new option: ALLOW_REMOTE_USER_AUTH
This commit is contained in:
parent
fc46ab83bb
commit
66917e70d0
3 changed files with 15 additions and 4 deletions
|
@ -164,7 +164,13 @@
|
|||
define('DAEMON_FEED_LIMIT', 100);
|
||||
// Limits the amount of feeds daemon updates on one run
|
||||
|
||||
define('CONFIG_VERSION', 12);
|
||||
define('ALLOW_REMOTE_USER_AUTH', false);
|
||||
// Set to 'true' if you trust your web server's REMOTE_USER
|
||||
// environment variable to validate that the user is logged in. This
|
||||
// option can be used to integrate tt-rss with Apache's external
|
||||
// authentication modules.
|
||||
|
||||
define('CONFIG_VERSION', 13);
|
||||
// Expected config version. Please update this option in config.php
|
||||
// if necessary (after migrating all new options from this file).
|
||||
|
||||
|
|
|
@ -1560,10 +1560,15 @@
|
|||
$pwd_hash1 = encrypt_password($password);
|
||||
$pwd_hash2 = encrypt_password($password, $login);
|
||||
|
||||
if ($force_auth && defined('_DEBUG_USER_SWITCH')) {
|
||||
if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
|
||||
&& $_SERVER["REMOTE_USER"]) {
|
||||
|
||||
$login = db_escape_string($_SERVER["REMOTE_USER"]);
|
||||
|
||||
$query = "SELECT id,login,access_level
|
||||
FROM ttrss_users WHERE
|
||||
login = '$login'";
|
||||
login = '$login'";
|
||||
|
||||
} else {
|
||||
$query = "SELECT id,login,access_level,pwd_hash
|
||||
FROM ttrss_users WHERE
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
require_once "functions.php";
|
||||
|
||||
define('EXPECTED_CONFIG_VERSION', 12);
|
||||
define('EXPECTED_CONFIG_VERSION', 13);
|
||||
define('SCHEMA_VERSION', 27);
|
||||
|
||||
if (!file_exists("config.php")) {
|
||||
|
|
Loading…
Reference in a new issue