From 0d421af86fdfe270e7396f308cf53f3b908e3d74 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Thu, 16 Aug 2012 15:30:35 +0400
Subject: split authentication to separate modules

---
 classes/auth_base.php | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 classes/auth_base.php

(limited to 'classes/auth_base.php')

diff --git a/classes/auth_base.php b/classes/auth_base.php
new file mode 100644
index 000000000..8c819b668
--- /dev/null
+++ b/classes/auth_base.php
@@ -0,0 +1,55 @@
+<?php
+class Auth_Base {
+	protected $link;
+
+	function __construct($link) {
+		$this->link = $link;
+	}
+
+	function authenticate($login, $password) {
+		return false;
+	}
+
+	// Auto-creates specified user if allowed by system configuration
+	// Can be used instead of find_user_by_login() by external auth modules
+	function auto_create_user($login) {
+		if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
+			$user_id = $this->find_user_by_login($login);
+
+			if (!$user_id) {
+				$login = db_escape_string($login);
+				$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+				$pwd_hash = encrypt_password($password, $salt, true);
+
+				$query = "INSERT INTO ttrss_users
+						(login,access_level,last_login,created,pwd_hash,salt)
+						VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')";
+
+				db_query($this->link, $query);
+
+				return $this->find_user_by_login($login);
+
+			} else {
+				return $user_id;
+			}
+		}
+
+		return false;
+	}
+
+	function find_user_by_login($login) {
+		$login = db_escape_string($login);
+
+		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE
+			login = '$login'");
+
+		if (db_num_rows($result) > 0) {
+			return db_fetch_result($result, 0, "id");
+		} else {
+			return false;
+		}
+
+	}
+}
+
+?>
-- 
cgit v1.2.3