Accueil Explorer Aide
S'inscrire Connexion
blallo
/
tt-rss
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 638fdf732a
Branches Tags
tt-rss
/
plugins
/
auth_remote
/
init.php

init.php 2.1 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. <?php
    2. 

  2. class Auth_Remote extends Plugin implements IAuthModule {
    3. 

  3. 

  4. 	private $host;
    5. 

  5. 	private $base;
    6. 

  6. 

  7. 	function about() {
    8. 

  8. 		return array(1.0,
    9. 

  9. 			"Authenticates against remote password (e.g. supplied by Apache)",
    10. 

  10. 			"fox",
    11. 

  11. 			true);
    12. 

  12. 	}
    13. 

  13. 

  14. 	function init($host) {
    15. 

  15. 		$this->host = $host;
    16. 

  16. 		$this->base = new Auth_Base();
    17. 

  17. 

  18. 		$host->add_hook($host::HOOK_AUTH_USER, $this);
    19. 

  19. 	}
    20. 

  20. 

  21. 	function get_login_by_ssl_certificate() {
    22. 

  22. 		$cert_serial = db_escape_string(get_ssl_certificate_id());
    23. 

  23. 

  24. 		if ($cert_serial) {
    25. 

  25. 			$result = db_query("SELECT login FROM ttrss_user_prefs, ttrss_users
    26. 

  26. 				WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
    27. 

  27. 				owner_uid = ttrss_users.id");
    28. 

  28. 

  29. 			if (db_num_rows($result) != 0) {
    30. 

  30. 				return db_escape_string(db_fetch_result($result, 0, "login"));
    31. 

  31. 			}
    32. 

  32. 		}
    33. 

  33. 

  34. 		return "";
    35. 

  35. 	}
    36. 

  36. 

  37. 

  38. 	function authenticate($login, $password) {
    39. 

  39. 		$try_login = db_escape_string($_SERVER["REMOTE_USER"]);
    40. 

  40. 

  41. 		// php-cgi
    42. 

  42. 		if (!$try_login) $try_login = db_escape_string($_SERVER["REDIRECT_REMOTE_USER"]);
    43. 

  43. 

  44. 		if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
    45. 

  45. #	  	if (!$try_login) $try_login = "test_qqq";
    46. 

  46. 

  47. 		if ($try_login) {
    48. 

  48. 			$user_id = $this->base->auto_create_user($try_login, $password);
    49. 

  49. 

  50. 			if ($user_id) {
    51. 

  51. 				$_SESSION["fake_login"] = $try_login;
    52. 

  52. 				$_SESSION["fake_password"] = "******";
    53. 

  53. 				$_SESSION["hide_hello"] = true;
    54. 

  54. 				$_SESSION["hide_logout"] = true;
    55. 

  55. 

  56. 				// LemonLDAP can send user informations via HTTP HEADER
    57. 

  57. 				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
    58. 

  58. 					// update user name
    59. 

  59. 					$fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
    60. 

  60. 					if ($fullname){
    61. 

  61. 						$fullname = db_escape_string($fullname);
    62. 

  62. 						db_query("UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
    63. 

  63. 							$user_id);
    64. 

  64. 					}
    65. 

  65. 					// update user mail
    66. 

  66. 					$email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
    67. 

  67. 					if ($email){
    68. 

  68. 						$email = db_escape_string($email);
    69. 

  69. 						db_query("UPDATE ttrss_users SET email = '$email' WHERE id = " .
    70. 

  70. 							$user_id);
    71. 

  71. 					}
    72. 

  72. 				}
    73. 

  73. 

  74. 				return $user_id;
    75. 

  75. 			}
    76. 

  76. 		}
    77. 

  77. 

  78. 		return false;
    79. 

  79. 	}
    80. 

  80. 

  81. 	function api_version() {
    82. 

  82. 		return 2;
    83. 

  83. 	}
    84. 

  84. 

  85. }
    86. 

  86. 

  87. ?>
    88.