add optional AUTO_LOGIN for when remote authentication is allowed (closes #295)

This commit is contained in:
Andrew Dolgov 2011-01-11 11:36:35 +03:00
parent 86268d8ba0
commit 12df6592f3
3 changed files with 16 additions and 5 deletions

View file

@ -136,6 +136,11 @@
// option can be used to integrate tt-rss with Apache's external
// authentication modules.
define('AUTO_LOGIN', false);
// Set this to true if you use ALLOW_REMOTE_USER_AUTH and you want
// to skip the login form. If set to true, users won't be able to
// set application language and settings profile.
define('LOCK_DIRECTORY', 'lock');
// Directory for lockfiles, must be writable to the user you run
// daemon process or cronjobs under.
@ -184,7 +189,7 @@
// Your OAuth instance authentication information for Twitter, visit
// http://twitter.com/oauth_clients to register your instance.
define('CONFIG_VERSION', 20);
define('CONFIG_VERSION', 21);
// Expected config version. Please update this option in config.php
// if necessary (after migrating all new options from this file).

View file

@ -1991,9 +1991,15 @@
}
if (!$_SESSION["uid"] || !validate_session($link)) {
render_login_form($link, $mobile);
//header("Location: login.php");
exit;
if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
&& $_SERVER["REMOTE_USER"] && defined('AUTO_LOGIN') && AUTO_LOGIN) {
authenticate_user($link,$_SERVER['REMOTE_USER'],null);
$_SESSION["ref_schema_version"] = get_schema_version($link, true);
} else {
render_login_form($link, $mobile);
//header("Location: login.php");
exit;
}
} else {
/* bump login timestamp */
db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .

View file

@ -1,7 +1,7 @@
<?php
require_once "functions.php";
define('EXPECTED_CONFIG_VERSION', 20);
define('EXPECTED_CONFIG_VERSION', 21);
define('SCHEMA_VERSION', 78);
if (!file_exists("config.php")) {