public function bootstrap()
 {
     $config = $this->getConfig();
     $enabled = $config->get('cas-enabled');
     if (in_array($enabled, array('all', 'staff'))) {
         require_once 'cas.php';
         CasStaffAuthBackend::bootstrap($this->getConfig());
         StaffAuthenticationBackend::register(new CasStaffAuthBackend());
     }
     if (in_array($enabled, array('all', 'client'))) {
         require_once 'cas.php';
         CasClientAuthBackend::bootstrap($this->getConfig());
         UserAuthenticationBackend::register(new CasClientAuthBackend());
     }
 }
 public function defaultAction()
 {
     $loader = new \Twig_Loader_Filesystem(EQUIPMENT_VIEWS_DIR);
     $twig = new \Twig_Environment($loader);
     $args = array();
     $args['title'] = 'Plugin Maintenance';
     global $ost;
     $staff = \StaffAuthenticationBackend::getUser();
     $tocken = $ost->getCSRF();
     $args['staff'] = $staff;
     $args['linktoken'] = $ost->getLinkToken();
     $args['tocken'] = $tocken->getToken();
     $args['tocken_name'] = $tocken->getTokenName();
     echo $twig->render('maintenanceTemplate.html.twig', $args);
 }
 public function render($template, $args = array())
 {
     $loader = new \Twig_Loader_Filesystem(EQUIPMENT_VIEWS_DIR);
     $twig = new \Twig_Environment($loader);
     global $ost;
     $staff = \StaffAuthenticationBackend::getUser();
     $tocken = $ost->getCSRF();
     $args['staff'] = $staff;
     $args['linktoken'] = $ost->getLinkToken();
     $args['tocken'] = $tocken->getToken();
     $args['tocken_name'] = $tocken->getTokenName();
     if (!empty($_SESSION['flash'])) {
         $args['flash'] = $_SESSION['flash'];
         unset($_SESSION['flash']);
     }
     echo $twig->render($template, $args);
 }
Example #4
0
$dest = $dest && (!strstr($dest, 'login.php') && !strstr($dest, 'ajax.php')) ? $dest : 'index.php';
$show_reset = false;
if ($_POST) {
    // Lookup support backends for this staff
    $username = trim($_POST['userid']);
    if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) {
        session_write_close();
        Http::redirect($dest);
        require_once 'index.php';
        //Just incase header is messed up.
        exit;
    }
    $msg = $errors['err'] ? $errors['err'] : 'Invalid login';
    $show_reset = true;
} elseif ($_GET['do']) {
    switch ($_GET['do']) {
        case 'ext':
            // Lookup external backend
            if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk'])) {
                $bk->triggerAuth();
            }
    }
    Http::redirect('login.php');
} elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
    if (($user = StaffAuthenticationBackend::processSignOn($errors, false)) && $user instanceof StaffSession) {
        @header("Location: {$dest}");
    }
}
define("OSTSCPINC", TRUE);
//Make includes happy!
include_once INCLUDE_DIR . 'staff/login.tpl.php';
Example #5
0
/* First order of the day is see if the user is logged in and with a valid session.
    * User must be valid staff beyond this point
    * ONLY super admins can access the helpdesk on offline state.
*/
if (!function_exists('staffLoginPage')) {
    //Ajax interface can pre-declare the function to  trap expired sessions.
    function staffLoginPage($msg)
    {
        global $ost, $cfg;
        $_SESSION['_staff']['auth']['dest'] = '/' . ltrim($_SERVER['REQUEST_URI'], '/');
        $_SESSION['_staff']['auth']['msg'] = $msg;
        require SCP_DIR . 'login.php';
        exit;
    }
}
$thisstaff = StaffAuthenticationBackend::getUser();
//1) is the user Logged in for real && is staff.
if (!$thisstaff || !$thisstaff->getId() || !$thisstaff->isValid()) {
    if (isset($_SESSION['_staff']['auth']['msg'])) {
        $msg = $_SESSION['_staff']['auth']['msg'];
        unset($_SESSION['_staff']['auth']['msg']);
    } elseif ($thisstaff && !$thisstaff->isValid()) {
        $msg = 'Session timed out due to inactivity';
    } else {
        $msg = 'Authentication Required';
    }
    staffLoginPage($msg);
    exit;
}
//2) if not super admin..check system status and group status
if (!$thisstaff->isAdmin()) {
Example #6
0
 function getAuthBackend()
 {
     list($authkey, ) = explode(':', $this->getAuthKey());
     return StaffAuthenticationBackend::getBackend($authkey);
 }
Example #7
0
 function addRemoteCollaborator($tid, $bk, $id)
 {
     global $thisstaff;
     if (!($ticket = Ticket::lookup($tid)) || !$ticket->checkStaffAccess($thisstaff)) {
         Http::response(404, 'No such ticket');
     } elseif (!$bk || !$id) {
         Http::response(422, 'Backend and user id required');
     } elseif (!($backend = StaffAuthenticationBackend::getBackend($bk))) {
         Http::response(404, 'User not found');
     }
     $user_info = $backend->lookup($id);
     $form = UserForm::getUserForm()->getForm($user_info);
     $info = array();
     if (!$user_info) {
         $info['error'] = 'Unable to find user in directory';
     }
     return self::_addcollaborator($ticket, null, $form, $info);
 }
Example #8
0
        case 'sendmail':
            if ($staff = Staff::lookup($_POST['userid'])) {
                if (!$staff->hasPassword()) {
                    $msg = 'Unable to reset password. Contact your administrator';
                } elseif (!$staff->sendResetEmail()) {
                    $tpl = 'pwreset.sent.php';
                }
            } else {
                $msg = 'Unable to verify username ' . Format::htmlchars($_POST['userid']);
            }
            break;
        case 'newpasswd':
            // TODO: Compare passwords
            $tpl = 'pwreset.login.php';
            $errors = array();
            if ($staff = StaffAuthenticationBackend::processSignOn($errors)) {
                $info = array('page' => 'index.php');
                Http::redirect($info['page']);
            } elseif (isset($errors['msg'])) {
                $msg = $errors['msg'];
            }
            break;
    }
} elseif ($_GET['token']) {
    $msg = 'Please enter your username or email';
    $_config = new Config('pwreset');
    if (($id = $_config->get($_GET['token'])) && ($staff = Staff::lookup($id))) {
        // TODO: Detect staff confirmation (for welcome email)
        $tpl = 'pwreset.login.php';
    } else {
        header('Location: index.php');
Example #9
0
 function login($staff, $bk)
 {
     $_SESSION['_staff']['reset-token'] = $_POST['token'];
     Signal::send('auth.pwreset.login', $staff);
     return parent::login($staff, $bk);
 }
Example #10
0
?>
" placeholder="username" autocorrect="off" autocapitalize="off">
            <input type="password" name="passwd" id="pass" placeholder="password" autocorrect="off" autocapitalize="off">
            <?php 
if ($show_reset && $cfg->allowPasswordReset()) {
    ?>
            <h3 style="display:inline"><a href="pwreset.php">Forgot my password</a></h3>
            <?php 
}
?>
            <input class="submit" type="submit" name="submit" value="Log In">
        </fieldset>
    </form>
<?php 
$ext_bks = array();
foreach (StaffAuthenticationBackend::allRegistered() as $bk) {
    if ($bk instanceof ExternalAuthentication) {
        $ext_bks[] = $bk;
    }
}
if (count($ext_bks)) {
    ?>
<div class="or">
    <hr/>
</div><?php 
    foreach ($ext_bks as $bk) {
        ?>
<div class="external-auth"><?php 
        $bk->renderExternalLink();
        ?>
</div><?php 
 public function listNotBelongingJsonAction()
 {
     $properties = array();
     $staff = \StaffAuthenticationBackend::getUser();
     if (isset($staff)) {
         $items = \model\Equipment::findByNotStaffId($staff->getId());
     }
     foreach ($items as $item) {
         $properties[] = $item->getJsonProperties();
     }
     echo json_encode($properties);
 }
Example #12
0
    if ($user = StaffAuthenticationBackend::process($username,
            $_POST['passwd'], $errors)) {
        session_write_close();
        Http::redirect($dest);
        require_once('index.php'); //Just incase header is messed up.
        exit;
    }

    $msg = $errors['err']?$errors['err']:__('Invalid login');
    $show_reset = true;
}
elseif ($_GET['do']) {
    switch ($_GET['do']) {
    case 'ext':
        // Lookup external backend
        if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk']))
            $bk->triggerAuth();
    }
    Http::redirect('login.php');
}
// Consider single sign-on authentication backends
elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
    if (($user = StaffAuthenticationBackend::processSignOn($errors, false))
            && ($user instanceof StaffSession))
       @header("Location: $dest");
}

define("OSTSCPINC",TRUE); //Make includes happy!
include_once(INCLUDE_DIR.'staff/login.tpl.php');
?>
 function bootstrap()
 {
     $config = $this->getConfig();
     if ($config->get('multiauth-staff')) {
         StaffAuthenticationBackend::register(new StaffLDAPMultiAuthentication($config));
     }
     if ($config->get('multiauth-client')) {
         UserAuthenticationBackend::register(new ClientLDAPMultiAuthentication($config));
     }
 }