diff options
| -rw-r--r-- | classes/auth/base.php | 19 | ||||
| -rw-r--r-- | classes/iauthmodule.php | 1 | ||||
| -rw-r--r-- | classes/userhelper.php | 18 | ||||
| -rw-r--r-- | plugins/auth_internal/init.php | 10 | ||||
| -rw-r--r-- | plugins/auth_remote/init.php | 9 |
5 files changed, 25 insertions, 32 deletions
diff --git a/classes/auth/base.php b/classes/auth/base.php index 4cbc23589..1b9015fe3 100644 --- a/classes/auth/base.php +++ b/classes/auth/base.php @@ -1,6 +1,6 @@ <?php -class Auth_Base { - private $pdo; +abstract class Auth_Base extends Plugin implements IAuthModule { + protected $pdo; const AUTH_SERVICE_API = '_api'; @@ -8,18 +8,9 @@ class Auth_Base { $this->pdo = Db::pdo(); } - /** - * @SuppressWarnings(unused) - */ - function check_password($owner_uid, $password, $service = '') { - return false; - } - - /** - * @SuppressWarnings(unused) - */ - function authenticate($login, $password, $service = '') { - return false; + // compatibility wrapper, because of how pluginhost works (hook name == method name) + function hook_auth_user(...$args) { + return $this->authenticate(...$args); } // Auto-creates specified user if allowed by system configuration diff --git a/classes/iauthmodule.php b/classes/iauthmodule.php index 2d0c98709..e714cc6ca 100644 --- a/classes/iauthmodule.php +++ b/classes/iauthmodule.php @@ -1,4 +1,5 @@ <?php interface IAuthModule { function authenticate($login, $password); // + optional third parameter: $service + function hook_auth_user(...$args); // compatibility wrapper due to how hooks work } diff --git a/classes/userhelper.php b/classes/userhelper.php index b0a9dc598..4519f2803 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -7,15 +7,15 @@ class UserHelper { $user_id = false; $auth_module = false; - foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_AUTH_USER) as $plugin) { - - $user_id = (int) $plugin->authenticate($login, $password, $service); - - if ($user_id) { - $auth_module = strtolower(get_class($plugin)); - break; - } - } + PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_AUTH_USER, + function ($result, $plugin) use (&$user_id, &$auth_module) { + if ($result) { + $user_id = (int)$result; + $auth_module = strtolower(get_class($plugin)); + return true; + } + }, + $login, $password, $service); if ($user_id && !$check_only) { diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php index 134d3b45e..b31a23187 100644 --- a/plugins/auth_internal/init.php +++ b/plugins/auth_internal/init.php @@ -1,5 +1,5 @@ <?php -class Auth_Internal extends Plugin implements IAuthModule { +class Auth_Internal extends Auth_Base { private $host; @@ -13,7 +13,6 @@ class Auth_Internal extends Plugin implements IAuthModule { /* @var PluginHost $host */ function init($host) { $this->host = $host; - $this->pdo = Db::pdo(); $host->add_hook($host::HOOK_AUTH_USER, $this); } @@ -178,7 +177,7 @@ class Auth_Internal extends Plugin implements IAuthModule { return false; } - function check_password($owner_uid, $password) { + function check_password($owner_uid, $password, $service = '') { $sth = $this->pdo->prepare("SELECT salt,login,otp_enabled FROM ttrss_users WHERE id = ?"); @@ -189,6 +188,11 @@ class Auth_Internal extends Plugin implements IAuthModule { $salt = $row['salt']; $login = $row['login']; + // check app password only if service is specified + if ($service && get_schema_version() > 138) { + return $this->check_app_password($login, $password, $service); + } + if (!$salt) { $password_hash1 = encrypt_password($password); $password_hash2 = encrypt_password($password, $login); diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php index 7635080a0..71f6cae2b 100644 --- a/plugins/auth_remote/init.php +++ b/plugins/auth_remote/init.php @@ -1,9 +1,7 @@ <?php -class Auth_Remote extends Plugin implements IAuthModule { +class Auth_Remote extends Auth_Base { private $host; - /* @var Auth_Base $base */ - private $base; function about() { return array(1.0, @@ -13,9 +11,8 @@ class Auth_Remote extends Plugin implements IAuthModule { } /* @var PluginHost $host */ - function init($host ) { + function init($host) { $this->host = $host; - $this->base = new Auth_Base(); $host->add_hook($host::HOOK_AUTH_USER, $this); } @@ -53,7 +50,7 @@ class Auth_Remote extends Plugin implements IAuthModule { if (!$try_login) $try_login = $this->get_login_by_ssl_certificate(); if ($try_login) { - $user_id = $this->base->auto_create_user($try_login, $password); + $user_id = $this->auto_create_user($try_login, $password); if ($user_id) { $_SESSION["fake_login"] = $try_login; |