public function test_setCredentials()
{
$fs = \Mockery::mock('League\\Flysystem\\Filesystem');
$fs->shouldReceive('read')->with('/tmp/credentials.php')->andReturn('<?php $credentials = "old hash"; ?>')->once();
$fs->shouldReceive('put')->with('/tmp/credentials.php', '/new password hash/')->andReturn(true)->once();
$auth = new Auth($fs, '/tmp/credentials.php');
$this->assertTrue($auth->authenticate('old hash'));
$auth->setCredentials('new password hash');
$this->assertTrue($auth->authenticate('new password hash'));
}
public function test_authenticate2()
{
//Auth::logout();
$this->assertFalse(Auth::authenticate('test_auth', 'aaa'));
$this->assertFalse(Auth::authenticate('test_auth2', 'password'));
$this->assertNull(Auth::get_logged_in_user());
}
public function __construct($request)
{
// Get the token from $request which has been set in the headers
$this->token = $request['token'];
// Get the args which is simply the url without domain and ...
$args = $request['args'];
// This will check if user is authenticated, if not Auth will throw a Error(7) and kills the page
Auth::authenticate($this->token);
// Get the all arguments from url
$this->args = explode('/', rtrim($args, '/'));
// Get the Controller name
$this->endpoint = ucfirst($this->args[0]);
// always the first one is our endpoint , E.g : api/v1/ -> products
// Do a loop on all arguments to find ids and popo names
foreach ($this->args as $arg) {
// Look for an id , either mongo id , or product id !
if (is_mongo_id($arg)) {
$this->id = $arg;
continue;
// continue if the condition is met , go next loop
}
// Check if there is popo with this arg in popo folder
if (popo_exists($this->endpoint, uc_first($arg))) {
$this->popo = uc_first($arg);
}
}
// Request type
$this->request_type = $this->get_request_method();
// PUT and DELETE can be hidden inside of an POST request , check them :
if ($this->request_type == 'POST' && array_key_exists('HTTP_X_HTTP_METHOD', $_SERVER)) {
if ($_SERVER['HTTP_X_HTTP_METHOD'] == "DELETE") {
$this->request_type = 'DELETE';
} else {
if ($_SERVER['HTTP_X_HTTP_METHOD'] == 'PUT') {
$this->request_type = 'PUT';
}
}
}
// Get all inputs
$this->input = @file_get_contents('php://input');
$this->input = json_decode($this->input);
// Check if request method is either POST or PUT and if yes , check if input is empty or not
validate_input($this->input, $this->request_type);
// Get params from GET , if is set
if (isset($_GET)) {
$this->params = $_GET;
// first param is like : /produtcs/34534543 , So we dont need it
array_shift($this->params);
}
// Get params from POST , if is set
if (isset($_POST)) {
foreach ($_POST as $k => $v) {
$this->params[$k] = $v;
}
}
// Define the protocol
$this->protocol = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? "https" : "http";
}
public function login()
{
if (Input::hasPost("login", "password")) {
$pwd = Load::model("usuario")->crearPassword(Input::post("password"));
$usuario = Input::post("login");
$auth = new Auth("model", "class: usuario", "usuario_nombre: {$usuario}", "usuario_password: {$pwd}");
if ($auth->authenticate()) {
Router::redirect("auth/welcome");
} else {
Flash::error("Usuario o contraseña inválidos!");
}
}
}
public function inicio()
{
if (Input::hasPost("user", "password")) {
$pwd = md5(Input::post("password"));
$usuario = Input::post("user");
$auth = new Auth("model", "class: sesion", "user: {$usuario}", "password: {$pwd}");
if ($auth->authenticate()) {
Router::toAction("dashboard");
} else {
Flash::error("Usuario o contraseña invalidos");
}
}
}
/**
* check
*
* @param $username
* @param $password
* @return true/false
*/
public static function check($username, $password)
{
Load::lib('auth');
$password = hash('md5', $password);
$auth = new Auth('model', 'class: usuario', "login: {$username}", "password: {$password}", 'status: A');
if ($auth->authenticate()) {
Session::set(SESSION_KEY, true);
return true;
} else {
self::setError('Error Login!');
Session::set(SESSION_KEY, false);
return false;
}
}
public function login($post)
{
$usuario = $post['usuario'];
$password = sha1($post['password']);
$auth = new Auth("model", "class: Usuario", "nombre_usuario: {$usuario}", "password: {$password}");
$admin = $this->find_by_sql('SELECT * FROM usuario WHERE nombre_usuario="' . $usuario . '"');
if ($admin->admin == 1) {
if ($auth->authenticate()) {
if (Auth::get('admin') == 1) {
return true;
}
} else {
return false;
}
}
}
public function validate_login()
{
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('login-user', 'Username', 'trim|required');
$this->form_validation->set_rules('login-pass', 'Password', 'trim|required');
$this->form_validation->set_message('Invalid username or password.');
if ($this->form_validation->run() == FALSE) {
return false;
} else {
$username = $this->input->post('login-user');
$password = $this->input->post('login-pass');
// If the form fields validate, Authenticate User.
Auth::authenticate($username, $password);
}
}
public function login()
{
//en login susamos el template sin menus
$this->render("login", "portada");
if ($this->has_post("login", "password")) {
$pwd = $this->post("password");
$usuario = $this->post('login');
$auth = new Auth("model", "class: usuario", "username: {$usuario}", "password: {$pwd}");
if ($auth->authenticate()) {
$this->redirect("inicio");
Flash::success("Bienvenido");
} else {
Flash::error("Error, Usuario y/o contraseña incorrecta");
}
}
}
public function login()
{
if ($this->has_post("login", "password")) {
$login = $this->request("login");
/*Tomamos el login del request*/
$password = $this->request("password");
/*Tomamos el pass del request*/
$auth = new Auth("model", "class: Gsusers", "login: {$login}", "password: {$password}");
if ($auth->authenticate()) {
$this->redirect("panel/index");
} else {
Flash::error("Usuario/Password invalido");
$this->redirect("");
}
}
}
public function login()
{
View::template('login');
$usuarios = new Usuarios();
if (Input::post("usuarios")) {
# code...
$pwd = $usuarios->cript(Input::post("usuarios")['password']);
$usuario = Input::post("usuarios")['login'];
$auth = new Auth("model", "class: usuarios", "login: {$usuario}", "password: {$pwd}");
if ($auth->authenticate()) {
View::template('default');
Router::redirect("index/index");
} else {
Flash::error("Login o password invalidos");
}
}
}
public function login()
{
View::template('login');
$usuarios = new Usuarios();
if (Input::post("usuarios")) {
# code...
$pwd = $usuarios->cript(Input::post("usuarios")['clave']);
$usuario = Input::post("usuarios")['nombre'];
$auth = new Auth("model", "class: usuarios", "nombre: {$usuario}", "clave: {$pwd}");
if ($auth->authenticate()) {
View::template('default');
Router::redirect("index/index");
} else {
Flash::error("Falló");
}
}
}
function ingresar()
{
Config::set('config.application.breadcrumb', FALSE);
View::template('login-box');
Load::lib('auth');
if ($this->has_post("usuario", "contrasena")) {
$usuario = $this->post("usuario");
$contrasena = $this->post("contrasena");
$auth = new Auth("model", "class: Usuario", "nombreusuario: {$usuario}", "contrasena: {$contrasena}");
if ($auth->authenticate()) {
Router::redirect("administrador/inicioadmin");
//Flash::success("Correcto");
} else {
Flash::error("Falló");
}
}
}
public function login()
{
if (Input::hasPost("login", "password")) {
$pwd = Input::post("password");
$usuario = Input::post("login");
$u = new Usuario();
$pwd = $u->encriptar_password($pwd);
$auth = new Auth("model", "class: usuario", "login: {$usuario}", "password: {$pwd}");
if ($auth->authenticate()) {
Router::redirect("index/dashboard");
die;
} else {
Flash::error("Login o password incorrectos");
}
}
Router::redirect("/");
}
public function login()
{
if (Input::hasPost("usuario", "password", "tipo_usuario")) {
$pwd = Input::post("password");
$usuario = Input::post("usuario");
$tipo_usuario = Input::post("tipo_usuario");
if ($tipo_usuario == "docente") {
$modelo = "profesor";
$campo1 = "dni";
$campo2 = "password";
$pwd = md5($pwd);
$auth = new Auth("model", "class: {$modelo}", "{$campo1}: {$usuario}", "{$campo2}: {$pwd}", "tipo_usuario: 1");
} elseif ($tipo_usuario == "alumno") {
$modelo = "alumno";
$campo1 = "dni";
$campo2 = "dni";
$auth = new Auth("model", "class: {$modelo}", "{$campo1}: {$usuario}", "{$campo2}: {$pwd}");
} else {
$modelo = "profesor";
$campo1 = "dni";
$campo2 = "password";
$pwd = md5($pwd);
$auth = new Auth("model", "class: {$modelo}", "{$campo1}: {$usuario}", "{$campo2}: {$pwd}", "tipo_usuario: 0");
}
if ($auth->authenticate()) {
/*agregar un parametro para saber que tipo de usuario es*/
$_SESSION['KUMBIA_AUTH_IDENTITY'][Config::get('config.application.namespace_auth')]['tipousuario'] = $tipo_usuario;
if ($tipo_usuario == "alumno") {
Flash::valid("Alumno");
Router::redirect("perfil/");
}
if ($tipo_usuario == "docente") {
Flash::valid("Docente");
Router::redirect("perfil/");
}
if ($tipo_usuario == "administrador") {
Flash::valid("Administrador");
Router::redirect("profesor/");
}
} else {
Flash::error("El Nombre de Usuario o contraseña son incorrectos");
Router::redirect("/");
}
}
}
function login($loginid, $password, $expires = null)
{
$ctx = Model_Context::getInstance();
$loginid = POD::escapeString($loginid);
$blogid = getBlogId();
$userid = Auth::authenticate($blogid, $loginid, $password);
if ($userid === false) {
return false;
}
if (empty($_POST['save'])) {
setcookie('TSSESSION_LOGINID', '', time() - 31536000, $ctx->getProperty('service.path') . '/', $ctx->getProperty('service.domain'));
} else {
setcookie('TSSESSION_LOGINID', $loginid, time() + 31536000, $ctx->getProperty('service.path') . '/', $ctx->getProperty('service.domain'));
}
if (in_array("group.writers", Acl::getCurrentPrivilege())) {
Session::authorize($blogid, $userid, $expires);
}
return true;
}
function index()
{
if (Input::hasPost("usuario")) {
$login = Input::post("usuario");
$clave = Input::post("clave");
$auth = new Auth("model", "class: usuario", "cedula: {$login}", "clave: {$clave}");
if ($auth->authenticate()) {
$usu = new Usuario();
$usu->find_first("cedula='{$login}' and clave='{$clave}'");
//if ($usu->tipousuario_id == 1) {//vendedor
Session::set("usuario_id", $usu->id);
Session::set("usuario_nombrecompleto", $usu->nombrecompleto);
Router::redirect("home/index");
//}
} else {
Flash::error("Login o Clave inválido.");
}
}
}
/**
* Metodo para inciar sesion.
*
* @return boolean
*/
public function entrar()
{
//Verifico si ha enviado los datos através del formulario
if (Input::hasPost('login') && Input::hasPost('pass')) {
//Verifico que el formulario recibido sea igual al que se envió
if (SecurityKey::isValid()) {
$this->usr = Input::post('login');
$this->pwd = md5(Input::post('pass'));
//Encripto nuevamente la contraseña, pues ya viene encriptada con el sha1
//Utilizo Auth
$auth = new Auth('model', 'class: usuario', "login: {$this->usr}", "password: {$this->pwd}", 'estado: 1');
$auth->sleep_on_fail(true, 2);
//En caso de que falle duermo la aplicacion por 2 segundos
if ($auth->authenticate()) {
$this->codigo = Auth::get('id');
$this->ip = Utils::getIp();
//Determino la ip del visitante
$this->valido = true;
//Obtengo el grupo del usuario
$grupo = $this->getGrupo();
if (!$grupo) {
Flash::error("Se ha producido un error en la verificación de los datos.");
Auth::destroy_identity();
} else {
//Almaceno en sesion algunos parámetros
Session::set('nivel', $grupo->id);
Session::set('grupo', $grupo->descripcion);
Session::set("usuario", $this->usr);
Session::set("ip", $this->ip);
Flash::info("¡ Bienvenido <strong>{$this->usr}</strong> !.");
Router::redirect('dc-admin/');
}
} else {
Flash::error('El usuario y/o contraseña incorrectos.');
}
} else {
Flash::error('La llave de acceso ha expirado. <br />Por favor intente nuevamente.');
}
}
}
// Ajax related
//
if (preg_match('/^\\/ajax\\/([\\w-]+)(?:\\/([\\w-]+))?\\/$/', $GLOBALS['uri'], $matches)) {
if (count($matches) <= 2) {
$GLOBALS['section'] = 'default';
$GLOBALS['subSection'] = $matches[1];
} else {
$GLOBALS['section'] = $matches[1];
$GLOBALS['subSection'] = $matches[2];
}
}
/* +----------------------------------------------------------------+ *\
|* | AUTHENTICATION | *|
\* +----------------------------------------------------------------+ */
if (!isset($GLOBALS['user']) || !$GLOBALS['user'] instanceof User) {
if ((!Auth::authenticate() || !$GLOBALS['user'] instanceof User) && ($GLOBALS['subSection'] != 'authentication' && ($GLOBALS['subSection'] != 'registration' || $GLOBALS['settings'][SystemSettings::ALLOW_USER_REGISTRATION]))) {
SystemEvent::raise(SystemEvent::INFO, "Authentication is required on all ajax requests. [URI={$GLOBALS['uri']}]", "ajaxHandler");
// TODO: send error here
exit;
}
}
session_write_close();
/* +----------------------------------------------------------------+ *\
|* | ROUTING | *|
\* +----------------------------------------------------------------+ */
//
// Ajax related
//
if (!empty($GLOBALS['section'])) {
$GLOBALS['ajaxMethod'] = $GLOBALS['subSection'];
if (strpos($GLOBALS['subSection'], '-') !== false) {
}
$fname = strtolower($classname);
$fname = str_replace('_', '', $fname);
$fname1 = sprintf(ROOT . '%sinc%sclass_%s.php', DIRECTORY_SEPARATOR, DIRECTORY_SEPARATOR, $fname);
if (is_file($fname1)) {
require_once $fname1;
return;
}
$fname2 = sprintf(ROOT . '%sinc%sns_%s.php', DIRECTORY_SEPARATOR, DIRECTORY_SEPARATOR, $fname);
if (is_file($fname2)) {
require_once $fname2;
return;
}
echo $fname1 . '<br />';
echo $fname2 . '<br />';
}
require_once sprintf('..%sconfig.php', DIRECTORY_SEPARATOR);
$config = new CoreConfig();
/*
new CoreInit(
$config->enc_from,
$config->enc_to,
$config->comp_level,
$config->email
);
*/
define('OPT_DIR', Path::join(ROOT, 'inc', 'opt') . DIRECTORY_SEPARATOR);
require_once Path::join(ROOT, 'inc', 'opt', 'opt.class.php');
$auth = new Auth();
echo $auth->authenticate('mysz', sha1('jsDhzc1'));
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GRLDCHZ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
require_once 'Auth.php';
$auth = new Auth();
try {
$auth->authenticate();
require_once 'Comment.php';
require_once 'Media.php';
require_once 'Posts.php';
require_once 'Profile.php';
require_once 'Skillet.php';
require_once 'Utils.php';
if (isset($_GET["get"]) && $_GET["get"] == "posts") {
$posts = new Posts($auth);
$posts->getPosts();
print $posts->printOutput();
} else {
if (isset($_GET["get"]) && $_GET["get"] == "media") {
$media = new Media($auth);
$media->getMedia();
print $media->printOutput();
<?php /** * Created by PhpStorm. * User: sanmadjack * Date: 6/28/2015 * Time: 9:14 AM */ require_once "res/include.php"; Auth::authenticate();
}
outputHeaders();
//These are the commands we may expect
$valid_commands = $fckphp_config['Commands'];
$valid_resource_types = $fckphp_config['ResourceTypes'];
//Get the passed data
$command = isset($_GET['Command']) && $_GET['Command'] != "" ? $_GET['Command'] : "";
$type = isset($_GET['Type']) && $_GET['Type'] != "" ? $_GET['Type'] : "File";
$cwd = str_replace("..", "", isset($_GET['CurrentFolder']) && $_GET['CurrentFolder'] != "" ? $_GET['CurrentFolder'] : "/");
$cwd = str_replace("..", "", $cwd);
$extra = isset($_GET['ExtraParams']) && $_GET['ExtraParams'] != "" ? $_GET['ExtraParams'] : "";
if (in_array($command, $valid_commands)) {
if ($fckphp_config['auth']['Req']) {
require_once "./Auth/" . $fckphp_config['auth']['HandlerClass'] . ".php";
$auth = new Auth();
$fckphp_config = $auth->authenticate($extra, $fckphp_config);
if ($fckphp_config['authSuccess'] !== true) {
header("content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
?>
<Connector command="authentication_failed" resourceType="authentication_failed">
<CurrentFolder path="authentication_failed" url="authentication_failed" />
<Error number="-1" />
</Connector><?php
if ($fckphp_config['Debug'] === true && $fckphp_config['Debug_Output']) {
recordOutput();
}
exit(0);
}
}
//bit of validation
/**
* Processes a request to login
*/
//if already auth, get out of here
if (Auth::isAuthenticated()) {
Util::getTemplate('index.php');
return;
}
//ensure user submitted credentials
if (!isset($_POST['email'], $_POST['password'])) {
Util::getTemplate('login.php');
return;
}
//add credentials to session
Auth::authenticate($_POST['email'], $_POST['password']);
//test credentials
$lsm = new LsmCurl(false);
//force debug mode off
$lsm->setEndpoint(LSM_API_ENDPOINT . "authenticate/customer");
//change to /authenticate, or /authenticate/customer accordingly
$lsm->useGet();
//send the request
$lsm->sendRequest();
$status = (int) $lsm->getResponseStatus();
$response = $lsm->getResponseContent();
if (!$response) {
Auth::destroySession();
Auth::startSession();
Util::getTemplate('500.php');
return;
<?php
session_start();
include '../includes/Auth.php';
$auth = new Auth();
$usuario = $_POST;
$login = array("nombre" => $_POST['nombre'], "contra" => $_POST['contra']);
$autentificacion = $auth->authenticate($login);
if ($autentificacion != null && isset($autentificacion['_id'])) {
//echo "el usuario SI existe en la base de datos";
/* autorización */
$auth->authorizate($autentificacion);
$level = $auth->getLevel();
/* codificador */
if (isset($_POST['encuestas'])) {
$encuesta = $_POST['encuestas'];
switch ($_POST['encuestas']) {
case 'ods1':
header("location:../../ods1/index.php?idEstacion=" . $_POST['idEstacion'] . "&estacion=" . $_POST['estacion'] . "&carretera=" . $_POST['carretera'] . "&km=" . $_POST['km'] . "&capturista=" . $_POST['nombre']);
exit;
break;
case 'pds1':
header("location:../../pds1/index.php?idEstacion=" . $_POST['idEstacion'] . "&estacion=" . $_POST['estacion'] . "&carretera=" . $_POST['carretera'] . "&km=" . $_POST['km'] . "&capturista=" . $_POST['nombre']);
exit;
break;
case 'admin':
header("location:../../admin/index.php?capturista=" . $_POST['nombre']);
exit;
break;
default:
# code...
function login($loginid, $password)
{
global $blogid;
if (Auth::authenticate($blogid, $loginid, $password, true) === false) {
return false;
}
return true;
}
function login($loginid, $password)
{
$context = Model_Context::getInstance();
if (Auth::authenticate($context->getProperty('blog.id'), $loginid, $password, true) === false) {
return false;
}
return true;
}
header("content-type: text/xml");
$result = WebserviceHelper::constructResult(500, 'No api key defined', $method);
print $result->asXML();
exit;
}
if (empty($secret) || $secret == "") {
header("content-type: text/xml");
$result = WebserviceHelper::constructResult(500, 'No secret defined', $method);
print $result->asXML();
exit;
}
switch ($method) {
case 'user_authenticate':
header("content-type: text/xml");
$auth = new Auth($apikey, $secret);
print $auth->authenticate();
break;
case 'getUserById':
header("content-type: text/xml");
$apiUser = new Api_User();
print $apiUser->getUserById($apikey, $secret);
break;
case 'getUserByUsername':
header("content-type: text/xml");
$apiUser = new Api_User();
print $apiUser->getUserByUsername($apikey, $secret);
break;
case 'getBaseUserById':
header("content-type: text/xml");
$apiUser = new Api_User();
print $apiUser->getBaseUserById($apikey, $secret);
