gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 07:04:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add constructor, authenticate() returns null if authentication fails

Browse Source
This commit is contained in:
Uwe Steinmann 2022-11-28 21:36:40 +01:00
parent 0f0ba03449
commit 28a4a24613
2 changed files with 22 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
inc/inc.ClassDbAuthentication.php
View File

@ -24,6 +24,15 @@ require_once "inc.ClassAuthentication.php";
*/ */
class SeedDMS_DbAuthentication extends SeedDMS_Authentication { class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
var $dms;
var $settings;
public function __construct($dms, $settings) { /* {{{ */
$this->dms = $dms;
$this->settings = $settings;
} /* }}} */
/** /**
* Do Authentication * Do Authentication
* *
@ -32,18 +41,15 @@ class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
* @return object|boolean user object if authentication was successful otherwise false * @return object|boolean user object if authentication was successful otherwise false
*/ */
public function authenticate($username, $password) { /* {{{ */ public function authenticate($username, $password) { /* {{{ */
$settings = $this->settings;
$dms = $this->dms; $dms = $this->dms;
// Try to find user with given login. // Try to find user with given login.
if($user = $dms->getUserByLogin($username)) { if($user = $dms->getUserByLogin($username)) {
$userid = $user->getID(); $userid = $user->getID();
// Check if password matches (if not a guest user) // Check if password matches
// Assume that the password has been sent via HTTP POST. It would be careless
// (and dangerous) for passwords to be sent via GET.
if (!seed_pass_verify($password, $user->getPwd())) { if (!seed_pass_verify($password, $user->getPwd())) {
$user = false; $user = null;
} }
} }

13
inc/inc.ClassLdapAuthentication.php
View File

@ -24,6 +24,15 @@ require_once "inc.ClassAuthentication.php";
*/ */
class SeedDMS_LdapAuthentication extends SeedDMS_Authentication { class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
var $dms;
var $settings;
public function __construct($dms, $settings) { /* {{{ */
$this->dms = $dms;
$this->settings = $settings;
} /* }}} */
/** /**
* Do ldap authentication * Do ldap authentication
* *
@ -84,7 +93,7 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
$bind = @ldap_bind($ds); $bind = @ldap_bind($ds);
} }
$dn = false; $dn = false;
/* If bind succeed, then get the dn of for the user */ /* If bind succeed, then get the dn of the user */
if ($bind) { if ($bind) {
if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) { if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$username.")".$settings->_ldapFilter.")"); $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$username.")".$settings->_ldapFilter.")");
@ -106,7 +115,7 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
$dn = $tmpDN; $dn = $tmpDN;
} }
/* No do the actual authentication of the user */ /* Now do the actual authentication of the user */
$bind = @ldap_bind($ds, $dn, $password); $bind = @ldap_bind($ds, $dn, $password);
$user = $dms->getUserByLogin($username); $user = $dms->getUserByLogin($username);
if($user === false) { if($user === false) {