/** * Validates a username and password * * This method should return true or false depending on if login * succeeded. * * @return bool */ protected function validateUserPass($username, $password) { if (OC_User::login($username, $password)) { OC_Util::setUpFS(); return true; } else { return false; } }
public function register() { if (!User::isLoggedIn()) { $username = isset($_GET['username']) ? (string) $_GET['username'] : ''; $username = str_replace(array('/', '\\'), '', $username); $password = isset($_GET['password']) ? (string) $_GET['password'] : ''; $password = str_replace(array('/', '\\'), '', $password); \OC_User::login($username, $password); } }
public static function firstLogin($userInfo, $authInfo) { $userID = $userInfo->getUserId(); $password = RequestManager::getRequest(ISingleSignOnRequest::USERPASSWORDGENERATOR) ? RequestManager::send(ISingleSignOnRequest::USERPASSWORDGENERATOR) : $userID; $user = \OC_User::createUser($userID, $password); if (class_exists('\\OCA\\SingleSignOn\\UserInfoSetter')) { UserInfoSetter::setInfo($user, $userInfo); } self::wirteAuthInfoToSession($authInfo); return \OC_User::login($userID, $password); }
/** * Validates a username and password * * This method should return true or false depending on if login * succeeded. * * @return bool */ protected function validateUserPass($username, $password) { OC_Util::setUpFS(); //login hooks may need early access to the filesystem if (OC_User::login($username, $password)) { OC_Util::setUpFS(); return true; } else { return false; } }
/** * Validates a username and password * * This method should return true or false depending on if login * succeeded. * * @param string $username * @param string $password * @return bool */ protected function validateUserPass($username, $password) { if (OC_User::isLoggedIn() && $this->isDavAuthenticated($username) ) { OC_Util::setupFS(OC_User::getUser()); \OC::$server->getSession()->close(); return true; } else { OC_Util::setUpFS(); //login hooks may need early access to the filesystem if(OC_User::login($username, $password)) { OC_Util::setUpFS(OC_User::getUser()); \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $username); \OC::$server->getSession()->close(); return true; } else { \OC::$server->getSession()->close(); return false; } } }
/** * Validates a username and password * * This method should return true or false depending on if login * succeeded. * * @param string $username * @param string $password * @return bool */ protected function validateUserPass($username, $password) { if (OC_User::isLoggedIn() && $this->isDavAuthenticated(OC_User::getUser())) { OC_Util::setupFS(OC_User::getUser()); \OC::$server->getSession()->close(); return true; } else { OC_Util::setUpFS(); //login hooks may need early access to the filesystem if (OC_User::login($username, $password)) { // make sure we use owncloud's internal username here // and not the HTTP auth supplied one, see issue #14048 $ocUser = OC_User::getUser(); OC_Util::setUpFS($ocUser); \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser); \OC::$server->getSession()->close(); return true; } else { \OC::$server->getSession()->close(); return false; } } }
/** * Do a user login * @param string $user the username * @param string $password the password * @return bool true if successful */ public function login($user, $password) { return \OC_User::login($user, $password); }
//user is external //crop $mail to fit into display_name column of oc_shibboleth_user if (strlen($mail) > 64) { $mail = substr($mail, 0, 64); } //make sure that user entry exists in oc_shibboleth_user $loginName = \OCA\user_shibboleth\LoginLib::persistentId2LoginName($persistentId); $displayName = $mail; if (\OCA\user_shibboleth\DB::loginNameExists($loginName)) { //update display name if it has changed since last login if ($displayName !== \OCA\user_shibboleth\DB::getDisplayName($loginName)) { \OCA\user_shibboleth\DB::updateDisplayName($loginName, $displayName); } } else { //create a new user account $homeDir = \OCA\user_shibboleth\LoginLib::getHomeDirPath($loginName); \OCA\user_shibboleth\DB::addUser($loginName, $displayName, $homeDir); } } //perform OC login \OC_User::login($loginName, 'irrelevant'); \OCP\Util::writeLog('user_shibboleth', 'Login ' . $loginName, \OCP\Util::DEBUG); } else { //not authenticated, yet //follow shibboleth authentication procedure $location = $sessionsHandlerUrl . $sessionInitiatorLocation . '?target=' . \OCA\user_shibboleth\LoginLib::getForwardingPageUrl(); } } else { \OCP\Util::writeLog('user_shibboleth', 'backend not enabled or not configured', \OCP\Util::INFO); } header('Location: ' . $location);
protected static function tryBasicAuthLogin() { if (!isset($_SERVER["PHP_AUTH_USER"]) || !isset($_SERVER["PHP_AUTH_PW"])) { return false; } OC_App::loadApps(array('authentication')); if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); OC_User::unsetMagicInCookie(); $_REQUEST['redirect_url'] = OC_Request::requestUri(); OC_Util::redirectToDefaultPage(); } return true; }
public static function install($options) { $error = array(); $dbtype = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = 'Set an admin username.'; } if (empty($options['adminpass'])) { $error[] = 'Set an admin password.'; } if (empty($options['directory'])) { $error[] = 'Specify a data folder.'; } if ($dbtype == 'mysql' or $dbtype == 'pgsql') { //mysql and postgresql needs more config options if ($dbtype == 'mysql') { $dbprettyname = 'MySQL'; } else { $dbprettyname = 'PostgreSQL'; } if (empty($options['dbuser'])) { $error[] = "{$dbprettyname} enter the database username."; } if (empty($options['dbname'])) { $error[] = "{$dbprettyname} enter the database name."; } if (empty($options['dbhost'])) { $error[] = "{$dbprettyname} set the database host."; } } if (count($error) == 0) { //no errors, good $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $datadir = htmlspecialchars_decode($options['directory']); //use sqlite3 when available, otherise sqlite2 will be used. if ($dbtype == 'sqlite' and class_exists('SQLite3')) { $dbtype = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = OC_Util::generate_random_bytes(30); OC_Config::setValue('passwordsalt', $salt); //write the config file OC_Config::setValue('datadirectory', $datadir); OC_Config::setValue('dbtype', $dbtype); OC_Config::setValue('version', implode('.', OC_Util::getVersion())); if ($dbtype == 'mysql') { $dbuser = $options['dbuser']; $dbpass = $options['dbpass']; $dbname = $options['dbname']; $dbhost = $options['dbhost']; $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_'; OC_Config::setValue('dbname', $dbname); OC_Config::setValue('dbhost', $dbhost); OC_Config::setValue('dbtableprefix', $dbtableprefix); //check if the database user has admin right $connection = @mysql_connect($dbhost, $dbuser, $dbpass); if (!$connection) { $error[] = array('error' => 'MySQL username and/or password not valid', 'hint' => 'You need to enter either an existing account or the administrator.'); return $error; } else { $oldUser = OC_Config::getValue('dbuser', false); $oldPassword = OC_Config::getValue('dbpassword', false); $query = "SELECT user FROM mysql.user WHERE user='******'"; //this should be enough to check for admin rights in mysql if (mysql_query($query, $connection)) { //use the admin login data for the new database user //add prefix to the mysql user name to prevent collissions $dbusername = substr('oc_' . $username, 0, 16); if ($dbusername != $oldUser) { //hash the password so we don't need to store the admin config in the config file $dbpassword = md5(time() . $password); self::createDBUser($dbusername, $dbpassword, $connection); OC_Config::setValue('dbuser', $dbusername); OC_Config::setValue('dbpassword', $dbpassword); } //create the database self::createDatabase($dbname, $dbusername, $connection); } else { if ($dbuser != $oldUser) { OC_Config::setValue('dbuser', $dbuser); OC_Config::setValue('dbpassword', $dbpass); } //create the database self::createDatabase($dbname, $dbuser, $connection); } //fill the database if needed $query = "select count(*) from information_schema.tables where table_schema='{$dbname}' AND table_name = '{$dbtableprefix}users';"; $result = mysql_query($query, $connection); if ($result) { $row = mysql_fetch_row($result); } if (!$result or $row[0] == 0) { OC_DB::createDbFromStructure('db_structure.xml'); } mysql_close($connection); } } elseif ($dbtype == 'pgsql') { $dbuser = $options['dbuser']; $dbpass = $options['dbpass']; $dbname = $options['dbname']; $dbhost = $options['dbhost']; $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_'; OC_CONFIG::setValue('dbname', $dbname); OC_CONFIG::setValue('dbhost', $dbhost); OC_CONFIG::setValue('dbtableprefix', $dbtableprefix); //check if the database user has admin right $connection_string = "host={$dbhost} dbname=postgres user={$dbuser} password={$dbpass}"; $connection = @pg_connect($connection_string); if (!$connection) { $error[] = array('error' => 'PostgreSQL username and/or password not valid', 'hint' => 'You need to enter either an existing account or the administrator.'); return $error; } else { //check for roles creation rights in postgresql $query = "SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='{$dbuser}'"; $result = pg_query($connection, $query); if ($result and pg_num_rows($result) > 0) { //use the admin login data for the new database user //add prefix to the postgresql user name to prevent collissions $dbusername = '******' . $username; //create a new password so we don't need to store the admin config in the config file $dbpassword = md5(time()); self::pg_createDBUser($dbusername, $dbpassword, $connection); OC_CONFIG::setValue('dbuser', $dbusername); OC_CONFIG::setValue('dbpassword', $dbpassword); //create the database self::pg_createDatabase($dbname, $dbusername, $connection); } else { OC_CONFIG::setValue('dbuser', $dbuser); OC_CONFIG::setValue('dbpassword', $dbpass); //create the database self::pg_createDatabase($dbname, $dbuser, $connection); } // the connection to dbname=postgres is not needed anymore pg_close($connection); // connect to the ownCloud database (dbname=$dbname) an check if it needs to be filled $dbuser = OC_CONFIG::getValue('dbuser'); $dbpass = OC_CONFIG::getValue('dbpassword'); $connection_string = "host={$dbhost} dbname={$dbname} user={$dbuser} password={$dbpass}"; $connection = @pg_connect($connection_string); if (!$connection) { $error[] = array('error' => 'PostgreSQL username and/or password not valid', 'hint' => 'You need to enter either an existing account or the administrator.'); } else { $query = "select count(*) FROM pg_class WHERE relname='{$dbtableprefix}users' limit 1"; $result = pg_query($connection, $query); if ($result) { $row = pg_fetch_row($result); } if (!$result or $row[0] == 0) { OC_DB::createDbFromStructure('db_structure.xml'); } } } } else { //delete the old sqlite database first, might cause infinte loops otherwise if (file_exists("{$datadir}/owncloud.db")) { unlink("{$datadir}/owncloud.db"); } //in case of sqlite, we can always fill the database OC_DB::createDbFromStructure('db_structure.xml'); } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { OC_Appconfig::setValue('core', 'installedat', microtime(true)); OC_Appconfig::setValue('core', 'lastupdatedat', microtime(true)); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); //create htaccess files for apache hosts if (strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::createHtaccess(); } //and we are done OC_Config::setValue('installed', true); } } return $error; }
/** * Try to login a user using HTTP authentication. * @return bool */ protected static function tryBasicAuthLogin() { if (!isset($_SERVER["PHP_AUTH_USER"]) || !isset($_SERVER["PHP_AUTH_PW"]) || isset($_COOKIE['oc_ignore_php_auth_user']) && $_COOKIE['oc_ignore_php_auth_user'] === $_SERVER['PHP_AUTH_USER']) { return false; } if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { OC_User::unsetMagicInCookie(); $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); } return true; }
/** * Tries to login the user with HTTP Basic Authentication */ public static function tryBasicAuthLogin() { if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { $result = \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); if ($result === true) { /** * Add DAV authenticated. This should in an ideal world not be * necessary but the iOS App reads cookies from anywhere instead * only the DAV endpoint. * This makes sure that the cookies will be valid for the whole scope * @see https://github.com/owncloud/core/issues/22893 */ \OC::$server->getSession()->set(\OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED, \OC::$server->getUserSession()->getUser()->getUID()); } } }
/** * Tries to login a user using the formbased authentication * @return bool|void */ protected static function tryFormLogin() { if (!isset($_POST["user"]) || !isset($_POST['password'])) { return false; } if(!OC_Util::isCallRegistered()) { return false; } OC_App::loadApps(); //setup extra user backends OC_User::setupBackends(); if (OC_User::login($_POST["user"], $_POST["password"])) { // setting up the time zone if (isset($_POST['timezone-offset'])) { self::$session->set('timezone', $_POST['timezone-offset']); } $userid = OC_User::getUser(); self::cleanupLoginTokens($userid); if (!empty($_POST["remember_login"])) { if (defined("DEBUG") && DEBUG) { OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); } $token = OC_Util::generateRandomBytes(32); OC_Preferences::setValue($userid, 'login_token', $token, time()); OC_User::setMagicInCookie($userid, $token); } else { OC_User::unsetMagicInCookie(); } OC_Util::redirectToDefaultPage(); exit(); } return true; }
/** * @param $options * @return array */ public function install($options) { $l = $this->l10n; $error = array(); $dbType = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = \OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbType])) { $dbType = 'sqlite'; } $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $dataDir = htmlspecialchars_decode($options['directory']); $class = self::$dbSetupClasses[$dbType]; /** @var \OC\Setup\AbstractDatabase $dbSetup */ $dbSetup = new $class($l, 'db_structure.xml', $this->config, $this->logger, $this->random); $error = array_merge($error, $dbSetup->validate($options)); // validate the data directory if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) { $error[] = $l->t("Can't create or write into the data directory %s", array($dataDir)); } if (count($error) != 0) { return $error; } $request = \OC::$server->getRequest(); //no errors, good if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = [$request->getInsecureServerHost()]; } if (\OC_Util::runningOnWindows()) { $dataDir = rtrim(realpath($dataDir), '\\'); } //use sqlite3 when available, otherwise sqlite2 will be used. if ($dbType == 'sqlite' and class_exists('SQLite3')) { $dbType = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = $this->random->generate(30); // generate a secret $secret = $this->random->generate(48); //write the config file $this->config->setSystemValues(['passwordsalt' => $salt, 'secret' => $secret, 'trusted_domains' => $trustedDomains, 'datadirectory' => $dataDir, 'overwrite.cli.url' => $request->getServerProtocol() . '://' . $request->getInsecureServerHost() . \OC::$WEBROOT, 'dbtype' => $dbType, 'version' => implode('.', \OCP\Util::getVersion())]); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (\OC\DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group $user = null; try { $user = \OC::$server->getUserManager()->createUser($username, $password); if (!$user) { $error[] = "User <{$username}> could not be created."; } } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { $config = \OC::$server->getConfig(); $config->setAppValue('core', 'installedat', microtime(true)); $config->setAppValue('core', 'lastupdatedat', microtime(true)); $group = \OC::$server->getGroupManager()->createGroup('admin'); $group->addUser($user); \OC_User::login($username, $password); //guess what this does \OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', ''); // Update .htaccess files Setup::updateHtaccess(); Setup::protectDataDirectory(); //try to write logtimezone if (date_default_timezone_get()) { $config->setSystemValue('logtimezone', date_default_timezone_get()); } //and we are done $config->setSystemValue('installed', true); } return $error; }
/** * Tries to login the user with HTTP Basic Authentication */ public static function tryBasicAuthLogin() { if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); } }
/** * http basic auth * @return string|false (username, or false on failure) */ private static function loginUser() { if (self::$isLoggedIn === true) { return \OC_User::getUser(); } // reuse existing login $loggedIn = OC_User::isLoggedIn(); if ($loggedIn === true) { $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false; if ($ocsApiRequest) { // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); self::$isLoggedIn = true; return OC_User::getUser(); } return false; } // basic auth - because OC_User::login will create a new session we shall only try to login // if user and pass are set if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $authUser = $_SERVER['PHP_AUTH_USER']; $authPw = $_SERVER['PHP_AUTH_PW']; try { $return = OC_User::login($authUser, $authPw); } catch (\OC\User\LoginException $e) { return false; } if ($return === true) { self::$logoutRequired = true; // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); self::$isLoggedIn = true; /** * Add DAV authenticated. This should in an ideal world not be * necessary but the iOS App reads cookies from anywhere instead * only the DAV endpoint. * This makes sure that the cookies will be valid for the whole scope * @see https://github.com/owncloud/core/issues/22893 */ \OC::$server->getSession()->set(\OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED, \OC::$server->getUserSession()->getUser()->getUID()); return \OC_User::getUser(); } } return false; }
/** * @param $options * @return array */ public static function install($options) { $l = self::getTrans(); $error = array(); $dbType = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbType])) { $dbType = 'sqlite'; } $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $dataDir = htmlspecialchars_decode($options['directory']); $class = self::$dbSetupClasses[$dbType]; /** @var \OC\Setup\AbstractDatabase $dbSetup */ $dbSetup = new $class(self::getTrans(), 'db_structure.xml'); $error = array_merge($error, $dbSetup->validate($options)); // validate the data directory if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) { $error[] = $l->t("Can't create or write into the data directory %s", array($dataDir)); } if (count($error) != 0) { return $error; } //no errors, good if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = array(OC_Request::serverHost()); } if (OC_Util::runningOnWindows()) { $dataDir = rtrim(realpath($dataDir), '\\'); } //use sqlite3 when available, otherwise sqlite2 will be used. if ($dbType == 'sqlite' and class_exists('SQLite3')) { $dbType = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(30); \OC::$server->getConfig()->setSystemValue('passwordsalt', $salt); // generate a secret $secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48); \OC::$server->getConfig()->setSystemValue('secret', $secret); //write the config file \OC::$server->getConfig()->setSystemValue('trusted_domains', $trustedDomains); \OC::$server->getConfig()->setSystemValue('datadirectory', $dataDir); \OC::$server->getConfig()->setSystemValue('overwrite.cli.url', \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . OC::$WEBROOT); \OC::$server->getConfig()->setSystemValue('dbtype', $dbType); \OC::$server->getConfig()->setSystemValue('version', implode('.', OC_Util::getVersion())); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { $appConfig = \OC::$server->getAppConfig(); $appConfig->setValue('core', 'installedat', microtime(true)); $appConfig->setValue('core', 'lastupdatedat', microtime(true)); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', ''); // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::updateHtaccess(); self::protectDataDirectory(); } //and we are done OC_Config::setValue('installed', true); } return $error; }
/** * Check if the user is logged in, considers also the HTTP basic credentials * @return bool */ public static function isLoggedIn() { if (\OC::$session->get('user_id') !== null && self::$incognitoMode === false) { return self::userExists(\OC::$session->get('user_id')); } // Check whether the user has authenticated using Basic Authentication if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { return \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); } return false; }
protected static function tryBasicAuthLogin() { if (!isset($_SERVER["PHP_AUTH_USER"]) || !isset($_SERVER["PHP_AUTH_PW"])) { return false; } OC_App::loadApps(array('authentication')); if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); OC_User::unsetMagicInCookie(); $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); } return true; }
public function login($uid) { $this->backend->startLoginCycle($uid); $response = \OC_User::login($uid, ''); $this->backend->endLoginCycle($uid); return $response; }
/** * Tries to login a user using the form based authentication * @return bool|void */ protected static function tryFormLogin() { if (!isset($_POST["user"]) || !isset($_POST['password'])) { return false; } if (!OC_Util::isCallRegistered()) { return false; } OC_App::loadApps(); //setup extra user backends OC_User::setupBackends(); if (OC_User::login((string) $_POST["user"], (string) $_POST["password"])) { $userId = OC_User::getUser(); // setting up the time zone if (isset($_POST['timezone-offset'])) { self::$server->getSession()->set('timezone', (string) $_POST['timezone-offset']); self::$server->getConfig()->setUserValue($userId, 'core', 'timezone', (string) $_POST['timezone']); } self::cleanupLoginTokens($userId); if (!empty($_POST["remember_login"])) { $config = self::$server->getConfig(); if ($config->getSystemValue('debug', false)) { self::$server->getLogger()->debug('Setting remember login to cookie', array('app' => 'core')); } $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32); $config->setUserValue($userId, 'login_token', $token, time()); OC_User::setMagicInCookie($userId, $token); } else { OC_User::unsetMagicInCookie(); } OC_Util::redirectToDefaultPage(); exit; } return true; }
/** * http basic auth * @return string|false (username, or false on failure) */ private static function loginUser() { $authUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; $authPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; return OC_User::login($authUser, $authPw) ? $authUser : false; }
/** * http basic auth * @return string|false (username, or false on failure) */ private static function loginUser() { // reuse existing login $loggedIn = OC_User::isLoggedIn(); $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false; if ($loggedIn === true && $ocsApiRequest) { // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); return OC_User::getUser(); } // basic auth $authUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; $authPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; $return = OC_User::login($authUser, $authPw); if ($return === true) { self::$logoutRequired = true; // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); return $authUser; } return false; }
/** * Try to login a user using HTTP authentication. * @return bool */ protected static function tryBasicAuthLogin() { if (!isset($_SERVER["PHP_AUTH_USER"]) || !isset($_SERVER["PHP_AUTH_PW"]) || (isset($_COOKIE['oc_ignore_php_auth_user']) && $_COOKIE['oc_ignore_php_auth_user'] === $_SERVER['PHP_AUTH_USER']) ) { return false; } if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); OC_User::unsetMagicInCookie(); $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); } return true; }
if (defined("DEBUG") && DEBUG) { OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); } $token = md5($_POST["user"] . time() . $_POST['password']); OC_Preferences::setValue($_POST['user'], 'login', 'token', $token); OC_User::setMagicInCookie($_POST["user"], $token); } else { OC_User::unsetMagicInCookie(); } OC_Util::redirectToDefaultPage(); } else { $error = true; } // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP } elseif (isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"])) { if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { //OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG); OC_User::unsetMagicInCookie(); $_REQUEST['redirect_url'] = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''; OC_Util::redirectToDefaultPage(); } else { $error = true; } } if (!array_key_exists('sectoken', $_SESSION) || array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE) || substr(OC::$REQUESTEDFILE, -3) == 'php') { $sectoken = rand(1000000, 9999999); $_SESSION['sectoken'] = $sectoken; $redirect_url = isset($_REQUEST['redirect_url']) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI']; OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url)); } }
/** * check if the provided login/apikey/password is valid * @param string $format * @param string $login * @param string $passwd * @return string xml/json */ private static function personCheck($format, $login, $passwd) { if ($login != '') { if (OC_User::login($login, $passwd)) { $xml['person']['personid'] = $login; echo OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'person', 'check', 2); } else { echo OC_OCS::generatexml($format, 'failed', 102, 'login not valid'); } } else { echo OC_OCS::generatexml($format, 'failed', 101, 'please specify all mandatory fields'); } }
/** * http basic auth * @return string|false (username, or false on failure) */ private static function loginUser() { if (self::$isLoggedIn === true) { return \OC_User::getUser(); } // reuse existing login $loggedIn = OC_User::isLoggedIn(); if ($loggedIn === true) { $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false; if ($ocsApiRequest) { // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); self::$isLoggedIn = true; return OC_User::getUser(); } return false; } // basic auth - because OC_User::login will create a new session we shall only try to login // if user and pass are set if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $authUser = $_SERVER['PHP_AUTH_USER']; $authPw = $_SERVER['PHP_AUTH_PW']; $return = OC_User::login($authUser, $authPw); if ($return === true) { self::$logoutRequired = true; // initialize the user's filesystem \OC_Util::setUpFS(\OC_User::getUser()); self::$isLoggedIn = true; return \OC_User::getUser(); } } return false; }
public static function install($options) { $l = self::getTrans(); $error = array(); $dbtype = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbtype])) { $dbtype = 'sqlite'; } $class = self::$dbSetupClasses[$dbtype]; $dbSetup = new $class(self::getTrans(), 'db_structure.xml'); $error = array_merge($error, $dbSetup->validate($options)); if (count($error) != 0) { return $error; } //no errors, good $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $datadir = htmlspecialchars_decode($options['directory']); if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = array(OC_Request::serverHost()); } if (OC_Util::runningOnWindows()) { $datadir = rtrim(realpath($datadir), '\\'); } //use sqlite3 when available, otherise sqlite2 will be used. if ($dbtype == 'sqlite' and class_exists('SQLite3')) { $dbtype = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = OC_Util::generateRandomBytes(30); OC_Config::setValue('passwordsalt', $salt); //write the config file OC_Config::setValue('trusted_domains', $trustedDomains); OC_Config::setValue('datadirectory', $datadir); OC_Config::setValue('dbtype', $dbtype); OC_Config::setValue('version', implode('.', OC_Util::getVersion())); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { OC_Appconfig::setValue('core', 'installedat', microtime(true)); OC_Appconfig::setValue('core', 'lastupdatedat', microtime(true)); OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php'); OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php'); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', ''); //create htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::createHtaccess(); } //and we are done OC_Config::setValue('installed', true); } return $error; }
* License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ if (OCP\App::isEnabled('user_cas')) { include_once 'CAS.php'; require_once 'user_cas/user_cas.php'; OCP\App::registerAdmin('user_cas', 'settings'); // register user backend OC_User::useBackend('CAS'); OC::$CLASSPATH['OC_USER_CAS_Hooks'] = 'user_cas/lib/hooks.php'; OCP\Util::connectHook('OC_User', 'post_createUser', 'OC_USER_CAS_Hooks', 'post_createUser'); OCP\Util::connectHook('OC_User', 'post_login', 'OC_USER_CAS_Hooks', 'post_login'); OCP\Util::connectHook('OC_User', 'logout', 'OC_USER_CAS_Hooks', 'logout'); if (isset($_GET['app']) && $_GET['app'] == 'user_cas') { require_once 'user_cas/auth.php'; if (!OC_User::login('', '')) { $error = true; OC_Log::write('cas', 'Error trying to authenticate the user', OC_Log::DEBUG); } if (isset($_SERVER["QUERY_STRING"]) && !empty($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] != 'app=user_cas') { header('Location: ' . OC::$WEBROOT . '/?' . $_SERVER["QUERY_STRING"]); exit; } OC::$REQUESTEDAPP = ''; OC_Util::redirectToDefaultPage(); } if (!OCP\User::isLoggedIn()) { // Load js code in order to render the CAS link and to hide parts of the normal login form OCP\Util::addScript('user_cas', 'utils'); } }
/** * Check if the user verified the login with his password in the last 15 minutes * If not, the user will be shown a password verification page */ public static function verifyUser() { if (OC_Config::getValue('enhancedauth', false) === true) { // Check password to set session if (isset($_POST['password'])) { if (OC_User::login(OC_User::getUser(), $_POST["password"]) === true) { $_SESSION['verifiedLogin'] = time() + OC_Config::getValue('enhancedauthtime', 15 * 60); } } // Check if the user verified his password if (!isset($_SESSION['verifiedLogin']) or $_SESSION['verifiedLogin'] < time()) { OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); exit; } } }