gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 15:32:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

use authenticator

Browse Source
This commit is contained in:
Uwe Steinmann 2023-01-10 15:43:06 +01:00
parent 244a5da6d8
commit 41b2ae91e1
1 changed files with 1 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
inc/inc.BasicAuthentication.php
View File

@ -18,53 +18,13 @@ require_once("inc.ClassEmailNotify.php");
require_once("inc.ClassSession.php"); require_once("inc.ClassSession.php");
require_once("inc.ClassAccessOperation.php"); require_once("inc.ClassAccessOperation.php");
function __authenticate($username, $password) { /* {{{ */
global $dms, $settings;
$user = false;
/* Authenticate against LDAP server {{{ */
if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php");
$authobj = new SeedDMS_LdapAuthentication($dms, $settings);
$user = $authobj->authenticate($username, $password);
} /* }}} */
/* Authenticate against SeedDMS database {{{ */
else {
require_once("../inc/inc.ClassDbAuthentication.php");
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
$user = $authobj->authenticate($username, $password);
} /* }}} */
if (!$user) {
return false;
}
if (($user->getID() == $settings->_guestID) && (!$settings->_enableGuestLogin)) {
return false;
}
// Check if account is disabled
if($user->isDisabled()) {
return false;
}
// control admin IP address if required
if ($user->isAdmin() && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != "") ){
return false;
}
return $user;
} /* }}} */
if (!isset($_SERVER['PHP_AUTH_USER'])) { if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"'); header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
echo getMLText('cancel_basic_authentication'); echo getMLText('cancel_basic_authentication');
exit; exit;
} else { } else {
if(!($user = __authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) { if(!($user = $authenticator->authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) {
header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"'); header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
echo getMLText('cancel_basic_authentication'); echo getMLText('cancel_basic_authentication');