . Format::htmlchars($_POST['userid']); } break; case 'newpasswd': // TODO: Compare passwords $tpl = 'pwreset.login.php'; $errors = array(); if ($staff = StaffAuthenticationBackend::processSignOn($errors)) { $info = array('page' => 'index.php'); Http::redirect($info['page']); } elseif (isset($errors['msg'])) { $msg = $errors['msg']; } break; } } elseif ($_GET['token']) { $msg = 'Please enter your username or email'; $_config = new Config('pwreset'); if (($id = $_config->get($_GET['token'])) && ($staff = Staff::lookup($id))) { // TODO: Detect staff confirmation (for welcome email) $tpl = 'pwreset.login.php'; } else { header('Location: index.php');
function login($staff, $bk) { $_SESSION['_staff']['reset-token'] = $_POST['token']; Signal::send('auth.pwreset.login', $staff); return parent::login($staff, $bk); }
?> " placeholder="username" autocorrect="off" autocapitalize="off"> <input type="password" name="passwd" id="pass" placeholder="password" autocorrect="off" autocapitalize="off"> <?php if ($show_reset && $cfg->allowPasswordReset()) { ?> <h3 style="display:inline"><a href="pwreset.php">Forgot my password</a></h3> <?php } ?> <input class="submit" type="submit" name="submit" value="Log In"> </fieldset> </form> <?php $ext_bks = array(); foreach (StaffAuthenticationBackend::allRegistered() as $bk) { if ($bk instanceof ExternalAuthentication) { $ext_bks[] = $bk; } } if (count($ext_bks)) { ?> <div class="or"> <hr/> </div><?php foreach ($ext_bks as $bk) { ?> <div class="external-auth"><?php $bk->renderExternalLink(); ?> </div><?php
public function listNotBelongingJsonAction() { $properties = array(); $staff = \StaffAuthenticationBackend::getUser(); if (isset($staff)) { $items = \model\Equipment::findByNotStaffId($staff->getId()); } foreach ($items as $item) { $properties[] = $item->getJsonProperties(); } echo json_encode($properties); }
if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) { session_write_close(); Http::redirect($dest); require_once('index.php'); //Just incase header is messed up. exit; } $msg = $errors['err']?$errors['err']:__('Invalid login'); $show_reset = true; } elseif ($_GET['do']) { switch ($_GET['do']) { case 'ext': // Lookup external backend if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk'])) $bk->triggerAuth(); } Http::redirect('login.php'); } // Consider single sign-on authentication backends elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) { if (($user = StaffAuthenticationBackend::processSignOn($errors, false)) && ($user instanceof StaffSession)) @header("Location: $dest"); } define("OSTSCPINC",TRUE); //Make includes happy! include_once(INCLUDE_DIR.'staff/login.tpl.php'); ?>
function bootstrap() { $config = $this->getConfig(); if ($config->get('multiauth-staff')) { StaffAuthenticationBackend::register(new StaffLDAPMultiAuthentication($config)); } if ($config->get('multiauth-client')) { UserAuthenticationBackend::register(new ClientLDAPMultiAuthentication($config)); } }