/** * Simple HTTP Login */ function api_login(&$a) { // login with oauth try { $oauth = new FKOAuth1(); list($consumer, $token) = $oauth->verify_request(OAuthRequest::from_request()); if (!is_null($token)) { $oauth->loginUser($token->uid); call_hooks('logged_in', $a->user); return; } echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>"; var_dump($consumer, $token); die; } catch (Exception $e) { logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e); //die(__file__.__line__.__function__."<pre>".$e); die(); } // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)); if (strlen($userpass)) { list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } } if (!isset($_SERVER['PHP_AUTH_USER'])) { logger('API_login: '******'WWW-Authenticate: Basic realm="Friendica"'); header('HTTP/1.0 401 Unauthorized'); die(api_error($a, 'json', "This api requires login")); //die('This api requires login'); } $user = $_SERVER['PHP_AUTH_USER']; $encrypted = hash('whirlpool', trim($_SERVER['PHP_AUTH_PW'])); /** * next code from mod/auth.php. needs better solution */ // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )\n\t\t\tAND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted)); if (count($r)) { $record = $r[0]; } else { logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Friendica"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } require_once 'include/security.php'; authenticate_success($record); $_SESSION["allow_api"] = true; call_hooks('logged_in', $a->user); }
/** * Simple HTTP Login */ function api_login(&$a) { // login with oauth try { $oauth = new FKOAuth1(); list($consumer, $token) = $oauth->verify_request(OAuthRequest::from_request()); if (!is_null($token)) { $oauth->loginUser($token->uid); call_hooks('logged_in', $a->user); return; } echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>"; var_dump($consumer, $token); die; } catch (Exception $e) { logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e); //die(__file__.__line__.__function__."<pre>".$e); die(); } // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)); if (strlen($userpass)) { list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } } if (!isset($_SERVER['PHP_AUTH_USER'])) { logger('API_login: '******'WWW-Authenticate: Basic realm="Friendica"'); header('HTTP/1.0 401 Unauthorized'); die(api_error($a, 'json', "This api requires login")); //die('This api requires login'); } $user = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; $encrypted = hash('whirlpool', trim($password)); // allow "user@server" login (but ignore 'server' part) $at = strstr($user, "@", true); if ($at) { $user = $at; } /** * next code from mod/auth.php. needs better solution */ $record = null; $addon_auth = array('username' => trim($user), 'password' => trim($password), 'authenticated' => 0, 'user_record' => null); /** * * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained * and later plugins should not interfere with an earlier one that succeeded. * */ call_hooks('authenticate', $addon_auth); if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) { $record = $addon_auth['user_record']; } else { // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )\n\t\t\t\tAND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted)); if (count($r)) { $record = $r[0]; } } if (!$record || !count($record)) { logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Friendica"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } authenticate_success($record); $_SESSION["allow_api"] = true; call_hooks('logged_in', $a->user); }
/** * Simple HTTP Login */ function api_login(&$a) { // login with oauth try { $oauth = new FKOAuth1(); list($consumer, $token) = $oauth->verify_request(OAuthRequest::from_request()); if (!is_null($token)) { $oauth->loginUser($token->uid); call_hooks('logged_in', $a->user); return; } echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>"; var_dump($consumer, $token); die; } catch (Exception $e) { logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e); //die(__file__.__line__.__function__."<pre>".$e); die(); } // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)); if (strlen($userpass)) { list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } } if (!isset($_SERVER['PHP_AUTH_USER'])) { logger('API_login: '******'WWW-Authenticate: Basic realm="Friendika"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } $user = $_SERVER['PHP_AUTH_USER']; $encrypted = hash('whirlpool', trim($_SERVER['PHP_AUTH_PW'])); /** * next code from mod/auth.php. needs better solution */ // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) \n\t\t\tAND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted)); if (count($r)) { $record = $r[0]; } else { logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Friendika"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } $_SESSION['uid'] = $record['uid']; $_SESSION['theme'] = $record['theme']; $_SESSION['authenticated'] = 1; $_SESSION['page_flags'] = $record['page-flags']; $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $record['nickname']; $_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; //notice( t("Welcome back ") . $record['username'] . EOL); $a->user = $record; if (strlen($a->user['timezone'])) { date_default_timezone_set($a->user['timezone']); $a->timezone = $a->user['timezone']; } $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1", intval($_SESSION['uid'])); if (count($r)) { $a->contact = $r[0]; $a->cid = $r[0]['id']; $_SESSION['cid'] = $a->cid; } q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1", dbesc(datetime_convert()), intval($_SESSION['uid'])); call_hooks('logged_in', $a->user); header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] . '"'); }
/** * Simple HTTP Login */ function api_login(&$a) { // login with oauth try { $oauth = new FKOAuth1(); $req = OAuthRequest::from_request(); list($consumer, $token) = $oauth->verify_request($req); // list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request()); if (!is_null($token)) { $oauth->loginUser($token->uid); $a->set_oauth_key($consumer->key); call_hooks('logged_in', $a->user); return; } echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>"; // var_dump($consumer, $token); die; } catch (Exception $e) { logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e); } // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)); if (strlen($userpass)) { list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } } if (x($_SERVER, 'HTTP_AUTHORIZATION')) { $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)); if (strlen($userpass)) { list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } } if (!isset($_SERVER['PHP_AUTH_USER'])) { logger('API_login: '******'WWW-Authenticate: Basic realm="Red"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } // process normal login request require_once 'include/auth.php'; $channel_login = 0; $record = account_verify_password($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); if (!$record) { $r = q("select * from channel where channel_address = '%s' limit 1", dbesc($_SERVER['PHP_AUTH_USER'])); if ($r) { $x = q("select * from account where account_id = %d limit 1", intval($r[0]['channel_account_id'])); if ($x) { $record = account_verify_password($x[0]['account_email'], $_SERVER['PHP_AUTH_PW']); if ($record) { $channel_login = $r[0]['channel_id']; } } } if (!$record) { logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Red"'); header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } } require_once 'include/security.php'; authenticate_success($record); if ($channel_login) { change_channel($channel_login); } $_SESSION['allow_api'] = true; }