optional login form/http basic auth support
This commit is contained in:
parent
1c7f75ed2c
commit
c8437f35c6
5 changed files with 61 additions and 18 deletions
|
@ -13,5 +13,8 @@
|
||||||
|
|
||||||
define(WEB_DEMO_MODE, false);
|
define(WEB_DEMO_MODE, false);
|
||||||
|
|
||||||
|
|
||||||
|
define(USE_HTTP_AUTH, false);
|
||||||
|
// use HTTP Basic authentication
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
|
@ -516,7 +516,25 @@
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function authenticate_user($link) {
|
function authenticate_user($link, $login, $password) {
|
||||||
|
|
||||||
|
$pwd_hash = 'SHA1:' . sha1($password);
|
||||||
|
|
||||||
|
$result = db_query($link, "SELECT id,login FROM ttrss_users WHERE
|
||||||
|
login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
|
||||||
|
|
||||||
|
if (db_num_rows($result) == 1) {
|
||||||
|
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
||||||
|
$_SESSION["name"] = db_fetch_result($result, 0, "login");
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
function http_authenticate_user($link) {
|
||||||
|
|
||||||
if (!$_SERVER['PHP_AUTH_USER']) {
|
if (!$_SERVER['PHP_AUTH_USER']) {
|
||||||
|
|
||||||
|
@ -529,15 +547,8 @@
|
||||||
|
|
||||||
$login = db_escape_string($_SERVER['PHP_AUTH_USER']);
|
$login = db_escape_string($_SERVER['PHP_AUTH_USER']);
|
||||||
$password = db_escape_string($_SERVER['PHP_AUTH_PW']);
|
$password = db_escape_string($_SERVER['PHP_AUTH_PW']);
|
||||||
$pwd_hash = 'SHA1:' . sha1($password);
|
|
||||||
|
|
||||||
$result = db_query($link, "SELECT id,login FROM ttrss_users WHERE
|
return authenticate_user($link, $login, $password);
|
||||||
login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
|
|
||||||
|
|
||||||
if (db_num_rows($result) == 1) {
|
|
||||||
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
|
||||||
$_SESSION["name"] = db_fetch_result($result, 0, "login");
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
23
login.php
23
login.php
|
@ -3,9 +3,18 @@
|
||||||
|
|
||||||
require_once "version.php";
|
require_once "version.php";
|
||||||
require_once "config.php";
|
require_once "config.php";
|
||||||
|
require_once "functions.php";
|
||||||
|
|
||||||
$_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
|
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
||||||
$_SESSION["name"] = PLACEHOLDER_NAME;
|
|
||||||
|
$login = $_POST["login"];
|
||||||
|
$password = $_POST["password"];
|
||||||
|
|
||||||
|
if ($login && $password) {
|
||||||
|
if (authenticate_user($link, $login, $password)) {
|
||||||
|
header("Location: tt-rss.php");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<html>
|
<html>
|
||||||
|
@ -20,6 +29,8 @@
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
|
<form action="login.php" method="POST">
|
||||||
|
|
||||||
<table width='100%' height='100%' class="loginForm">
|
<table width='100%' height='100%' class="loginForm">
|
||||||
|
|
||||||
<tr><td align='center' valign='middle'>
|
<tr><td align='center' valign='middle'>
|
||||||
|
@ -35,8 +46,16 @@
|
||||||
<tr><td align="right">Password:</td>
|
<tr><td align="right">Password:</td>
|
||||||
<td><input type="password" name="password"></td></tr>
|
<td><input type="password" name="password"></td></tr>
|
||||||
|
|
||||||
|
<tr><td colspan="2" align="center">
|
||||||
|
<input type="submit" class="button" value="Login">
|
||||||
|
</td></tr>
|
||||||
|
|
||||||
</table></td></tr>
|
</table></td></tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<? db_close($link); ?>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
10
prefs.php
10
prefs.php
|
@ -8,8 +8,14 @@
|
||||||
|
|
||||||
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
||||||
|
|
||||||
// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
|
if (!USE_HTTP_AUTH) {
|
||||||
// $_SESSION["name"] = PLACEHOLDER_NAME;
|
if (!$_SESSION["uid"]) {
|
||||||
|
header("Location: login.php");
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
authenticate_user($link);
|
||||||
|
}
|
||||||
|
|
||||||
initialize_user_prefs($link, $_SESSION["uid"]);
|
initialize_user_prefs($link, $_SESSION["uid"]);
|
||||||
// FIXME this needs to be moved somewhere after user creation
|
// FIXME this needs to be moved somewhere after user creation
|
||||||
|
|
10
tt-rss.php
10
tt-rss.php
|
@ -8,10 +8,14 @@
|
||||||
|
|
||||||
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
||||||
|
|
||||||
|
if (!USE_HTTP_AUTH) {
|
||||||
|
if (!$_SESSION["uid"]) {
|
||||||
|
header("Location: login.php");
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
authenticate_user($link);
|
authenticate_user($link);
|
||||||
|
}
|
||||||
// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
|
|
||||||
// $_SESSION["name"] = PLACEHOLDER_NAME;
|
|
||||||
|
|
||||||
initialize_user_prefs($link, $_SESSION["uid"]);
|
initialize_user_prefs($link, $_SESSION["uid"]);
|
||||||
// FIXME this needs to be moved somewhere after user creation
|
// FIXME this needs to be moved somewhere after user creation
|
||||||
|
|
Loading…
Reference in a new issue