/** * Set the (in-memory) Auth Login Data * It can be used just once per execution (session) as it stores the data using constants, * and the data cannot be changed after a successful or failed authentication has set. * * @param STRING $y_user_id :: The user (login) ID used to authenticate the user ; Mandatory ; it can be the UserID from DB or if not using a DB must supply a unique ID to identify the user like username * @param STRING $y_user_alias :: The user (login) Alias, used to display the logged in user ; Mandatory ; can be the same as the login ID or different (Ex: login ID can be 'myUserName' and this 'myUserName' ; or: login ID can be 5017 and this 'myUserName') * @param STRING $y_user_email :: *OPTIONAL* The user Email ; if email is used as login ID this may be redundant ! * @param STRING $y_user_fullname :: *OPTIONAL* The user Full Name (First Name + Last Name) * @param ARRAY $y_user_privileges_list :: *OPTIONAL* The user Privileges List as array that list all the current user privileges * @param STRING $y_user_quota :: *OPTIONAL* The user (storage) Quota * @param ARRAY $y_user_metadata :: *OPTIONAL* The user metainfo, associative array key => value * @param STRING $y_realm :: *OPTIONAL* The user Authentication Realm(s) * @param ENUM $y_method :: *OPTIONAL* The authentication method used: HTTP-BASIC / HTTP-DIGEST / OTHER * @param STRING $y_pass :: *OPTIONAL* The user login password (will be stored in memory as Blowfish encrypted to avoid exposure) * * @return BOOLEAN :: TRUE if all data is OK, FALSE if not or try to reauthenticate under the same execution (which is not allowed ; must be just once per execution) */ public static function set_login_data($y_user_id, $y_user_alias, $y_user_email = '', $y_user_fullname = '', $y_user_privileges_list = array('none', 'no-privilege'), $y_user_quota = -1, $y_user_metadata = array(), $y_realm = 'DEFAULT', $y_method = '', $y_pass = '') { //-- if (self::$AuthCompleted !== false) { // avoid to re-auth Smart::log_warning('Re-Authentication is not allowed ...'); return; } //end if self::$AuthCompleted = true; //-- self::$AuthData = array(); // reset the auth data //-- $y_user_id = trim((string) $y_user_id); // user ID $y_user_alias = trim((string) $y_user_alias); // username (user alias ; can be the same as userID or different) $y_user_email = trim((string) $y_user_email); $y_user_fullname = trim((string) $y_user_fullname); //-- if (is_array($y_user_privileges_list)) { $y_user_privileges_list = (string) strtolower((string) Smart::array_to_list((array) $y_user_privileges_list)); } else { $y_user_privileges_list = (string) strtolower((string) trim((string) $y_user_privileges_list)); // in this case can be provided a raw list of privileges (Example: '<none>, <no-privilege>') } //end if else //-- $y_user_quota = Smart::format_number_int($y_user_quota); // can be also negative //-- switch (strtoupper((string) $y_method)) { case 'HTTP-BASIC': $y_method = 'HTTP-BASIC'; break; case 'HTTP-DIGEST': $y_method = 'HTTP-DIGEST'; break; case 'OTHER': default: $y_method = 'OTHER'; } //end switch //-- $the_key = '#' . Smart::random_number(10000, 99999) . '#'; $the_pass = ''; if ((string) $y_pass != '') { $the_pass = SmartCipherCrypto::encrypt('hash/sha1', (string) $the_key, (string) $y_pass); } //end if //-- if ((string) $y_user_id != '') { //-- self::$AuthData['USER_ID'] = (string) $y_user_id; self::$AuthData['USER_EMAIL'] = (string) $y_user_email; self::$AuthData['USER_ALIAS'] = (string) $y_user_alias; self::$AuthData['USER_FULLNAME'] = (string) $y_user_fullname; self::$AuthData['USER_PRIVILEGES'] = (string) $y_user_privileges_list; self::$AuthData['USER_QUOTA'] = (int) $y_user_quota; self::$AuthData['USER_METADATA'] = (array) $y_user_metadata; self::$AuthData['USER_LOGIN_REALM'] = (string) $y_realm; self::$AuthData['USER_LOGIN_METHOD'] = (string) $y_method; self::$AuthData['USER_LOGIN_PASS'] = (string) $the_pass; self::$AuthData['KEY'] = (string) $the_key; //-- return true; //-- } else { //-- return false; //-- } //end if //-- }