/**
* Format is "auth user@example.com password"
*
* @param Net_SmartIRC $irc
* @param Net_SmartIRC_data $data
*/
public final function auth(Net_SmartIRC $irc, Net_SmartIRC_data $data)
{
if (count($data->messageex) != 3) {
$this->sendResponse($data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".');
return;
}
$email = $data->messageex[1];
$password = $data->messageex[2];
// check if the email exists
if (!Auth::userExists($email)) {
$this->sendResponse($data->nick, 'Error: could not find a user account for the given email address "$email".');
return;
}
// check if the given password is correct
if (!Auth::isCorrectPassword($email, $password)) {
$this->sendResponse($data->nick, 'Error: The email address / password combination could not be found in the system.');
return;
}
// check if the user account is activated
if (!Auth::isActiveUser($email)) {
$this->sendResponse($data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.');
return;
}
$this->bot->addUser($data, $email);
$this->sendResponse($data->nick, 'Thank you, you have been successfully authenticated.');
}
/**
* Performs standard checks when a user logins
*/
public static function login($login)
{
// handle aliases since the user is now authenticated
$login = User::getEmail(Auth::getUserIDByLogin($login));
// check if this user did already confirm his account
if (Auth::isPendingUser($login)) {
Auth::saveLoginAttempt($login, 'failure', 'pending user');
Auth::redirect('index.php?err=9');
}
// check if this user is really an active one
if (!Auth::isActiveUser($login)) {
Auth::saveLoginAttempt($login, 'failure', 'inactive user');
Auth::redirect('index.php?err=7');
}
Auth::saveLoginAttempt($login, 'success');
$remember = !empty($_POST['remember']);
Auth::createLoginCookie(APP_COOKIE, $login, $remember);
Session::init(User::getUserIDByEmail($login));
}
/**
* Method used to check for the appropriate authentication for a specific
* page. It will check for the cookie name provided and redirect the user
* to another page if needed.
*
* @access public
* @param string $cookie_name The name of the cookie to check for
* @param string $failed_url The URL to redirect to if the user is not authenticated
* @param boolean $is_popup Flag to tell the function if the current page is a popup window or not
* @return void
*/
function checkAuthentication($cookie_name, $failed_url = NULL, $is_popup = false)
{
global $HTTP_COOKIE_VARS;
if ($failed_url == NULL) {
$failed_url = APP_RELATIVE_URL . "index.php?err=5";
}
$failed_url .= "&url=" . Auth::getRequestedURL();
if (!isset($HTTP_COOKIE_VARS[$cookie_name])) {
Auth::redirect($failed_url, $is_popup);
}
$cookie = $HTTP_COOKIE_VARS[$cookie_name];
$cookie = unserialize(base64_decode($cookie));
if (!Auth::isValidCookie($cookie)) {
Auth::removeCookie($cookie_name);
Auth::redirect($failed_url, $is_popup);
}
if (Auth::isPendingUser($cookie["email"])) {
Auth::removeCookie($cookie_name);
Auth::redirect(APP_RELATIVE_URL . "index.php?err=9", $is_popup);
}
if (!Auth::isActiveUser($cookie["email"])) {
Auth::removeCookie($cookie_name);
Auth::redirect(APP_RELATIVE_URL . "index.php?err=7", $is_popup);
}
// check whether the project selection is set or not
$prj_id = Auth::getCurrentProject();
if (empty($prj_id)) {
// redirect to select project page
Auth::redirect(APP_RELATIVE_URL . "select_project.php?url=" . Auth::getRequestedURL(), $is_popup);
}
// check the expiration date for a 'Customer' type user
$customer_id = User::getCustomerID(Auth::getUserID());
if (!empty($customer_id) && $customer_id != -1) {
$status = Customer::getContractStatus($prj_id, $customer_id);
if ($status == 'expired') {
Auth::removeCookie($cookie_name);
Auth::redirect(APP_RELATIVE_URL . "index.php?err=10&email=" . $cookie["email"], $is_popup);
}
}
// auto switch project
if (isset($_GET['switch_prj_id'])) {
Auth::setCurrentProject($_GET['switch_prj_id'], false);
Auth::redirect($_SERVER['PHP_SELF'] . '?' . str_replace("switch_prj_id=" . $_GET['switch_prj_id'], "", $_SERVER['QUERY_STRING']));
}
// if the current session is still valid, then renew the expiration
Auth::createLoginCookie($cookie_name, $cookie['email'], $cookie['autologin']);
// renew the project cookie as well
$prj_cookie = Auth::getCookieInfo(APP_PROJECT_COOKIE);
Auth::setCurrentProject($prj_id, $prj_cookie["remember"]);
}
public function authenticate(&$irc, &$data)
{
global $auth;
$pieces = explode(' ', $data->message);
if (count($pieces) != 3) {
$this->sendResponse($irc, $data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".');
return;
}
$email = $pieces[1];
$password = $pieces[2];
// check if the email exists
if (!Auth::userExists($email)) {
$this->sendResponse($irc, $data->nick, 'Error: could not find a user account for the given email address "$email".');
return;
}
// check if the given password is correct
if (!Auth::isCorrectPassword($email, $password)) {
$this->sendResponse($irc, $data->nick, 'Error: The email address / password combination could not be found in the system.');
return;
}
// check if the user account is activated
if (!Auth::isActiveUser($email)) {
$this->sendResponse($irc, $data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.');
return;
} else {
$auth[$data->nick] = $email;
$this->sendResponse($irc, $data->nick, 'Thank you, you have been successfully authenticated.');
return;
}
}
Auth::redirect(APP_RELATIVE_URL . "index.php?err=2&email=" . $HTTP_POST_VARS["email"]);
}
// check if user exists
if (!Auth::userExists($HTTP_POST_VARS["email"])) {
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'unknown user');
Auth::redirect(APP_RELATIVE_URL . "index.php?err=3");
}
// check if the password matches
if (!Auth::isCorrectPassword($HTTP_POST_VARS["email"], $HTTP_POST_VARS["passwd"])) {
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'wrong password');
Auth::redirect(APP_RELATIVE_URL . "index.php?err=3&email=" . $HTTP_POST_VARS["email"]);
}
// check if this user did already confirm his account
if (Auth::isPendingUser($HTTP_POST_VARS["email"])) {
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'pending user');
Auth::redirect(APP_RELATIVE_URL . "index.php?err=9", $is_popup);
}
// check if this user is really an active one
if (!Auth::isActiveUser($HTTP_POST_VARS["email"])) {
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'inactive user');
Auth::redirect(APP_RELATIVE_URL . "index.php?err=7", $is_popup);
}
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'success');
// redirect to the initial page
@Auth::createLoginCookie(APP_COOKIE, $HTTP_POST_VARS["email"], $HTTP_POST_VARS["remember_login"]);
if (!empty($HTTP_POST_VARS["url"])) {
$extra = '?url=' . urlencode($HTTP_POST_VARS["url"]);
} else {
$extra = '';
}
Auth::redirect(APP_RELATIVE_URL . "select_project.php" . $extra);
/**
* Authorize request.
* TODO: translations
* TODO: ip based control
*/
function authorizeRequest()
{
// try current auth cookie
$usr_id = Auth::getUserID();
if (!$usr_id) {
// otherwise setup HTTP Auth headers
$authData = getAuthData();
if ($authData === null) {
sendAuthenticateHeader();
echo 'Error: You are required to authenticate in order to access the requested RSS feed.';
exit;
}
list($authUser, $authPassword) = $authData;
// check the authentication
if (Validation::isWhitespace($authUser)) {
sendAuthenticateHeader();
echo 'Error: Please provide your email address.';
exit;
}
if (Validation::isWhitespace($authPassword)) {
sendAuthenticateHeader();
echo 'Error: Please provide your password.';
exit;
}
// check if user exists
if (!Auth::userExists($authUser)) {
sendAuthenticateHeader();
echo 'Error: The user specified does not exist.';
exit;
}
// check if the password matches
if (!Auth::isCorrectPassword($authUser, $authPassword)) {
sendAuthenticateHeader();
echo 'Error: The provided email address/password combo is not correct.';
exit;
}
// check if this user did already confirm his account
if (Auth::isPendingUser($authUser)) {
sendAuthenticateHeader();
echo 'Error: The provided user still needs to have its account confirmed.';
exit;
}
// check if this user is really an active one
if (!Auth::isActiveUser($authUser)) {
sendAuthenticateHeader();
echo 'Error: The provided user is currently set as an inactive user.';
exit;
}
$usr_id = User::getUserIDByEmail($authUser);
Auth::createFakeCookie($usr_id);
}
// check if the required parameter 'custom_id' is really being passed
if (empty($_GET['custom_id'])) {
rssError("Error: The required 'custom_id' parameter was not provided.");
exit;
}
// check if the passed 'custom_id' parameter is associated with the usr_id
if (!Filter::isGlobal($_GET['custom_id']) && !Filter::isOwner($_GET['custom_id'], $usr_id)) {
rssError('Error: The provided custom filter ID is not associated with the given email address.');
exit;
}
}
exit;
}
// check if the password matches
if (!Auth::isCorrectPassword($HTTP_SERVER_VARS['PHP_AUTH_USER'], $HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
authenticate();
echo 'Error: The provided email address/password combo is not correct.';
exit;
}
// check if this user did already confirm his account
if (Auth::isPendingUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
authenticate();
echo 'Error: The provided user still needs to have its account confirmed.';
exit;
}
// check if this user is really an active one
if (!Auth::isActiveUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
authenticate();
echo 'Error: The provided user is currently set as an inactive user.';
exit;
}
// check if the required parameter 'custom_id' is really being passed
if (empty($HTTP_GET_VARS['custom_id'])) {
returnError("Error: The required 'custom_id' parameter was not provided.");
exit;
}
$usr_id = User::getUserIDByEmail($HTTP_SERVER_VARS['PHP_AUTH_USER']);
// check if the passed 'custom_id' parameter is associated with the usr_id
if (!Filter::isGlobal($HTTP_GET_VARS['custom_id']) && !Filter::isOwner($HTTP_GET_VARS['custom_id'], $usr_id)) {
returnError('Error: The provided custom filter ID is not associated with the given email address.');
exit;
}
