/** * Perform standard authentication with a given username and password. * Returns an ElggUser object for use with login. * * @see login * @param string $username The username, optionally (for standard logins) * @param string $password The password, optionally (for standard logins) * @return ElggUser|false The authenticated user object, or false on failure. */ function authenticate($username, $password) { if (pam_authenticate(array('username' => $username, 'password' => $password))) { return get_user_by_username($username); } return false; }
public function testApiAuthenticate() { $this->assertFalse(pam_authenticate(null, "api")); }
// Check to see if the api is available if (isset($CONFIG->disable_api) && $CONFIG->disable_api == true) { throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied')); } // Register some default PAM methods, plugins can add their own register_pam_handler('pam_auth_session_or_hmac'); // Command must either be authenticated by a hmac or the user is already logged in register_pam_handler('pam_auth_usertoken', 'required'); // Either token present and valid OR method doesn't require one. register_pam_handler('pam_auth_anonymous_method'); // Support anonymous functions // Get parameter variables $method = get_input('method'); $result = null; // Authenticate session if (pam_authenticate()) { // Authenticated somehow, now execute. $token = ""; $params = get_parameters_for_method($method); // Use $CONFIG->input instead of $_REQUEST since this is called by the pagehandler if (isset($params['auth_token'])) { $token = $params['auth_token']; } $result = execute_method($method, $params, $token); } else { throw new SecurityException(elgg_echo('SecurityException:NoAuthMethods')); } // Finally output if (!$result instanceof GenericResult) { throw new APIException(elgg_echo('APIException:ApiResultUnknown')); }
function profile_manager_authenticate($username, $password) { $result = false; if (pam_authenticate(array("username" => $username, "password" => $password))) { if (($users = get_user_by_email($username)) && count($users) == 1) { $result = $users[0]; } elseif ($user = get_user_by_username($username)) { $result = $user; } } return $result; }
/** * Check that the method call has the proper API and user authentication * @param string $method The api name that was exposed * @return true or throws an exception * @throws APIException */ function authenticate_method($method) { global $API_METHODS; // method must be exposed if (!isset($API_METHODS[$method])) { throw new APIException(sprintf(elgg_echo('APIException:MethodCallNotImplemented'), $method)); } // make sure that POST variables are available if relevant if (get_call_method() === 'POST') { include_post_data(); } // check API authentication if required if ($API_METHODS[$method]["require_api_auth"] == true) { if (pam_authenticate(null, "api") == false) { throw new APIException(elgg_echo('APIException:APIAuthenticationFailed')); } } // check user authentication if required if ($API_METHODS[$method]["require_user_auth"] == true) { if (pam_authenticate() == false) { throw new APIException(elgg_echo('APIException:UserAuthenticationFailed')); } } return true; }