mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
Merge branch 'seeddms-5.1.x' into seeddms-6.0.x
This commit is contained in:
Uwe Steinmann
commit
23568c0a6a
|
|
@ -31,110 +31,12 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
||||||
return self::$user;
|
return self::$user;
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
public function run() { /* {{{ */
|
protected function _finalize($user) { /* {{{ */
|
||||||
$dms = $this->params['dms'];
|
|
||||||
$settings = $this->params['settings'];
|
$settings = $this->params['settings'];
|
||||||
$session = $this->params['session'];
|
$session = $this->params['session'];
|
||||||
$authenticator = $this->params['authenticator'];
|
$sesstheme = $this->params['sesstheme'];
|
||||||
$source = isset($this->params['source']) ? $this->params['source'] : '';
|
$source = isset($this->params['source']) ? $this->params['source'] : '';
|
||||||
$sesstheme = $this->getParam('sesstheme');
|
$lang = $this->params['lang'];
|
||||||
$referuri = $this->getParam('referuri');
|
|
||||||
$lang = $this->getParam('lang');
|
|
||||||
$login = $this->params['login'];
|
|
||||||
$pwd = $this->params['pwd'];
|
|
||||||
|
|
||||||
self::$user = null;
|
|
||||||
|
|
||||||
/* The preLogin hook may set self::$user which will prevent any further
|
|
||||||
* authentication process.
|
|
||||||
*/
|
|
||||||
if($this->callHook('preLogin')) {
|
|
||||||
}
|
|
||||||
|
|
||||||
$user = self::$user;
|
|
||||||
|
|
||||||
/* The password may only be empty if the guest user tries to log in.
|
|
||||||
* There is just one guest account with id $settings->_guestID which
|
|
||||||
* is allowed to log in without a password. All other guest accounts
|
|
||||||
* are treated like regular logins
|
|
||||||
*/
|
|
||||||
if(!$user && $settings->_enableGuestLogin && (int) $settings->_guestID) {
|
|
||||||
$guestUser = $dms->getUser((int) $settings->_guestID);
|
|
||||||
if($guestUser) {
|
|
||||||
if(($login != $guestUser->getLogin())) {
|
|
||||||
if ((!isset($pwd) || strlen($pwd)==0)) {
|
|
||||||
$this->setErrorMsg("login_error_text");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$user = $guestUser;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Run any additional authentication method. The hook must return a
|
|
||||||
* valid user, if the authentication succeeded. If it fails, it must
|
|
||||||
* return false and if the hook doesn't care at all, if must return null.
|
|
||||||
*/
|
|
||||||
if(!$user) {
|
|
||||||
$user = $this->callHook('authenticate', $source);
|
|
||||||
if(false === $user) {
|
|
||||||
if(empty($this->errormsg))
|
|
||||||
$this->setErrorMsg("authentication_failed");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Deprecated: Run any additional authentication implemented in a hook */
|
|
||||||
if(!is_object($user) && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
|
|
||||||
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authObj) {
|
|
||||||
if(!$user && method_exists($authObj, 'authenticate')) {
|
|
||||||
$user = $authObj->authenticate($dms, $settings, $login, $pwd);
|
|
||||||
if(false === $user) {
|
|
||||||
if(empty($this->errormsg))
|
|
||||||
$this->setErrorMsg("authentication_failed");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$user = $authenticator->authenticate($login, $pwd);
|
|
||||||
|
|
||||||
if(0) {
|
|
||||||
/* Authenticate against LDAP server {{{ */
|
|
||||||
if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
|
|
||||||
require_once("../inc/inc.ClassLdapAuthentication.php");
|
|
||||||
$authobj = new SeedDMS_LdapAuthentication($dms, $settings);
|
|
||||||
$user = $authobj->authenticate($login, $pwd);
|
|
||||||
if(!$user) {
|
|
||||||
add_log_line('Authentication against LDAP failed for user '.$login);
|
|
||||||
}
|
|
||||||
} /* }}} */
|
|
||||||
|
|
||||||
/* Authenticate against SeedDMS database {{{ */
|
|
||||||
if(!is_object($user)) {
|
|
||||||
require_once("../inc/inc.ClassDbAuthentication.php");
|
|
||||||
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
|
|
||||||
$user = $authobj->authenticate($login, $pwd);
|
|
||||||
} /* }}} */
|
|
||||||
}
|
|
||||||
|
|
||||||
/* If the user is still not authenticated, then exit with an error */
|
|
||||||
if(!is_object($user)) {
|
|
||||||
/* if counting of login failures is turned on, then increment its value */
|
|
||||||
if($settings->_loginFailure) {
|
|
||||||
$user = $dms->getUserByLogin($login);
|
|
||||||
if($user) {
|
|
||||||
$failures = $user->addLoginFailure();
|
|
||||||
if($failures >= $settings->_loginFailure)
|
|
||||||
$user->setDisabled(true);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$this->callHook('loginFailed');
|
|
||||||
$this->setErrorMsg("login_error_text");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
self::$user = $user;
|
self::$user = $user;
|
||||||
|
|
||||||
|
|
@ -261,4 +163,113 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
|
public function run() { /* {{{ */
|
||||||
|
$dms = $this->params['dms'];
|
||||||
|
$settings = $this->params['settings'];
|
||||||
|
$session = $this->params['session'];
|
||||||
|
$authenticator = $this->params['authenticator'];
|
||||||
|
$source = isset($this->params['source']) ? $this->params['source'] : '';
|
||||||
|
$sesstheme = $this->getParam('sesstheme');
|
||||||
|
$referuri = $this->getParam('referuri');
|
||||||
|
$lang = $this->getParam('lang');
|
||||||
|
$login = $this->params['login'];
|
||||||
|
$pwd = $this->params['pwd'];
|
||||||
|
|
||||||
|
self::$user = null;
|
||||||
|
|
||||||
|
/* The preLogin hook may set self::$user which will prevent any further
|
||||||
|
* authentication process.
|
||||||
|
*/
|
||||||
|
if($this->callHook('preLogin')) {
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = self::$user;
|
||||||
|
|
||||||
|
/* The password may only be empty if the guest user tries to log in.
|
||||||
|
* There is just one guest account with id $settings->_guestID which
|
||||||
|
* is allowed to log in without a password. All other guest accounts
|
||||||
|
* are treated like regular logins
|
||||||
|
*/
|
||||||
|
if(!$user && $settings->_enableGuestLogin && (int) $settings->_guestID) {
|
||||||
|
$guestUser = $dms->getUser((int) $settings->_guestID);
|
||||||
|
if($guestUser) {
|
||||||
|
if(($login != $guestUser->getLogin())) {
|
||||||
|
if ((!isset($pwd) || strlen($pwd)==0)) {
|
||||||
|
$this->setErrorMsg("login_error_text");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$user = $guestUser;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Run any additional authentication method. The hook must return a
|
||||||
|
* valid user, if the authentication succeeded. If it fails, it must
|
||||||
|
* return false and if the hook doesn't care at all, if must return null.
|
||||||
|
*/
|
||||||
|
if(!$user) {
|
||||||
|
$user = $this->callHook('authenticate', $source);
|
||||||
|
if(false === $user) {
|
||||||
|
if(empty($this->errormsg))
|
||||||
|
$this->setErrorMsg("authentication_failed");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Deprecated: Run any additional authentication implemented in a hook */
|
||||||
|
if(!is_object($user) && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
|
||||||
|
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authObj) {
|
||||||
|
if(!$user && method_exists($authObj, 'authenticate')) {
|
||||||
|
$user = $authObj->authenticate($dms, $settings, $login, $pwd);
|
||||||
|
if(false === $user) {
|
||||||
|
if(empty($this->errormsg))
|
||||||
|
$this->setErrorMsg("authentication_failed");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = $authenticator->authenticate($login, $pwd);
|
||||||
|
|
||||||
|
if(0) {
|
||||||
|
/* Authenticate against LDAP server {{{ */
|
||||||
|
if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
|
||||||
|
require_once("../inc/inc.ClassLdapAuthentication.php");
|
||||||
|
$authobj = new SeedDMS_LdapAuthentication($dms, $settings);
|
||||||
|
$user = $authobj->authenticate($login, $pwd);
|
||||||
|
if(!$user) {
|
||||||
|
add_log_line('Authentication against LDAP failed for user '.$login);
|
||||||
|
}
|
||||||
|
} /* }}} */
|
||||||
|
|
||||||
|
/* Authenticate against SeedDMS database {{{ */
|
||||||
|
if(!is_object($user)) {
|
||||||
|
require_once("../inc/inc.ClassDbAuthentication.php");
|
||||||
|
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
|
||||||
|
$user = $authobj->authenticate($login, $pwd);
|
||||||
|
} /* }}} */
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If the user is still not authenticated, then exit with an error */
|
||||||
|
if(!is_object($user)) {
|
||||||
|
/* if counting of login failures is turned on, then increment its value */
|
||||||
|
if($settings->_loginFailure) {
|
||||||
|
$user = $dms->getUserByLogin($login);
|
||||||
|
if($user) {
|
||||||
|
$failures = $user->addLoginFailure();
|
||||||
|
if($failures >= $settings->_loginFailure)
|
||||||
|
$user->setDisabled(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$this->callHook('loginFailed');
|
||||||
|
$this->setErrorMsg("login_error_text");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return self::_finalize($user);
|
||||||
|
|
||||||
|
} /* }}} */
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user