base.php 1.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364
  1. <?php
  2. class Auth_Base {
  3. private $pdo;
  4. const AUTH_SERVICE_API = '_api';
  5. function __construct() {
  6. $this->pdo = Db::pdo();
  7. }
  8. /**
  9. * @SuppressWarnings(unused)
  10. */
  11. function check_password($owner_uid, $password, $service = '') {
  12. return false;
  13. }
  14. /**
  15. * @SuppressWarnings(unused)
  16. */
  17. function authenticate($login, $password, $service = '') {
  18. return false;
  19. }
  20. // Auto-creates specified user if allowed by system configuration
  21. // Can be used instead of find_user_by_login() by external auth modules
  22. function auto_create_user($login, $password = false) {
  23. if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
  24. $user_id = $this->find_user_by_login($login);
  25. if (!$password) $password = make_password();
  26. if (!$user_id) {
  27. $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
  28. $pwd_hash = encrypt_password($password, $salt, true);
  29. $sth = $this->pdo->prepare("INSERT INTO ttrss_users
  30. (login,access_level,last_login,created,pwd_hash,salt)
  31. VALUES (?, 0, null, NOW(), ?,?)");
  32. $sth->execute([$login, $pwd_hash, $salt]);
  33. return $this->find_user_by_login($login);
  34. } else {
  35. return $user_id;
  36. }
  37. }
  38. return $this->find_user_by_login($login);
  39. }
  40. function find_user_by_login($login) {
  41. $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE
  42. login = ?");
  43. $sth->execute([$login]);
  44. if ($row = $sth->fetch()) {
  45. return $row["id"];
  46. } else {
  47. return false;
  48. }
  49. }
  50. }