예제 #1
0
 /**
  * Format is "auth user@example.com password"
  *
  * @param Net_SmartIRC $irc
  * @param Net_SmartIRC_data $data
  */
 public final function auth(Net_SmartIRC $irc, Net_SmartIRC_data $data)
 {
     if (count($data->messageex) != 3) {
         $this->sendResponse($data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".');
         return;
     }
     $email = $data->messageex[1];
     $password = $data->messageex[2];
     // check if the email exists
     if (!Auth::userExists($email)) {
         $this->sendResponse($data->nick, 'Error: could not find a user account for the given email address "$email".');
         return;
     }
     // check if the given password is correct
     if (!Auth::isCorrectPassword($email, $password)) {
         $this->sendResponse($data->nick, 'Error: The email address / password combination could not be found in the system.');
         return;
     }
     // check if the user account is activated
     if (!Auth::isActiveUser($email)) {
         $this->sendResponse($data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.');
         return;
     }
     $this->bot->addUser($data, $email);
     $this->sendResponse($data->nick, 'Thank you, you have been successfully authenticated.');
 }
예제 #2
0
 /**
  * @param string $email
  * @param string $password
  * @return bool
  * @access public
  */
 public function isValidLogin($email, $password)
 {
     if (!Auth::isCorrectPassword($email, $password) && !APIAuthToken::isTokenValidForEmail($password, $email)) {
         $is_valid = false;
     } else {
         $is_valid = true;
     }
     return $is_valid;
 }
예제 #3
0
 /**
  * Method used to check for the appropriate authentication for a specific
  * page. It will check for the cookie name provided and redirect the user
  * to another page if needed.
  *
  * @param   string $cookie_name The name of the cookie to check for
  * @param   string $failed_url The URL to redirect to if the user is not authenticated
  * @param   boolean $is_popup Flag to tell the function if the current page is a popup window or not
  * @return  void
  */
 public static function checkAuthentication($cookie_name, $failed_url = null, $is_popup = false)
 {
     self::getAuthBackend()->checkAuthentication();
     if ($cookie_name == null) {
         $cookie_name = APP_COOKIE;
     }
     if ($failed_url == null) {
         $failed_url = APP_RELATIVE_URL . 'index.php?err=5';
     }
     $failed_url .= '&url=' . urlencode($_SERVER['REQUEST_URI']);
     if (!isset($_COOKIE[$cookie_name])) {
         if (APP_ANON_USER) {
             $anon_usr_id = User::getUserIDByEmail(APP_ANON_USER);
             $prj_id = reset(array_keys(Project::getAssocList($anon_usr_id)));
             self::createFakeCookie($anon_usr_id, $prj_id);
             self::createLoginCookie(APP_COOKIE, APP_ANON_USER, false);
             self::setCurrentProject($prj_id, true);
             Session::init($anon_usr_id);
         } else {
             // check for valid HTTP_BASIC params
             if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
                 if (Auth::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
                     $usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER'], true);
                     $prj_id = reset(array_keys(Project::getAssocList($usr_id)));
                     self::createFakeCookie($usr_id, $prj_id);
                     self::createLoginCookie(APP_COOKIE, APP_ANON_USER);
                     self::setCurrentProject($prj_id, true);
                 } else {
                     header('WWW-Authenticate: Basic realm="Eventum"');
                     header('HTTP/1.0 401 Unauthorized');
                     echo 'Login Failed';
                     return;
                 }
             } else {
                 self::redirect($failed_url, $is_popup);
             }
         }
     }
     $cookie = $_COOKIE[$cookie_name];
     $cookie = unserialize(base64_decode($cookie));
     if (!self::isValidCookie($cookie)) {
         self::removeCookie($cookie_name);
         self::redirect($failed_url, $is_popup);
     }
     if (self::isPendingUser($cookie['email'])) {
         self::removeCookie($cookie_name);
         self::redirect('index.php?err=9', $is_popup);
     }
     if (!self::isActiveUser($cookie['email'])) {
         self::removeCookie($cookie_name);
         self::redirect('index.php?err=7', $is_popup);
     }
     $usr_id = self::getUserID();
     // check the session
     Session::verify($usr_id);
     if (!defined('SKIP_LANGUAGE_INIT')) {
         Language::setPreference();
     }
     // check whether the project selection is set or not
     $prj_id = self::getCurrentProject();
     if (empty($prj_id)) {
         // redirect to select project page
         self::redirect(APP_RELATIVE_URL . 'select_project.php?url=' . urlencode($_SERVER['REQUEST_URI']), $is_popup);
     }
     // check the expiration date for a 'Customer' type user
     $contact_id = User::getCustomerContactID($usr_id);
     if (!empty($contact_id) && CRM::hasCustomerIntegration($prj_id)) {
         $crm = CRM::getInstance($prj_id);
         $crm->authenticateCustomer();
     }
     // auto switch project
     if (isset($_GET['switch_prj_id'])) {
         self::setCurrentProject($_GET['switch_prj_id'], false);
         self::redirect($_SERVER['PHP_SELF'] . '?' . str_replace('switch_prj_id=' . $_GET['switch_prj_id'], '', $_SERVER['QUERY_STRING']));
     }
     // if the current session is still valid, then renew the expiration
     self::createLoginCookie($cookie_name, $cookie['email'], $cookie['permanent']);
     // renew the project cookie as well
     $prj_cookie = self::getCookieInfo(APP_PROJECT_COOKIE);
     self::setCurrentProject($prj_id, $prj_cookie['remember']);
 }
예제 #4
0
파일: login.php 프로젝트: korusdipl/eventum
$login = isset($_POST['email']) ? (string) $_POST['email'] : null;
if (Validation::isWhitespace($login)) {
    Auth::redirect('index.php?err=1');
}
$passwd = isset($_POST['passwd']) ? (string) $_POST['passwd'] : null;
if (Validation::isWhitespace($passwd)) {
    Auth::saveLoginAttempt($login, 'failure', 'empty password');
    Auth::redirect('index.php?err=2&email=' . rawurlencode($login));
}
// check if user exists
if (!Auth::userExists($login)) {
    Auth::saveLoginAttempt($login, 'failure', 'unknown user');
    Auth::redirect('index.php?err=3');
}
// check if user is locked
if (Auth::isUserBackOffLocked(Auth::getUserIDByLogin($login))) {
    Auth::saveLoginAttempt($login, 'failure', 'account back-off locked');
    Auth::redirect('index.php?err=13');
}
// check if the password matches
if (!Auth::isCorrectPassword($login, $passwd)) {
    Auth::saveLoginAttempt($login, 'failure', 'wrong password');
    Auth::redirect('index.php?err=3&email=' . rawurlencode($login));
}
Auth::login($login);
if (!empty($_POST['url'])) {
    $extra = '?url=' . urlencode($_POST['url']);
} else {
    $extra = '';
}
Auth::redirect('select_project.php' . $extra);
예제 #5
0
function isValidLogin($p)
{
    $email = XML_RPC_decode($p->getParam(0));
    $password = XML_RPC_decode($p->getParam(1));
    if (!Auth::isCorrectPassword($email, $password)) {
        $is_valid = 'no';
    } else {
        $is_valid = 'yes';
    }
    return new XML_RPC_Response(new XML_RPC_Value($is_valid, $XML_RPC_String));
}
예제 #6
0
 public function authenticate(&$irc, &$data)
 {
     global $auth;
     $pieces = explode(' ', $data->message);
     if (count($pieces) != 3) {
         $this->sendResponse($irc, $data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".');
         return;
     }
     $email = $pieces[1];
     $password = $pieces[2];
     // check if the email exists
     if (!Auth::userExists($email)) {
         $this->sendResponse($irc, $data->nick, 'Error: could not find a user account for the given email address "$email".');
         return;
     }
     // check if the given password is correct
     if (!Auth::isCorrectPassword($email, $password)) {
         $this->sendResponse($irc, $data->nick, 'Error: The email address / password combination could not be found in the system.');
         return;
     }
     // check if the user account is activated
     if (!Auth::isActiveUser($email)) {
         $this->sendResponse($irc, $data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.');
         return;
     } else {
         $auth[$data->nick] = $email;
         $this->sendResponse($irc, $data->nick, 'Thank you, you have been successfully authenticated.');
         return;
     }
 }
예제 #7
0
}
// END ETEL MODIFIED
if (Validation::isWhitespace($HTTP_POST_VARS["email"])) {
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=1");
}
if (Validation::isWhitespace($HTTP_POST_VARS["passwd"])) {
    Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'empty password');
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=2&email=" . $HTTP_POST_VARS["email"]);
}
// check if user exists
if (!Auth::userExists($HTTP_POST_VARS["email"])) {
    Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'unknown user');
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=3");
}
// check if the password matches
if (!Auth::isCorrectPassword($HTTP_POST_VARS["email"], $HTTP_POST_VARS["passwd"])) {
    Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'wrong password');
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=3&email=" . $HTTP_POST_VARS["email"]);
}
// check if this user did already confirm his account
if (Auth::isPendingUser($HTTP_POST_VARS["email"])) {
    Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'pending user');
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=9", $is_popup);
}
// check if this user is really an active one
if (!Auth::isActiveUser($HTTP_POST_VARS["email"])) {
    Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'inactive user');
    Auth::redirect(APP_RELATIVE_URL . "index.php?err=7", $is_popup);
}
Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'success');
// redirect to the initial page
예제 #8
0
 /**
  * NOTE: this needs to be public for PHP 5.3 compatibility
  *
  * @param ReflectionMethod $method
  * @param array $params Method parameters in already decoded into PHP types
  * @param bool $public true if method should not be protected with login/password
  * @param array $pdesc Parameter descriptions
  * @return string
  */
 public function handle($method, $params, $public, $pdesc)
 {
     // there's method to set this via $client->setAutoBase64(true);
     // but nothing at server side. where we actually need it
     $GLOBALS['XML_RPC_auto_base64'] = true;
     try {
         if (!$public) {
             list($email, $password) = $this->getAuthParams($params);
             if (!Auth::isCorrectPassword($email, $password) && !APIAuthToken::isTokenValidForEmail($password, $email)) {
                 // FIXME: role is not checked here
                 throw new RemoteApiException("Authentication failed for {$email}. Your login/password/api key is invalid or you do not have the proper role.");
             }
             AuthCookie::setAuthCookie($email);
         }
         if ($pdesc) {
             $this->decodeParams($params, $pdesc);
         }
         $res = $method->invokeArgs($this->api, $params);
     } catch (Exception $e) {
         global $XML_RPC_erruser;
         $code = $e->getCode() ?: 1;
         $res = new XML_RPC_Response(0, $XML_RPC_erruser + $code, $e->getMessage());
     }
     if (!$res instanceof XML_RPC_Response) {
         $res = new XML_RPC_Response(XML_RPC_Encode($res));
     }
     return $res;
 }
예제 #9
0
파일: rss.php 프로젝트: korusdipl/eventum
/**
 * Authorize request.
 * TODO: translations
 * TODO: ip based control
 */
function authorizeRequest()
{
    // try current auth cookie
    $usr_id = Auth::getUserID();
    if (!$usr_id) {
        // otherwise setup HTTP Auth headers
        $authData = getAuthData();
        if ($authData === null) {
            sendAuthenticateHeader();
            echo 'Error: You are required to authenticate in order to access the requested RSS feed.';
            exit;
        }
        list($authUser, $authPassword) = $authData;
        // check the authentication
        if (Validation::isWhitespace($authUser)) {
            sendAuthenticateHeader();
            echo 'Error: Please provide your email address.';
            exit;
        }
        if (Validation::isWhitespace($authPassword)) {
            sendAuthenticateHeader();
            echo 'Error: Please provide your password.';
            exit;
        }
        // check if user exists
        if (!Auth::userExists($authUser)) {
            sendAuthenticateHeader();
            echo 'Error: The user specified does not exist.';
            exit;
        }
        // check if the password matches
        if (!Auth::isCorrectPassword($authUser, $authPassword)) {
            sendAuthenticateHeader();
            echo 'Error: The provided email address/password combo is not correct.';
            exit;
        }
        // check if this user did already confirm his account
        if (Auth::isPendingUser($authUser)) {
            sendAuthenticateHeader();
            echo 'Error: The provided user still needs to have its account confirmed.';
            exit;
        }
        // check if this user is really an active one
        if (!Auth::isActiveUser($authUser)) {
            sendAuthenticateHeader();
            echo 'Error: The provided user is currently set as an inactive user.';
            exit;
        }
        $usr_id = User::getUserIDByEmail($authUser);
        Auth::createFakeCookie($usr_id);
    }
    // check if the required parameter 'custom_id' is really being passed
    if (empty($_GET['custom_id'])) {
        rssError("Error: The required 'custom_id' parameter was not provided.");
        exit;
    }
    // check if the passed 'custom_id' parameter is associated with the usr_id
    if (!Filter::isGlobal($_GET['custom_id']) && !Filter::isOwner($_GET['custom_id'], $usr_id)) {
        rssError('Error: The provided custom filter ID is not associated with the given email address.');
        exit;
    }
}
예제 #10
0
     echo 'Error: Please provide your email address.';
     exit;
 }
 if (Validation::isWhitespace($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
     authenticate();
     echo 'Error: Please provide your password.';
     exit;
 }
 // check if user exists
 if (!Auth::userExists($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
     authenticate();
     echo 'Error: The user specified does not exist.';
     exit;
 }
 // check if the password matches
 if (!Auth::isCorrectPassword($HTTP_SERVER_VARS['PHP_AUTH_USER'], $HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
     authenticate();
     echo 'Error: The provided email address/password combo is not correct.';
     exit;
 }
 // check if this user did already confirm his account
 if (Auth::isPendingUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
     authenticate();
     echo 'Error: The provided user still needs to have its account confirmed.';
     exit;
 }
 // check if this user is really an active one
 if (!Auth::isActiveUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
     authenticate();
     echo 'Error: The provided user is currently set as an inactive user.';
     exit;
예제 #11
0
 /**
  * FIXME: this should return bool
  *
  * @param string $email
  * @param string $password
  * @return string
  * @access public
  */
 public function isValidLogin($email, $password)
 {
     if (!Auth::isCorrectPassword($email, $password)) {
         $is_valid = 'no';
     } else {
         $is_valid = 'yes';
     }
     return $is_valid;
 }