diff options
author | Andrew Dolgov <[email protected]> | 2012-08-16 15:30:35 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2012-08-16 15:30:49 +0400 |
commit | 0d421af86fdfe270e7396f308cf53f3b908e3d74 (patch) | |
tree | a8a497d6a3f28ab030b8e232bd7a0057512c417c /classes/auth_remote.php | |
parent | 7e18f8e710d3b5af211be0a658d863a00d10bd67 (diff) |
split authentication to separate modules
Diffstat (limited to 'classes/auth_remote.php')
-rw-r--r-- | classes/auth_remote.php | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/classes/auth_remote.php b/classes/auth_remote.php new file mode 100644 index 000000000..6892a3528 --- /dev/null +++ b/classes/auth_remote.php @@ -0,0 +1,61 @@ +<?php +class Auth_Remote extends Auth_Base { + function get_login_by_ssl_certificate() { + $cert_serial = db_escape_string(get_ssl_certificate_id()); + + if ($cert_serial) { + $result = db_query($this->link, "SELECT login FROM ttrss_user_prefs, ttrss_users + WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND + owner_uid = ttrss_users.id"); + + if (db_num_rows($result) != 0) { + return db_escape_string(db_fetch_result($result, 0, "login")); + } + } + + return ""; + } + + + function authenticate($login, $password) { + $try_login = db_escape_string($_SERVER["REMOTE_USER"]); + + if (!$try_login) $try_login = $this->get_login_by_ssl_certificate(); +# if (!$try_login) $try_login = "test_qqq"; + + if ($try_login) { + $user_id = $this->auto_create_user($try_login); + + if ($user_id) { + $_SESSION["fake_login"] = $try_login; + $_SESSION["fake_password"] = "******"; + $_SESSION["hide_hello"] = true; + $_SESSION["hide_logout"] = true; + + // LemonLDAP can send user informations via HTTP HEADER + if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){ + // update user name + $fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN']; + if ($fullname){ + $fullname = db_escape_string($fullname); + db_query($this->link, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . + $user_id); + } + // update user mail + $email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL']; + if ($email){ + $email = db_escape_string($email); + db_query($this->link, "UPDATE ttrss_users SET email = '$email' WHERE id = " . + $user_id); + } + } + + return $user_id; + } + } + + return false; + } +} + +?> |