/**
* Authenticate against a different PostgreSQL database which contains a usr table in
* the AWL format.
*
* @package awl
*/
function auth_other_awl($username, $password)
{
global $c;
$authconn = pg_Connect($c->authenticate_hook['config']['connection']);
if (!$authconn) {
echo <<<EOERRMSG
<html><head><title>Database Connection Failure</title></head><body>
<h1>Database Error</h1>
<h3>Could not connect to PostgreSQL database</h3>
</body>
</html>
EOERRMSG;
exit(1);
}
if (isset($c->authenticate_hook['config']['columns'])) {
$cols = $c->authenticate_hook['config']['columns'];
} else {
$cols = "*";
}
if (isset($c->authenticate_hook['config']['where'])) {
$andwhere = " AND " . $c->authenticate_hook['config']['where'];
} else {
$andwhere = "";
}
$qry = new AwlQuery("SELECT {$cols} FROM usr WHERE lower(username) = ? {$andwhere}", strtolower($username));
$qry->SetConnection($authconn);
if ($qry->Exec('Login', __LINE, __FILE__) && $qry->rows() == 1) {
$usr = $qry->Fetch();
if (session_validate_password($password, $usr->password)) {
$qry = new AwlQuery("SELECT * FROM usr WHERE user_no = {$usr->user_no};");
if ($qry->Exec('Login', __LINE, __FILE__) && $qry->rows() == 1) {
$type = "UPDATE";
} else {
$type = "INSERT";
}
$qry = new AwlQuery(sql_from_object($usr, $type, 'usr', "WHERE user_no={$usr->user_no}"));
$qry->Exec('Login', __LINE, __FILE__);
/**
* We disallow login by inactive users _after_ we have updated the local copy
*/
if (isset($usr->active) && $usr->active == 'f') {
return false;
}
return $usr;
}
}
return false;
}
/**
* Authenticate against a different PostgreSQL database which contains a usr table in
* the AWL format.
*
* Use this as in the following example config snippet:
*
* require_once('auth-functions.php');
* $c->authenticate_hook = array(
* 'call' => 'AuthExternalAwl',
* 'config' => array(
* // A PgSQL database connection string for the database containing user records
* 'connection[]' => 'dbname=wrms host=otherhost port=5433 user=general',
* // Which columns should be fetched from the database
* 'columns' => "user_no, active, email_ok, joined, last_update AS updated, last_used, username, password, fullname, email",
* // a WHERE clause to limit the records returned.
* 'where' => "active AND org_code=7"
* )
* );
*
*/
function AuthExternalAWL($username, $password)
{
global $c;
$persistent = isset($c->authenticate_hook['config']['use_persistent']) && $c->authenticate_hook['config']['use_persistent'];
if (isset($c->authenticate_hook['config']['columns'])) {
$cols = $c->authenticate_hook['config']['columns'];
} else {
$cols = '*';
}
if (isset($c->authenticate_hook['config']['where'])) {
$andwhere = ' AND ' . $c->authenticate_hook['config']['where'];
} else {
$andwhere = '';
}
$qry = new AwlQuery('SELECT ' . $cols . ' FROM usr WHERE lower(username) = :username ' . $andwhere, array(':username' => strtolower($username)));
$authconn = $qry->SetConnection($c->authenticate_hook['config']['connection'], $persistent ? array(PDO::ATTR_PERSISTENT => true) : null);
if (!$authconn) {
echo <<<EOERRMSG
<html><head><title>Database Connection Failure</title></head><body>
<h1>Database Error</h1>
<h3>Could not connect to PostgreSQL database</h3>
</body>
</html>
EOERRMSG;
exit(1);
}
if ($qry->Exec('Login', __LINE__, __FILE__) && $qry->rows() == 1) {
$usr = $qry->Fetch();
if (session_validate_password($password, $usr->password)) {
UpdateUserFromExternal($usr);
/**
* We disallow login by inactive users _after_ we have updated the local copy
*/
if (isset($usr->active) && $usr->active == 'f') {
return false;
}
$qry = new AwlQuery('SELECT * FROM dav_principal WHERE username = :username', array(':username' => $usr->username));
if ($qry->Exec() && $qry->rows() == 1) {
$principal = $qry->Fetch();
return $principal;
}
return $usr;
// Somewhat optimistically
}
}
return false;
}
