From 01a87dff9efecf9070b652f59a52e55bd2db1906 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.spb.su>
Date: Thu, 1 Mar 2007 10:43:54 +0100
Subject: rework login process, drop http auth

---
 functions.php | 73 ++++++++++++++++-------------------------------------------
 1 file changed, 19 insertions(+), 54 deletions(-)

(limited to 'functions.php')

diff --git a/functions.php b/functions.php
index 244c41682..170696352 100644
--- a/functions.php
+++ b/functions.php
@@ -1159,22 +1159,6 @@
 		return preg_replace('/\/[^\/]*$/', "", $_SERVER["REQUEST_URI"]);
 	}
 
-	function get_login_redirect() {
-		$server = $_SERVER["SERVER_NAME"];
-
-		if (ENABLE_LOGIN_SSL) {
-			$protocol = "https";
-		} else {
-			$protocol = "http";
-		}		
-
-		$url_path = get_script_urlpath();
-
-		$redirect_uri = "$protocol://$server$url_path/login.php";
-
-		return $redirect_uri;
-	}
-
 	function validate_session($link) {
 		if (SESSION_CHECK_ADDRESS && $_SESSION["uid"]) {
 			if ($_SESSION["ip_address"]) {
@@ -1186,17 +1170,6 @@
 		return true;
 	}
 
-	function basic_nosid_redirect_check() {
-		if (!SINGLE_USER_MODE) {
-			if (!$_COOKIE[get_session_cookie_name()]) {
-				$redirect_uri = get_login_redirect();
-				$return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]);
-				header("Location: $redirect_uri?rt=$return_to");
-				exit;
-			}
-		}
-	}
-
 	function login_sequence($link) {
 		if (!SINGLE_USER_MODE) {
 
@@ -1210,38 +1183,26 @@
 
 			if (!validate_session($link)) {
 				logout_user();
-				$redirect_uri = get_login_redirect();
-				$return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]);
-				header("Location: $redirect_uri?rt=$return_to");
+				render_login_form($link);
 				exit;
 			}
 
-			if (!USE_HTTP_AUTH) {
-				if (!$_SESSION["uid"]) {
-					$redirect_uri = get_login_redirect();
-					$return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]);
-					header("Location: $redirect_uri?rt=$return_to");
-					exit;
-				}
-			} else {
-				if (!$_SESSION["uid"]) {
-					if (!$_SERVER["PHP_AUTH_USER"]) {
+			$login_action = $_POST["login_action"];
 
-						header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
-						header('HTTP/1.0 401 Unauthorized');
-						exit;
-						
-					} else {
-						$auth_result = authenticate_user($link, 
-							$_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"]);
+			# try to authenticate user if called from login form			
+			if ($login_action == "do_login") {
+				$login = $_POST["login"];
+				$password = $_POST["password"];
 
-						if (!$auth_result) {
-							header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
-							header('HTTP/1.0 401 Unauthorized');
-							exit;
-						}
-					}
-				}				
+				if (authenticate_user($link, $login, $password)) {
+					$_POST["password"] = "";
+					return;
+				}
+			}
+
+			if (!$_SESSION["uid"]) {
+				render_login_form($link);
+				exit;
 			}
 		} else {
 			return authenticate_user($link, "admin", null);
@@ -3180,4 +3141,8 @@
 		return true;
 	}
 
+	function render_login_form($link) {
+		require_once "login_form.php";
+	}
+
 ?>
-- 
cgit v1.2.3