public function exec()
{
// If ANONYMOUS_ONLY is set to true in the config, don't require credentials;
// also the 'logout' action makes no sense for an anonymous server:
if ($this->config->anonymous_only) {
$this->log->info("anonymous login accepted\n");
$this->anonymous = true;
return true;
}
$sapi = new HTTP\Sapi();
$response = new HTTP\Response();
$request = $sapi->getRequest();
$auth = new HTTP\Auth\Basic('Web Folders', $request, $response);
// If no basic auth creds set, but the variables "user" and "pass" were
// posted to the page (e.g. from a/the login form), substitute those:
if (!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW'])) {
if (isset($_POST) && isset($_POST['user']) && isset($_POST['pass'])) {
$_SERVER['PHP_AUTH_USER'] = $_POST['user'];
$_SERVER['PHP_AUTH_PW'] = $_POST['pass'];
// HACK: dynamically change the request method to GET, because
// otherwise SambaDAV will throw an exception because there is
// no POST handler installed. This change causes SabreDAV to
// process this request just like any other basic auth login:
$_SERVER['REQUEST_METHOD'] = 'GET';
}
}
list($this->user, $this->pass) = $auth->getCredentials();
if ($this->user === false || $this->user === '') {
$this->user = null;
}
if ($this->pass === false || $this->pass === '') {
$this->pass = null;
}
if (isset($_GET['logout'])) {
// If you're tagged with 'logout' but you're not passing a
// username/pass, redirect to plain index:
if ($this->user === null || $this->pass === null) {
header("Location: {$this->baseuri}");
return false;
}
// Otherwise, if you're tagged with 'logout', make sure
// the authentication is refused, to make the browser
// flush its cache:
$this->showLoginForm($auth, $response);
return false;
}
if ($this->checkAuth() === false) {
sleep(2);
$this->showLoginForm($auth, $response);
return false;
}
$this->log->info("login accepted for '%s'\n", is_null($this->user) ? '(none)' : $this->user);
return true;
}
/**
* @static
* @throws \Exception
* @return User
*/
public static function authenticateHttpBasic()
{
// we're using Sabre\HTTP for basic auth
$request = \Sabre\HTTP\Sapi::getRequest();
$response = new \Sabre\HTTP\Response();
$auth = new \Sabre\HTTP\Auth\Basic(Tool::getHostname(), $request, $response);
$result = $auth->getCredentials();
if (is_array($result)) {
list($username, $password) = $result;
$user = self::authenticatePlaintext($username, $password);
if ($user) {
return $user;
}
}
$auth->requireLogin();
$response->setBody("Authentication required");
\Logger::error("Authentication Basic (WebDAV) required");
\Sabre\HTTP\Sapi::sendResponse($response);
die;
}
/**
* Get the current request
* @return Sabre\HTTP\Sapi Current request
*/
function request()
{
$request = HTTP\Sapi::getRequest();
$request->setBaseUrl(getenv('BASE_URL'));
return $request;
}
* @copyright Copyright (C) 2009-2015 fruux GmbH (https://fruux.com/).
* @author Evert Pot (http://evertpot.com/)
* @license http://sabre.io/license/ Modified BSD License
*/
$userList = ["user1" => "password", "user2" => "password"];
use Sabre\HTTP\Sapi;
use Sabre\HTTP\Response;
use Sabre\HTTP\Auth;
// Find the autoloader
$paths = [__DIR__ . '/../vendor/autoload.php', __DIR__ . '/../../../autoload.php', __DIR__ . '/vendor/autoload.php'];
foreach ($paths as $path) {
if (file_exists($path)) {
include $path;
break;
}
}
$request = Sapi::getRequest();
$response = new Response();
$basicAuth = new Auth\Basic("Locked down area", $request, $response);
if (!($userPass = $basicAuth->getCredentials())) {
// No username or password given
$basicAuth->requireLogin();
} elseif (!isset($userList[$userPass[0]]) || $userList[$userPass[0]] !== $userPass[1]) {
// Username or password are incorrect
$basicAuth->requireLogin();
} else {
// Success !
$response->setBody('You are logged in!');
}
// Sending the response
Sapi::sendResponse($response);
$stmt->execute();
$dbConfig = [];
foreach ($stmt->fetchAll() as $row) {
if (!isset($dbConfig[$row['Type']])) {
$dbConfig[$row['Type']] = [$row['Name'] => $row['Value']];
} else {
$dbConfig[$row['Type']] += [$row['Name'] => $row['Value']];
}
}
// Add database configuration to config array
$config->add($dbConfig);
/**
* Start Request Response Objects
*/
$request = function () {
return \Sabre\HTTP\Sapi::getRequest();
};
$response = function () {
return new \Sabre\HTTP\Response();
};
/**
* Start url parser
*/
$url = \Purl\Url::fromCurrent();
// determine if we are on https or not
$ssl = $url['port'] == '443' ? true : false;
/**
* Start dic container
*/
$dic = new \Auryn\Injector();
// Share object instances
require_once __DIR__ . '/../bootstrap.php';
use Sabre\Katana\Server\Installer;
use Sabre\Katana\Configuration;
use Sabre\HTTP;
use Hoa\Router;
use Hoa\Dispatcher;
use Hoa\Eventsource;
use Hoa\File;
/**
* This file aims at installing the application.
*
* @copyright Copyright (C) 2015 fruux GmbH (https://fruux.com/).
* @author Ivan Enderlin
* @license GNU Affero General Public License, Version 3.
*/
$request = HTTP\Sapi::getRequest();
$response = new HTTP\Response();
/**
* If the application has already been installed, redirect to the index.
*/
if (true === Installer::isInstalled()) {
echo file_get_contents(SABRE_KATANA_PREFIX . '/resource/view/install_done.html');
return;
}
/**
* If dependencies have not been installed, we print a specific message.
*/
if (true === Installer::isDirectoryEmpty(SABRE_KATANA_PREFIX . '/public/static/vendor/')) {
echo file_get_contents(SABRE_KATANA_PREFIX . '/resource/view/install_bower.html');
return;
}
public static function create()
{
return new static(\Sabre\HTTP\Sapi::getRequest());
}
/**
* Returns Sabre request object.
**/
public static function make_request_object()
{
return HTTP\Sapi::getRequest();
}
