탐색 도움말
가입하기 로그인
blallo
/
tt-rss
1
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: 0192ffe5a5
브랜치 태그
tt-rss
/
plugins
/
auth_remote
/
init.php

init.php 2.3 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. <?php
    2. 

  2. class Auth_Remote extends Plugin implements IAuthModule {
    3. 

  3. 

  4. 	private $link;
    5. 

  5. 	private $host;
    6. 

  6. 	private $base;
    7. 

  7. 

  8. 	function about() {
    9. 

  9. 		return array(1.0,
    10. 

  10. 			"Authenticates against remote password (e.g. supplied by Apache)",
    11. 

  11. 			"fox",
    12. 

  12. 			true);
    13. 

  13. 	}
    14. 

  14. 

  15. 	function init($host) {
    16. 

  16. 		$this->link = $host->get_link();
    17. 

  17. 		$this->host = $host;
    18. 

  18. 		$this->base = new Auth_Base($this->link);
    19. 

  19. 

  20. 		$host->add_hook($host::HOOK_AUTH_USER, $this);
    21. 

  21. 	}
    22. 

  22. 

  23. 	function get_login_by_ssl_certificate() {
    24. 

  24. 		$cert_serial = db_escape_string($this->link, get_ssl_certificate_id());
    25. 

  25. 

  26. 		if ($cert_serial) {
    27. 

  27. 			$result = db_query($this->link, "SELECT login FROM ttrss_user_prefs, ttrss_users
    28. 

  28. 				WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
    29. 

  29. 				owner_uid = ttrss_users.id");
    30. 

  30. 

  31. 			if (db_num_rows($result) != 0) {
    32. 

  32. 				return db_escape_string($this->link, db_fetch_result($result, 0, "login"));
    33. 

  33. 			}
    34. 

  34. 		}
    35. 

  35. 

  36. 		return "";
    37. 

  37. 	}
    38. 

  38. 

  39. 

  40. 	function authenticate($login, $password) {
    41. 

  41. 		$try_login = db_escape_string($this->link, $_SERVER["REMOTE_USER"]);
    42. 

  42. 

  43. 		// php-cgi
    44. 

  44. 		if (!$try_login) $try_login = db_escape_string($this->link, $_SERVER["REDIRECT_REMOTE_USER"]);
    45. 

  45. 

  46. 		if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
    47. 

  47. #	  	if (!$try_login) $try_login = "test_qqq";
    48. 

  48. 

  49. 		if ($try_login) {
    50. 

  50. 			$user_id = $this->base->auto_create_user($try_login);
    51. 

  51. 

  52. 			if ($user_id) {
    53. 

  53. 				$_SESSION["fake_login"] = $try_login;
    54. 

  54. 				$_SESSION["fake_password"] = "******";
    55. 

  55. 				$_SESSION["hide_hello"] = true;
    56. 

  56. 				$_SESSION["hide_logout"] = true;
    57. 

  57. 

  58. 				// LemonLDAP can send user informations via HTTP HEADER
    59. 

  59. 				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
    60. 

  60. 					// update user name
    61. 

  61. 					$fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
    62. 

  62. 					if ($fullname){
    63. 

  63. 						$fullname = db_escape_string($this->link, $fullname);
    64. 

  64. 						db_query($this->link, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
    65. 

  65. 							$user_id);
    66. 

  66. 					}
    67. 

  67. 					// update user mail
    68. 

  68. 					$email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
    69. 

  69. 					if ($email){
    70. 

  70. 						$email = db_escape_string($this->link, $email);
    71. 

  71. 						db_query($this->link, "UPDATE ttrss_users SET email = '$email' WHERE id = " .
    72. 

  72. 							$user_id);
    73. 

  73. 					}
    74. 

  74. 				}
    75. 

  75. 

  76. 				return $user_id;
    77. 

  77. 			}
    78. 

  78. 		}
    79. 

  79. 

  80. 		return false;
    81. 

  81. 	}
    82. 

  82. }
    83. 

  83. 

  84. ?>
    85.