/** * Attempt to log in using the given username and password. * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * * @param string $username The username the user wrote. * @param string $password The password the user wrote. * @param string $organization The id of the organization the user chose. * @return array Associative array with the users attributes. */ protected function login($username, $password, $organization) { assert('is_string($username)'); assert('is_string($password)'); assert('is_string($organization)'); if ($organization != '') { //$organization contient le numéro de rne setcookie('RNE', $organization, null, '/'); } $path = dirname(dirname(dirname(dirname(dirname(dirname(dirname(dirname(__FILE__)))))))); require_once("$path/secure/connect.inc.php"); // Database connection require_once("$path/lib/mysql.inc"); require_once("$path/lib/mysqli.inc.php"); require_once("$path/lib/settings.inc"); require_once("$path/lib/settings.inc.php"); require_once("$path/lib/old_mysql_result.php"); // Load settings if (!loadSettings()) { die("Erreur chargement settings"); } // Global configuration file require_once("$path/lib/global.inc.php"); // Libraries include "$path/lib/share.inc.php"; // Session related functions require_once("$path/lib/Session.class.php"); $session_gepi = new Session(); # L'instance de Session permettant de gérer directement les authentifications # SSO, on ne s'embête pas : $auth = $session_gepi->authenticate_gepi($username, $password); if ($auth != "1") { # Echec d'authentification. $session_gepi->record_failed_login($username); session_write_close(); SimpleSAML_Logger::error('gepiauth:' . $this->authId . ': not authenticated. Probably wrong username/password.'); throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } SimpleSAML_Logger::info('gepiauth:' . $this->authId . ': authenticated'); # On interroge la base de données pour récupérer des attributs qu'on va retourner $query = mysqli_query($GLOBALS["mysqli"], "SELECT nom, prenom, email, statut FROM utilisateurs WHERE (login = '******')"); $row = mysqli_fetch_object($query); //on vérifie le status if ($this->requiredStatut != null) { if ($this->requiredStatut != $row->statut) { # Echec d'authentification pour ce statut $session_gepi->close('2'); session_write_close(); SimpleSAML_Logger::error('gepiauth:' . $this->authId . ': not authenticated. Statut is wrong.'); throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } } $attributes = array(); $attributes['login_gepi'] = array($username); $attributes['nom'] = array($row->nom); $attributes['prenom'] = array($row->prenom); $attributes['statut'] = array($row->statut); $attributes['email'] = array($row->email); $sql = "SELECT id_matiere FROM j_professeurs_matieres WHERE (id_professeur = '" . $username . "') ORDER BY ordre_matieres LIMIT 1"; $matiere_principale = sql_query1($sql); $attributes['matieres'] = array($matiere_principale); SimpleSAML_Logger::info('gepiauth:' . $this->authId . ': Attributes: ' . implode(',', array_keys($attributes))); return $attributes; }