/**
* Set the (in-memory) Auth Login Data
* It can be used just once per execution (session) as it stores the data using constants,
* and the data cannot be changed after a successful or failed authentication has set.
*
* @param STRING $y_user_id :: The user (login) ID used to authenticate the user ; Mandatory ; it can be the UserID from DB or if not using a DB must supply a unique ID to identify the user like username
* @param STRING $y_user_alias :: The user (login) Alias, used to display the logged in user ; Mandatory ; can be the same as the login ID or different (Ex: login ID can be 'myUserName' and this 'myUserName' ; or: login ID can be 5017 and this 'myUserName')
* @param STRING $y_user_email :: *OPTIONAL* The user Email ; if email is used as login ID this may be redundant !
* @param STRING $y_user_fullname :: *OPTIONAL* The user Full Name (First Name + Last Name)
* @param ARRAY $y_user_privileges_list :: *OPTIONAL* The user Privileges List as array that list all the current user privileges
* @param STRING $y_user_quota :: *OPTIONAL* The user (storage) Quota
* @param ARRAY $y_user_metadata :: *OPTIONAL* The user metainfo, associative array key => value
* @param STRING $y_realm :: *OPTIONAL* The user Authentication Realm(s)
* @param ENUM $y_method :: *OPTIONAL* The authentication method used: HTTP-BASIC / HTTP-DIGEST / OTHER
* @param STRING $y_pass :: *OPTIONAL* The user login password (will be stored in memory as Blowfish encrypted to avoid exposure)
*
* @return BOOLEAN :: TRUE if all data is OK, FALSE if not or try to reauthenticate under the same execution (which is not allowed ; must be just once per execution)
*/
public static function set_login_data($y_user_id, $y_user_alias, $y_user_email = '', $y_user_fullname = '', $y_user_privileges_list = array('none', 'no-privilege'), $y_user_quota = -1, $y_user_metadata = array(), $y_realm = 'DEFAULT', $y_method = '', $y_pass = '')
{
//--
if (self::$AuthCompleted !== false) {
// avoid to re-auth
Smart::log_warning('Re-Authentication is not allowed ...');
return;
}
//end if
self::$AuthCompleted = true;
//--
self::$AuthData = array();
// reset the auth data
//--
$y_user_id = trim((string) $y_user_id);
// user ID
$y_user_alias = trim((string) $y_user_alias);
// username (user alias ; can be the same as userID or different)
$y_user_email = trim((string) $y_user_email);
$y_user_fullname = trim((string) $y_user_fullname);
//--
if (is_array($y_user_privileges_list)) {
$y_user_privileges_list = (string) strtolower((string) Smart::array_to_list((array) $y_user_privileges_list));
} else {
$y_user_privileges_list = (string) strtolower((string) trim((string) $y_user_privileges_list));
// in this case can be provided a raw list of privileges (Example: '<none>, <no-privilege>')
}
//end if else
//--
$y_user_quota = Smart::format_number_int($y_user_quota);
// can be also negative
//--
switch (strtoupper((string) $y_method)) {
case 'HTTP-BASIC':
$y_method = 'HTTP-BASIC';
break;
case 'HTTP-DIGEST':
$y_method = 'HTTP-DIGEST';
break;
case 'OTHER':
default:
$y_method = 'OTHER';
}
//end switch
//--
$the_key = '#' . Smart::random_number(10000, 99999) . '#';
$the_pass = '';
if ((string) $y_pass != '') {
$the_pass = SmartCipherCrypto::encrypt('hash/sha1', (string) $the_key, (string) $y_pass);
}
//end if
//--
if ((string) $y_user_id != '') {
//--
self::$AuthData['USER_ID'] = (string) $y_user_id;
self::$AuthData['USER_EMAIL'] = (string) $y_user_email;
self::$AuthData['USER_ALIAS'] = (string) $y_user_alias;
self::$AuthData['USER_FULLNAME'] = (string) $y_user_fullname;
self::$AuthData['USER_PRIVILEGES'] = (string) $y_user_privileges_list;
self::$AuthData['USER_QUOTA'] = (int) $y_user_quota;
self::$AuthData['USER_METADATA'] = (array) $y_user_metadata;
self::$AuthData['USER_LOGIN_REALM'] = (string) $y_realm;
self::$AuthData['USER_LOGIN_METHOD'] = (string) $y_method;
self::$AuthData['USER_LOGIN_PASS'] = (string) $the_pass;
self::$AuthData['KEY'] = (string) $the_key;
//--
return true;
//--
} else {
//--
return false;
//--
}
//end if
//--
}
