/** * This is a option-less authentication. Either your login works or it doesn't. * Other apps implementing this interface may need to know what you're trying to do * in order to make a decision; $pa_options is an associative array of User handler-specific * keys and values that can contain such information */ public function authenticate(&$ps_username, $ps_password = "", $pa_options = null) { // if user doesn't exist, try creating it through the authentication backend, if the backend supports it if (strlen($ps_username) > 0 && !$this->load($ps_username)) { if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_AUTOCREATE_USERS__)) { try { $va_values = AuthenticationManager::getUserInfo($ps_username, $ps_password); } catch (Exception $e) { $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('There was an error while trying to fetch information for a new user from the current authentication backend. The message was %1 : %2', get_class($e), $e->getMessage()))); return false; } if (!is_array($va_values) || sizeof($va_values) < 1) { return false; } // @todo: check sanity on values from plugins before inserting them? foreach ($va_values as $vs_k => $vs_v) { if (in_array($vs_k, array('roles', 'groups'))) { continue; } $this->set($vs_k, $vs_v); } $vn_mode = $this->getMode(); $this->setMode(ACCESS_WRITE); $this->insert(); if (!$this->getPrimaryKey()) { $this->setMode($vn_mode); $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('User could not be created after getting info from authentication adapter. API message was: %1', join(" ", $this->getErrors())))); return false; } if (is_array($va_values['groups']) && sizeof($va_values['groups']) > 0) { $this->addToGroups($va_values['groups']); } if (is_array($va_values['roles']) && sizeof($va_values['roles']) > 0) { $this->addRoles($va_values['roles']); } if (is_array($va_values['preferences']) && sizeof($va_values['preferences']) > 0) { foreach ($va_values['preferences'] as $vs_pref => $vs_pref_val) { $this->setPreference($vs_pref, $vs_pref_val); } } $this->update(); // restore mode $this->setMode($vn_mode); } } if (AuthenticationManager::authenticate($ps_username, $ps_password, $pa_options)) { $this->load($ps_username); return true; } // check ips if (!isset($pa_options["dont_check_ips"]) || !$pa_options["dont_check_ips"]) { if ($vn_user_id = $this->ipAuthenticate()) { if ($this->load($vn_user_id)) { $ps_username = $this->get("user_name"); return 2; } } } return false; }
public function invokePostAction() { if ($_SERVER['REQUEST_METHOD'] != self::REQUEST_METHOD) { throw new Exception("Controller can only handle " . self::REQUEST_METHOD . ' requests'); return null; } else { if (!isset($_REQUEST[self::ACTION_PARAM])) { throw new Exception(self::ACTION_PARAM . ' parameter is not specified'); } } $action = $_REQUEST[self::ACTION_PARAM]; switch ($action) { case self::ACTION_LOGIN: if (!AuthenticationManager::authenticate($_REQUEST[self::USR_NAME], $_REQUEST[self::USR_PASSWORD])) { $this->forwardRequest(['Invalid user information provided']); } $user = DataManager::getUserByUsername($_REQUEST[self::USR_NAME]); $_SESSION['username'] = $user->getID(); $user = AuthenticationManager::getAuthenticatedUser(); $channels = DataManager::getChannelsByUserId($user->getID()); $_SESSION['channel'] = $channels[0]->getName(); Util::redirect(); break; case self::ACTION_LOGOUT: if (AuthenticationManager::isAuthenticated()) { AuthenticationManager::signOut(); } Util::redirect(); break; case self::ACTION_REGISTRATION: $channels = $_REQUEST['channels']; foreach ($channels as $ch) { $channel = DataManager::getChannelByName($ch); $registratedUsers = DataManager::getUsersByChannelId($channel->getID()); foreach ($registratedUsers as $user) { if ($user->getUsername() === $_REQUEST[self::USR_NAME]) { $this->forwardRequest(['The username ' . $_REQUEST[self::USR_NAME] . ' is already used!'], 'index.php?view=registration'); } } $user = DataManager::getUserByUsername($_REQUEST[self::USR_NAME]); $userId = null; if ($user) { $userId = $user->getID(); } else { $userId = DataManager::saveNewUser($_REQUEST[self::USR_FIRST_NAME], $_REQUEST[self::USR_LAST_NAME], $_REQUEST[self::USR_NAME], AuthenticationManager::getHash($_REQUEST[self::USR_NAME], $_REQUEST[self::USR_PASSWORD])); } DataManager::registrateUser($userId, $channel->getID()); } if (!AuthenticationManager::authenticate($_REQUEST[self::USR_NAME], $_REQUEST[self::USR_PASSWORD])) { $this->forwardRequest(['Invalid user information provided'], "index.php?view=registration"); } $_SESSION[self::USR_CHANNELS] = $_REQUEST[self::USR_CHANNELS]; // first channel should be selected as default channel $_SESSION['channel'] = $channels[0]; Util::redirect(); break; case self::POST_MSG: $channel = DataManager::getChannelByName($_SESSION['channel']); $user = AuthenticationManager::getAuthenticatedUser(); $messages = DataManager::getAllUnansweredPosts($channel->getID()); //TODO: mark message as answered foreach ($messages as $message) { if ($message->getAuthor() != $user->getID()) { DataManager::changePostStatus($message->getID(), Status::ANSWERED); } } DataManager::publishMessage($user->getID(), $channel->getID(), $_REQUEST[self::POST_TITLE], $_REQUEST[self::POST_CONTENT], Status::UNREAD); break; case self::ACTION_CHANGE_CHANNEL: //print_r($_REQUEST); $_SESSION['channel'] = $_REQUEST['selectedChannel']; Util::redirect(); break; case self::ACTION_JOIN_CHANNEL: $channel = DataManager::getChannelByName($_REQUEST[self::USR_CHANNEL]); $registratedUsers = DataManager::getUsersByChannelId($channel->getID()); foreach ($registratedUsers as $user) { if ($user->getUsername() === $_REQUEST[self::USR_NAME]) { $this->forwardRequest(['User ' . $_REQUEST[self::USR_NAME] . ' is already registered!'], "index.php?view=join"); } } $user = DataManager::getUserByUsername($_REQUEST[self::USR_NAME]); if (!$user) { $this->forwardRequest(['Please registrate, the user ' . $_REQUEST[self::USR_NAME] . ' does not exists!'], "index.php?view=register"); } DataManager::registrateUser($user->getID(), $channel->getID()); if (!AuthenticationManager::authenticate($_REQUEST[self::USR_NAME], $_REQUEST[self::USR_PASSWORD], $_REQUEST[self::USR_CHANNEL])) { $this->forwardRequest(['Invalid user information provided'], "index.php?view=registration"); } $_SESSION[self::USR_CHANNEL] = $_REQUEST[self::USR_CHANNEL]; Util::redirect(); break; case self::AJAX_SET_PRIO: if (isset($_POST) && $_POST) { DataManager::changePostStatus($_POST['id'], Status::PRIOR); echo "index.php?view=welcome"; } break; case self::AJAX_RESET_PRIO: if (isset($_POST) && $_POST) { DataManager::changePostStatus($_POST['id'], Status::READ); echo "index.php?view=welcome"; } break; case self::AJAX_DELETE_MESSAGE: if (isset($_POST) && $_POST) { DataManager::changePostStatus($_POST['id'], Status::DELETED); echo "index.php?view=welcome"; } break; case self::AJAX_UPDATE_CHAT: $currUserId = isset($_SESSION['username']) ? $_SESSION['username'] : null; $channel = isset($_SESSION['channel']) ? $_SESSION['channel'] : null; if ($currUserId && $channel) { $unreadPosts = DataManager::getAllUnreadPostsByUserId($currUserId); foreach ($unreadPosts as $post) { if ($post->getAuthor() != $currUserId) { DataManager::changePostStatus($post->getId(), Status::READ); } } } if (isset($_POST) && $_POST) { $channel = DataManager::getChannelByName($_REQUEST['channel']); $messages = DataManager::getPostsByChannel($channel->getID()); $return = ""; foreach ($messages as $message) { if ($message->exists()) { $return .= Viewtility::viewMessage($message, DataManager::getPostStatus($message->getId())); } } echo $return; } break; } }
private function handleRegister() { $errors = array(); $username = isset($_REQUEST[self::USR_NAME]) ? Util::escape($_REQUEST[self::USR_NAME]) : null; $firstName = isset($_REQUEST[self::USR_FIRSTNAME]) ? Util::escape($_REQUEST[self::USR_FIRSTNAME]) : null; $lastName = isset($_REQUEST[self::USR_LASTNAME]) ? Util::escape($_REQUEST[self::USR_LASTNAME]) : null; $mail = isset($_REQUEST[self::USR_MAIL]) ? Util::escape($_REQUEST[self::USR_MAIL]) : null; $password = isset($_REQUEST[self::USR_PASSWORD]) ? Util::escape($_REQUEST[self::USR_PASSWORD]) : null; $password2 = isset($_REQUEST[self::USR_PASSWORD2]) ? Util::escape($_REQUEST[self::USR_PASSWORD2]) : null; $channels = isset($_REQUEST[self::USR_CHANNELS]) ? $_REQUEST[self::USR_CHANNELS] : null; if ($username == null || $firstName == null || $lastName == null || $mail == null || $password == null || $password2 == null || $channels == null) { $errors[] = "Please fill in all fields."; } if (DataManager::userNameExists($username)) { $errors[] = "Username already exists."; } if (DataManager::mailAddressExists($mail)) { $errors[] = "Mail address already in use."; } if ($password !== $password2) { $errors[] = "Entered passwords have to be equal."; } if (count($channels) == 0) { $errors[] = "Please select one or more channels."; } if (count($errors) > 0) { echo $_REQUEST[self::USR_MAIL]; $this->forwardRequest($errors, '?view=register', array(self::USR_NAME => $_REQUEST[self::USR_NAME], self::USR_FIRSTNAME => $_REQUEST[self::USR_FIRSTNAME], self::USR_LASTNAME => $_REQUEST[self::USR_LASTNAME], self::USR_MAIL => $_REQUEST[self::USR_MAIL])); } else { DataManager::createUser($username, $firstName, $lastName, $mail, $password, $channels); AuthenticationManager::authenticate($username, $password); } }
<?php namespace noFlash\PkiAuthenticator; require_once '../src/Bootstrap.php'; if (!isset($_GET['data'], $_GET['svc'])) { throw new SecurityViolationException('Invalid auth call - consult documentation'); } $data = base64_decode($_GET['data']); //AuthRequest expects raw binary data, to carry them inside url they need to be base64-encoded, so decode it first if ($data === false) { throw new \InvalidArgumentException('Data decode failed'); } $request = new AuthRequest($_GET['svc'], $data); $authenticator = new AuthenticationManager($request); if (!$authenticator->authenticate()) { throw new \LogicException('Authentication failed'); } header('HTTP/1.0 307 Redirecting'); header('Location: ' . $authenticator->getRedirectUrl());