<?php /* * Copyright (C) 2015 alinatoc * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ header('Content-type: application/json'); unset($_SESSION[Utilities\Session::SESSION_KEY]); Utilities\Session::Initialize(); die(new ModelResponse(true, 'Logout success'));
// Check requests if (!\Utilities\Requests::HasRequest(['username', 'password'])) { die(ModelResponse::InvalidRequest()); } extract($_REQUEST, EXTR_SKIP); $matches = array(); // Username sanitation preg_match('/[A-Za-z0-9_\\.]+/', $username, $matches); if (sizeof($matches) > 0) { $username = $matches[0]; } // end of username sanitation if (!has_account($username)) { die(new ModelResponse(false, 'User is not registered')); } // Otherwise, proceed with LDAP authentication $ldapresource = ldap_connect("ldap://svg.openit.local", 389) or die("Unable to connect to ldap://svg.openit.local:389"); //$result = ldap_bind("svg.openit.local"); ob_start(); $bind = ldap_bind($ldapresource, sprintf("*****@*****.**", $username), trim($password)); $buffer = ob_get_clean(); if ($bind == true) { // Get user data $user = \Models\User::FindUsername($username); if ($user instanceof \Models\User && $user->getUsername() != null) { Utilities\Session::LogIn($user->getUsername()); } die(new ModelResponse(true, 'Authentication success', $user)); } else { die(new ModelResponse(false, 'Incorrect password')); }