public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); unset($_SESSION["COUNT"]); unset($_SESSION["disk"]); AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); foreach ($_SESSION as $key => $val) { if (substr($key, -4) === "disk" && substr($key, 0, 4) == "smb_") { unset($_SESSION[$key]); } } AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function logoutCallback($actionName, $httpVars, $fileVars) { $safeCredentials = AJXP_Safe::loadCredentials(); $crtUser = $safeCredentials["user"]; if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) { unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]); } AJXP_Safe::clearCredentials(); $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; if (isset($this->options["ADMIN_USER"])) { $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; } $subUsers = array(); if ($crtUser != $adminUser && $crtUser != "") { ConfService::getConfStorageImpl()->deleteUser($crtUser, $subUsers); } AuthService::disconnect(); session_destroy(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
} // Check that current user can access current repository, try to switch otherwise. $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { $currentRepo = ConfService::getRepositoryById(ConfService::getCurrentRootDirIndex()); if (!$loggedUser->canRead(ConfService::getCurrentRootDirIndex()) || $currentRepo->getAccessType() == "ajxp_conf" && ENABLE_USERS && !$loggedUser->isAdmin()) { ConfService::switchRootDir(AuthService::getDefaultRootId()); } } if ($loggedUser == null) { $requireAuth = true; } if (isset($loggingResult) || isset($_GET["get_action"]) && $_GET["get_action"] == "logged_user") { AJXP_XMLWriter::header(); if (isset($loggingResult)) { AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass); } AJXP_XMLWriter::sendUserData(); AJXP_XMLWriter::close(); exit(1); } } $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { if ($loggedUser->getPref("lang") != "") { ConfService::setLanguage($loggedUser->getPref("lang")); } } $mess = ConfService::getMessages(); foreach ($_GET as $getName => $getValue) { ${$getName} = Utils::securePath($getValue);
AuthService::logUser($detectedUser, "empty", true, false, ""); $loggedUser = AuthService::getLoggedUser(); } if ($loggedUser != null) { ConfService::switchRootDir($optRepoId, true); /* $res = ConfService::switchUserToActiveRepository($loggedUser, $optRepoId); if (!$res) { AuthService::disconnect(); $requireAuth = true; } */ } if (isset($loggingResult) && $loggingResult != 1) { AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, false, false, ""); AJXP_XMLWriter::close(); if ($optStatusFile) { file_put_contents($optStatusFile, "ERROR:No user logged"); } } } else { AJXP_Logger::debug(ConfService::getCurrentRepositoryId()); } //Set language $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null && $loggedUser->getPref("lang") != "") { ConfService::setLanguage($loggedUser->getPref("lang")); } else { if (isset($_COOKIE["AJXP_lang"])) { ConfService::setLanguage($_COOKIE["AJXP_lang"]);
public function switchAction($action, $httpVars, $fileVars) { switch ($action) { case "logout": AuthService::disconnect(); $loggingResult = 2; session_destroy(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, null, null, null); AJXP_XMLWriter::close(); break; case "get_seed": $seed = AuthService::generateSeed(); if (AuthService::suspectBruteForceLogin()) { HTMLWriter::charsetHeader('application/json'); print json_encode(array("seed" => $seed, "captcha" => true)); } else { HTMLWriter::charsetHeader("text/plain"); print $seed; } break; case "get_captcha": include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; CaptchaProvider::sendCaptcha(); //exit(0) ; break; case "back": AJXP_XMLWriter::header("url"); echo AuthService::getLogoutAddress(false); AJXP_XMLWriter::close("url"); //exit(1); break; default: break; } return ""; }
protected function breakAndSendError($exceptionMsg) { AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(-1, null, null, null); AJXP_XMLWriter::sendMessage("ERROR", $exceptionMsg); AJXP_XMLWriter::close(); //throw new AJXP_Exception($exceptionMsg); exit; }
function logoutCallback($actionName, $httpVars, $fileVars) { $crtUser = $_SESSION["AJXP_SESSION_REMOTE_USER"]; if (isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) { unset($_SESSION["AJXP_DYNAMIC_FTP_DATA"]); } unset($_SESSION["AJXP_SESSION_REMOTE_USER"]); unset($_SESSION["AJXP_SESSION_REMOTE_PASS"]); $adminUser = $this->options["ADMIN_USER"]; if ($login != $adminUser && $crtUser != "") { AJXP_User::deleteUser($crtUser); } AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function switchAction($action, $httpVars, $fileVars) { if (!isset($this->actions[$action])) { return; } $mess = ConfService::getMessages(); switch ($action) { case "login": if (!AuthService::usersEnabled()) { return; } $rememberLogin = ""; $rememberPass = ""; $secureToken = ""; $loggedUser = null; include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) { $loggingResult = -4; } else { $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null; $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null; $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false; $cookieLogin = isset($httpVars["cookie_login"]) ? true : false; $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]); if ($rememberMe && $loggingResult == 1) { $rememberLogin = "******"; $rememberPass = "******"; $loggedUser = AuthService::getLoggedUser(); } if ($loggingResult == 1) { session_regenerate_id(true); $secureToken = AuthService::generateSecureToken(); } if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) { $loggingResult = -4; // Force captcha reload } } $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if (isset($httpVars["tmp_repository_id"])) { $passId = $httpVars["tmp_repository_id"]; } else { if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } } $res = ConfService::switchUserToActiveRepository($loggedUser, $passId); if (!$res) { AuthService::disconnect(); $loggingResult = -3; } } if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) { AuthService::refreshRememberCookie($loggedUser); } AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken); AJXP_XMLWriter::close(); break; //------------------------------------ // CHANGE USER PASSWORD //------------------------------------ //------------------------------------ // CHANGE USER PASSWORD //------------------------------------ case "pass_change": $userObject = AuthService::getLoggedUser(); if ($userObject == null || $userObject->getId() == "guest") { header("Content-Type:text/plain"); print "SUCCESS"; break; } $oldPass = $httpVars["old_pass"]; $newPass = $httpVars["new_pass"]; $passSeed = $httpVars["pass_seed"]; if (strlen($newPass) < ConfService::getCoreConf("PASSWORD_MINLENGTH", "auth")) { header("Content-Type:text/plain"); print "PASS_ERROR"; break; } if (AuthService::checkPassword($userObject->getId(), $oldPass, false, $passSeed)) { AuthService::updatePassword($userObject->getId(), $newPass); if ($userObject->getLock() == "pass_change") { $userObject->removeLock(); $userObject->save("superuser"); } } else { header("Content-Type:text/plain"); print "PASS_ERROR"; break; } header("Content-Type:text/plain"); print "SUCCESS"; break; case "logout": AuthService::disconnect(); $loggingResult = 2; session_destroy(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, null, null, null); AJXP_XMLWriter::close(); break; case "get_seed": $seed = AuthService::generateSeed(); if (AuthService::suspectBruteForceLogin()) { HTMLWriter::charsetHeader('application/json'); print json_encode(array("seed" => $seed, "captcha" => true)); } else { HTMLWriter::charsetHeader("text/plain"); print $seed; } //exit(0); break; case "get_secure_token": HTMLWriter::charsetHeader("text/plain"); print AuthService::generateSecureToken(); //exit(0); break; case "get_captcha": include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; CaptchaProvider::sendCaptcha(); //exit(0) ; break; case "back": AJXP_XMLWriter::header("url"); echo AuthService::getLogoutAddress(false); AJXP_XMLWriter::close("url"); //exit(1); break; default: break; } return ""; }
function tryToLogUser(&$httpVars, $isLast = false) { // CATCH THE STANDARD LOGIN OPERATION if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") { return false; } if (AJXP_Utils::userAgentIsNativePydioApp()) { return false; } $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null; $duoActive = false; if (!empty($userId)) { $uObject = ConfService::getConfStorageImpl()->createUserObject($userId); if ($uObject != null) { $duoActive = $uObject->mergedRole->filterParameterValue("authfront.duosecurity", "DUO_AUTH_ACTIVE", AJXP_REPO_SCOPE_ALL, false); } } if (!$duoActive) { return false; } $rememberLogin = ""; $rememberPass = ""; $secureToken = ""; $loggedUser = null; include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php"; if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) { $loggingResult = -4; } else { $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null; $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null; $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false; $cookieLogin = isset($httpVars["cookie_login"]) ? true : false; $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]); if ($rememberMe && $loggingResult == 1) { $rememberLogin = "******"; $rememberPass = "******"; } if ($loggingResult == 1) { session_regenerate_id(true); $secureToken = AuthService::generateSecureToken(); } if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) { $loggingResult = -4; // Force captcha reload } } $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if (isset($httpVars["tmp_repository_id"])) { $passId = $httpVars["tmp_repository_id"]; } else { if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } } $res = ConfService::switchUserToActiveRepository($loggedUser, $passId); if (!$res) { AuthService::disconnect(); $loggingResult = -3; } } if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) { AuthService::refreshRememberCookie($loggedUser); } AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken); AJXP_XMLWriter::close(); if ($loggingResult > 0 && $loggedUser != null) { require_once $this->getBaseDir() . "/duo_php/duo_web.php"; $appUnique = $this->getFilteredOption("DUO_AUTH_AKEY"); $iKey = $this->getFilteredOption("DUO_AUTH_IKEY"); $sKey = $this->getFilteredOption("DUO_AUTH_SKEY"); $res = Duo::signRequest($iKey, $sKey, $appUnique, $loggedUser->getId()); $loggedUser->personalRole->setParameterValue("authfront.duosecurity", "DUO_AUTH_LAST_SIGNATURE", $res); $loggedUser->setLock("duo_show_iframe"); $loggedUser->save("superuser"); } // if($loggingResult > 0 || $isLast){ exit; // } }
} } } } if ($loggedUser == null) { // Try prelogging user if the session expired but the logging data is in fact still present // For example, for basic_http auth. AuthService::preLogUser(isset($httpVars["remote_session"]) ? $httpVars["remote_session"] : ""); $loggedUser = AuthService::getLoggedUser(); if ($loggedUser == null) { $requireAuth = true; } } if (isset($loggingResult)) { AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken); AJXP_XMLWriter::close(); exit(1); } } else { AJXP_Logger::debug(ConfService::getCurrentRootDirIndex()); } //Set language $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null && $loggedUser->getPref("lang") != "") { ConfService::setLanguage($loggedUser->getPref("lang")); } else { if (isset($_COOKIE["AJXP_lang"])) { ConfService::setLanguage($_COOKIE["AJXP_lang"]); } }