/**
* Authentication wrapper to the UF Class
*
* @param string $name Login name
* @param string $pass Password
* @return string The REST Client key
* @access public
* @static
*/
public function authenticate($name, $pass)
{
require_once 'CRM/Utils/System.php';
require_once 'CRM/Core/DAO.php';
$result =& CRM_Utils_System::authenticate($name, $pass);
if (empty($result)) {
return self::error('Could not authenticate user, invalid name or password.');
}
$session = CRM_Core_Session::singleton();
$api_key = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $result[0], 'api_key');
if (empty($api_key)) {
// These two lines can be used to set the initial value of the key. A better means is needed.
//CRM_Core_DAO::setFieldValue('CRM_Contact_DAO_Contact', $result[0], 'api_key', sha1($result[2]) );
//$api_key = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $result[0], 'api_key');
return self::error("This user does not have a valid API key in the database, and therefore cannot authenticate through this interface");
}
// Test to see if I can pull the data I need, since I know I have a good value.
$user =& CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $api_key, 'id', $api_key);
$session->set('api_key', $api_key);
$session->set('key', $result[2]);
$session->set('rest_time', time());
$session->set('PHPSESSID', session_id());
$session->set('cms_user_id', $result[1]);
return self::simple(array('api_key' => $api_key, 'PHPSESSID' => session_id(), 'key' => sha1($result[2])));
}
/**
* @param bool $abort
* @param null $name
* @param null $pass
* @param bool $storeInSession
* @param bool $loadCMSBootstrap
* @param bool $requireKey
*
* @return bool
*/
public static function authenticateScript($abort = TRUE, $name = NULL, $pass = NULL, $storeInSession = TRUE, $loadCMSBootstrap = TRUE, $requireKey = TRUE)
{
// auth to make sure the user has a login/password to do a shell operation
// later on we'll link this to acl's
if (!$name) {
$name = trim(CRM_Utils_Array::value('name', $_REQUEST));
$pass = trim(CRM_Utils_Array::value('pass', $_REQUEST));
}
// its ok to have an empty password
if (!$name) {
return self::authenticateAbort("ERROR: You need to send a valid user name and password to execute this file\n", $abort);
}
if ($requireKey && !self::authenticateKey($abort)) {
return FALSE;
}
$result = CRM_Utils_System::authenticate($name, $pass, $loadCMSBootstrap);
if (!$result) {
return self::authenticateAbort("ERROR: Invalid username and/or password\n", $abort);
} elseif ($storeInSession) {
// lets store contact id and user id in session
list($userID, $ufID, $randomNumber) = $result;
if ($userID && $ufID) {
$config = CRM_Core_Config::singleton();
$config->userSystem->setUserSession(array($userID, $ufID));
} else {
return self::authenticateAbort("ERROR: Unexpected error, could not match userID and contactID", $abort);
}
}
return $result;
}
static function authenticateScript($abort = true, $name = null, $pass = null, $storeInSession = true)
{
// auth to make sure the user has a login/password to do a shell
// operation
// later on we'll link this to acl's
if (!$name) {
$name = trim(CRM_Utils_Array::value('name', $_REQUEST));
$pass = trim(CRM_Utils_Array::value('pass', $_REQUEST));
}
if (!$name) {
// its ok to have an empty password
return self::authenticateAbort("ERROR: You need to send a valid user name and password to execute this file\n", $abort);
}
if (!self::authenticateKey($abort)) {
return false;
}
$result = CRM_Utils_System::authenticate($name, $pass);
if (!$result) {
return self::authenticateAbort("ERROR: Invalid username and/or password\n", $abort);
} else {
if ($storeInSession) {
// lets store contact id and user id in session
list($userID, $ufID, $randomNumber) = $result;
if ($userID && $ufID) {
$session = CRM_Core_Session::singleton();
$session->set('ufID', $ufID);
$session->set('userID', $userID);
} else {
return self::authenticateAbort("ERROR: Unexpected error, could not match userID and contactID", $abort);
}
}
}
return $result;
}
/**
* Authentication wrapper to the UF Class.
*
* @param string $name
* Login name.
* @param string $pass
* Password.
*
* @param bool $loadCMSBootstrap
*
* @throws SoapFault
* @return string
* The SOAP Client key
*/
public function authenticate($name, $pass, $loadCMSBootstrap = FALSE)
{
require_once str_replace('_', DIRECTORY_SEPARATOR, $this->ufClass) . '.php';
if ($this->ufClass == 'CRM_Utils_System_Joomla' || $this->ufClass == 'CRM_Utils_System_WordPress') {
$loadCMSBootstrap = TRUE;
}
$result = CRM_Utils_System::authenticate($name, $pass, $loadCMSBootstrap);
if (empty($result)) {
throw new SoapFault('Client', 'Invalid login');
}
$session = CRM_Core_Session::singleton();
$session->set('soap_key', $result[2]);
$session->set('soap_time', time());
return sha1($result[2]);
}
