/** * Format is "auth user@example.com password" * * @param Net_SmartIRC $irc * @param Net_SmartIRC_data $data */ public final function auth(Net_SmartIRC $irc, Net_SmartIRC_data $data) { if (count($data->messageex) != 3) { $this->sendResponse($data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".'); return; } $email = $data->messageex[1]; $password = $data->messageex[2]; // check if the email exists if (!Auth::userExists($email)) { $this->sendResponse($data->nick, 'Error: could not find a user account for the given email address "$email".'); return; } // check if the given password is correct if (!Auth::isCorrectPassword($email, $password)) { $this->sendResponse($data->nick, 'Error: The email address / password combination could not be found in the system.'); return; } // check if the user account is activated if (!Auth::isActiveUser($email)) { $this->sendResponse($data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.'); return; } $this->bot->addUser($data, $email); $this->sendResponse($data->nick, 'Thank you, you have been successfully authenticated.'); }
/** * Performs standard checks when a user logins */ public static function login($login) { // handle aliases since the user is now authenticated $login = User::getEmail(Auth::getUserIDByLogin($login)); // check if this user did already confirm his account if (Auth::isPendingUser($login)) { Auth::saveLoginAttempt($login, 'failure', 'pending user'); Auth::redirect('index.php?err=9'); } // check if this user is really an active one if (!Auth::isActiveUser($login)) { Auth::saveLoginAttempt($login, 'failure', 'inactive user'); Auth::redirect('index.php?err=7'); } Auth::saveLoginAttempt($login, 'success'); $remember = !empty($_POST['remember']); Auth::createLoginCookie(APP_COOKIE, $login, $remember); Session::init(User::getUserIDByEmail($login)); }
/** * Method used to check for the appropriate authentication for a specific * page. It will check for the cookie name provided and redirect the user * to another page if needed. * * @access public * @param string $cookie_name The name of the cookie to check for * @param string $failed_url The URL to redirect to if the user is not authenticated * @param boolean $is_popup Flag to tell the function if the current page is a popup window or not * @return void */ function checkAuthentication($cookie_name, $failed_url = NULL, $is_popup = false) { global $HTTP_COOKIE_VARS; if ($failed_url == NULL) { $failed_url = APP_RELATIVE_URL . "index.php?err=5"; } $failed_url .= "&url=" . Auth::getRequestedURL(); if (!isset($HTTP_COOKIE_VARS[$cookie_name])) { Auth::redirect($failed_url, $is_popup); } $cookie = $HTTP_COOKIE_VARS[$cookie_name]; $cookie = unserialize(base64_decode($cookie)); if (!Auth::isValidCookie($cookie)) { Auth::removeCookie($cookie_name); Auth::redirect($failed_url, $is_popup); } if (Auth::isPendingUser($cookie["email"])) { Auth::removeCookie($cookie_name); Auth::redirect(APP_RELATIVE_URL . "index.php?err=9", $is_popup); } if (!Auth::isActiveUser($cookie["email"])) { Auth::removeCookie($cookie_name); Auth::redirect(APP_RELATIVE_URL . "index.php?err=7", $is_popup); } // check whether the project selection is set or not $prj_id = Auth::getCurrentProject(); if (empty($prj_id)) { // redirect to select project page Auth::redirect(APP_RELATIVE_URL . "select_project.php?url=" . Auth::getRequestedURL(), $is_popup); } // check the expiration date for a 'Customer' type user $customer_id = User::getCustomerID(Auth::getUserID()); if (!empty($customer_id) && $customer_id != -1) { $status = Customer::getContractStatus($prj_id, $customer_id); if ($status == 'expired') { Auth::removeCookie($cookie_name); Auth::redirect(APP_RELATIVE_URL . "index.php?err=10&email=" . $cookie["email"], $is_popup); } } // auto switch project if (isset($_GET['switch_prj_id'])) { Auth::setCurrentProject($_GET['switch_prj_id'], false); Auth::redirect($_SERVER['PHP_SELF'] . '?' . str_replace("switch_prj_id=" . $_GET['switch_prj_id'], "", $_SERVER['QUERY_STRING'])); } // if the current session is still valid, then renew the expiration Auth::createLoginCookie($cookie_name, $cookie['email'], $cookie['autologin']); // renew the project cookie as well $prj_cookie = Auth::getCookieInfo(APP_PROJECT_COOKIE); Auth::setCurrentProject($prj_id, $prj_cookie["remember"]); }
public function authenticate(&$irc, &$data) { global $auth; $pieces = explode(' ', $data->message); if (count($pieces) != 3) { $this->sendResponse($irc, $data->nick, 'Error: wrong parameter count for "AUTH" command. Format is "!auth user@example.com password".'); return; } $email = $pieces[1]; $password = $pieces[2]; // check if the email exists if (!Auth::userExists($email)) { $this->sendResponse($irc, $data->nick, 'Error: could not find a user account for the given email address "$email".'); return; } // check if the given password is correct if (!Auth::isCorrectPassword($email, $password)) { $this->sendResponse($irc, $data->nick, 'Error: The email address / password combination could not be found in the system.'); return; } // check if the user account is activated if (!Auth::isActiveUser($email)) { $this->sendResponse($irc, $data->nick, 'Error: Your user status is currently set as inactive. Please contact your local system administrator for further information.'); return; } else { $auth[$data->nick] = $email; $this->sendResponse($irc, $data->nick, 'Thank you, you have been successfully authenticated.'); return; } }
Auth::redirect(APP_RELATIVE_URL . "index.php?err=2&email=" . $HTTP_POST_VARS["email"]); } // check if user exists if (!Auth::userExists($HTTP_POST_VARS["email"])) { Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'unknown user'); Auth::redirect(APP_RELATIVE_URL . "index.php?err=3"); } // check if the password matches if (!Auth::isCorrectPassword($HTTP_POST_VARS["email"], $HTTP_POST_VARS["passwd"])) { Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'wrong password'); Auth::redirect(APP_RELATIVE_URL . "index.php?err=3&email=" . $HTTP_POST_VARS["email"]); } // check if this user did already confirm his account if (Auth::isPendingUser($HTTP_POST_VARS["email"])) { Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'pending user'); Auth::redirect(APP_RELATIVE_URL . "index.php?err=9", $is_popup); } // check if this user is really an active one if (!Auth::isActiveUser($HTTP_POST_VARS["email"])) { Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'failure', 'inactive user'); Auth::redirect(APP_RELATIVE_URL . "index.php?err=7", $is_popup); } Auth::saveLoginAttempt($HTTP_POST_VARS["email"], 'success'); // redirect to the initial page @Auth::createLoginCookie(APP_COOKIE, $HTTP_POST_VARS["email"], $HTTP_POST_VARS["remember_login"]); if (!empty($HTTP_POST_VARS["url"])) { $extra = '?url=' . urlencode($HTTP_POST_VARS["url"]); } else { $extra = ''; } Auth::redirect(APP_RELATIVE_URL . "select_project.php" . $extra);
/** * Authorize request. * TODO: translations * TODO: ip based control */ function authorizeRequest() { // try current auth cookie $usr_id = Auth::getUserID(); if (!$usr_id) { // otherwise setup HTTP Auth headers $authData = getAuthData(); if ($authData === null) { sendAuthenticateHeader(); echo 'Error: You are required to authenticate in order to access the requested RSS feed.'; exit; } list($authUser, $authPassword) = $authData; // check the authentication if (Validation::isWhitespace($authUser)) { sendAuthenticateHeader(); echo 'Error: Please provide your email address.'; exit; } if (Validation::isWhitespace($authPassword)) { sendAuthenticateHeader(); echo 'Error: Please provide your password.'; exit; } // check if user exists if (!Auth::userExists($authUser)) { sendAuthenticateHeader(); echo 'Error: The user specified does not exist.'; exit; } // check if the password matches if (!Auth::isCorrectPassword($authUser, $authPassword)) { sendAuthenticateHeader(); echo 'Error: The provided email address/password combo is not correct.'; exit; } // check if this user did already confirm his account if (Auth::isPendingUser($authUser)) { sendAuthenticateHeader(); echo 'Error: The provided user still needs to have its account confirmed.'; exit; } // check if this user is really an active one if (!Auth::isActiveUser($authUser)) { sendAuthenticateHeader(); echo 'Error: The provided user is currently set as an inactive user.'; exit; } $usr_id = User::getUserIDByEmail($authUser); Auth::createFakeCookie($usr_id); } // check if the required parameter 'custom_id' is really being passed if (empty($_GET['custom_id'])) { rssError("Error: The required 'custom_id' parameter was not provided."); exit; } // check if the passed 'custom_id' parameter is associated with the usr_id if (!Filter::isGlobal($_GET['custom_id']) && !Filter::isOwner($_GET['custom_id'], $usr_id)) { rssError('Error: The provided custom filter ID is not associated with the given email address.'); exit; } }
exit; } // check if the password matches if (!Auth::isCorrectPassword($HTTP_SERVER_VARS['PHP_AUTH_USER'], $HTTP_SERVER_VARS['PHP_AUTH_PW'])) { authenticate(); echo 'Error: The provided email address/password combo is not correct.'; exit; } // check if this user did already confirm his account if (Auth::isPendingUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) { authenticate(); echo 'Error: The provided user still needs to have its account confirmed.'; exit; } // check if this user is really an active one if (!Auth::isActiveUser($HTTP_SERVER_VARS['PHP_AUTH_USER'])) { authenticate(); echo 'Error: The provided user is currently set as an inactive user.'; exit; } // check if the required parameter 'custom_id' is really being passed if (empty($HTTP_GET_VARS['custom_id'])) { returnError("Error: The required 'custom_id' parameter was not provided."); exit; } $usr_id = User::getUserIDByEmail($HTTP_SERVER_VARS['PHP_AUTH_USER']); // check if the passed 'custom_id' parameter is associated with the usr_id if (!Filter::isGlobal($HTTP_GET_VARS['custom_id']) && !Filter::isOwner($HTTP_GET_VARS['custom_id'], $usr_id)) { returnError('Error: The provided custom filter ID is not associated with the given email address.'); exit; }