public function do_execute() { $this->cliEcho('Authenticating with server: '); $this->cliEcho($this->getProvidedArgument('server_url'), 'white', 'bold'); $this->cliEcho("\n"); $path = THEBUGGENIE_CONFIG_PATH; try { file_put_contents($path . '.remote_server', $this->getProvidedArgument('server_url')); } catch (\Exception $e) { $path = getenv('HOME') . DS; file_put_contents($path . '.remote_server', $this->getProvidedArgument('server_url')); } $this->cliEcho('Authenticating as user: '******'username', \thebuggenie\core\framework\Context::getCurrentCLIusername()); $this->cliEcho($username, 'white', 'bold'); $this->cliEcho("\n"); file_put_contents($path . '.remote_username', $username); $this->_current_remote_server = file_get_contents($path . '.remote_server'); $this->cliEcho("\n"); $this->cliEcho('You need to authenticate using an application-specific password.'); $this->cliEcho("\n"); $this->cliEcho("Create an application password from your account's 'Security' tab."); $this->cliEcho("\n"); $this->cliEcho("Enter the application-specific password: "******"Authentication successful!\n", 'white', 'bold'); }
/** * Returns the logged in user, or default user if not logged in * * @param \thebuggenie\core\framework\Request $request * @param \thebuggenie\core\framework\Action $action * * @return \thebuggenie\core\entities\User */ public static function loginCheck(framework\Request $request, framework\Action $action) { try { $authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction()); $user = null; $external = false; switch ($authentication_method) { case framework\Action::AUTHENTICATION_METHOD_ELEVATED: case framework\Action::AUTHENTICATION_METHOD_CORE: $username = $request['tbg3_username']; $password = $request['tbg3_password']; if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = $request['tbg3_elevated_password']; } $raw = true; // If no username and password specified, check if we have a session that exists already if ($username === null && $password === null) { if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $username = framework\Context::getRequest()->getCookie('tbg3_username'); $password = framework\Context::getRequest()->getCookie('tbg3_password'); $user = self::getB2DBTable()->getByUsername($username); if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password'); if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } else { if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) { framework\Context::setUser($user); framework\Context::getRouting()->setCurrentRouteName('elevated_login_page'); throw new framework\exceptions\ElevatedLoginException('reenter'); } } } else { if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } } if (!$user instanceof User) { framework\Context::logout(); throw new \Exception('No such login'); } } } // If we have authentication details, validate them if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) { $external = true; framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $user = $mod->verifyLogin($username, $password); } else { $user = $mod->doLogin($username, $password); } if (!$user instanceof User) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } } catch (\Exception $e) { throw $e; } } elseif (framework\Settings::isUsingExternalAuthenticationBackend()) { $external = true; framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } $user = $mod->doAutoLogin(); if ($user == false) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } else { if ($user == true) { $user = null; } } } catch (\Exception $e) { throw $e; } } elseif ($username !== null && $password !== null && !$user instanceof User) { $external = false; framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO); $user = self::getB2DBTable()->getByUsername($username); if ($user instanceof User && !$user->hasPassword($password)) { $user = null; } if (!$user instanceof User) { framework\Context::logout(); } } break; case framework\Action::AUTHENTICATION_METHOD_DUMMY: $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); break; case framework\Action::AUTHENTICATION_METHOD_CLI: $user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername()); break; case framework\Action::AUTHENTICATION_METHOD_RSS_KEY: $user = self::getB2DBTable()->getByRssKey($request['rsskey']); break; case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD: $user = self::getB2DBTable()->getByUsername($request['api_username']); if (!$user->authenticateApplicationPassword($request['api_token'])) { $user = null; } break; } if ($user === null && !framework\Settings::isLoginRequired()) { $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); } if ($user instanceof User) { if (!$user->isActivated()) { throw new \Exception('This account has not been activated yet'); } elseif (!$user->isEnabled()) { throw new \Exception('This account has been suspended'); } elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) { if (!framework\Settings::isRegistrationAllowed()) { throw new \Exception('This account does not have access to this scope'); } } if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) { $password = $user->getHashPassword(); if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) { if ($request->getParameter('tbg3_rememberme')) { framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword()); } else { framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword()); } } } } elseif (framework\Settings::isLoginRequired()) { throw new \Exception('Login required'); } else { throw new \Exception('No such login'); } } catch (\Exception $e) { throw $e; } return $user; }