add authentication service

This commit is contained in:
Uwe Steinmann 2022-11-28 21:40:42 +01:00
parent 28a4a24613
commit f7ebe88822
5 changed files with 137 additions and 0 deletions

View File

@ -35,6 +35,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
$dms = $this->params['dms'];
$settings = $this->params['settings'];
$session = $this->params['session'];
$authenticator = $this->params['authenticator'];
$source = isset($this->params['source']) ? $this->params['source'] : '';
$sesstheme = $this->getParam('sesstheme');
$referuri = $this->getParam('referuri');
@ -98,6 +99,9 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
}
}
$user = $authenticator->authenticate($login, $pwd);
if(0) {
/* Authenticate against LDAP server {{{ */
if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php");
@ -114,6 +118,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
$user = $authobj->authenticate($login, $pwd);
} /* }}} */
}
/* If the user is still not authenticated, then exit with an error */
if(!is_object($user)) {

View File

@ -0,0 +1,42 @@
<?php
/**
* Create authentication service
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2002-2005 Markus Westphal,
* 2006-2008 Malcolm Cowe, 2010-2022 Uwe Steinmann
* @version Release: @package_version@
*/
require_once('inc.ClassAuthenticationService.php');
require_once('inc.ClassDbAuthentication.php');
require_once('inc.ClassLdapAuthentication.php');
global $logger;
$authenticator = new SeedDMS_AuthenticationService($logger, $settings);
if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
if(method_exists($authenticationObj, 'preAddService')) {
$authenticationObj->preAddService($dms, $authenticator);
}
}
}
$authenticator->addService(new SeedDMS_DbAuthentication($dms, $settings), 'db');
if(isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
$authenticator->addService(new SeedDMS_LdapAuthentication($dms, $settings), 'ldap');
}
if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
if(method_exists($authenticationObj, 'postAddService')) {
$authenticationObj->postAddService($dms, $authenticator);
}
}
}

View File

@ -0,0 +1,88 @@
<?php
/**
* Implementation of authentication service
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Implementation of authentication service
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_AuthenticationService {
/**
* List of services for authenticating user
*/
protected $services;
/*
* List of servives with errors
*/
protected $errors;
/*
* Service for logging
*/
protected $logger;
/*
* Configuration
*/
protected $settings;
public function __construct($logger = null, $settings = null) { /* {{{ */
$this->services = array();
$this->errors = array();
$this->logger = $logger;
$this->settings = $settings;
} /* }}} */
public function addService($service, $name='') { /* {{{ */
if(!$name)
$name = md5(uniqid());
$this->services[$name] = $service;
$this->errors[$name] = true;
} /* }}} */
public function getServices() { /* {{{ */
return $this->services;
} /* }}} */
public function getErrors() { /* {{{ */
return $this->errors;
} /* }}} */
public function authenticate($username, $password) { /* {{{ */
$user = null;
foreach($this->services as $name => $service) {
$this->logger->log('Authentication service \''.$name.'\'', PEAR_LOG_INFO);
$user = $service->authenticate($username, $password);
if($user === false) {
$this->errors[$name] = false;
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' failed.', PEAR_LOG_ERR);
return false;
} elseif($user === null) {
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' disregarded.', PEAR_LOG_ERR);
} else {
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' successful.', PEAR_LOG_INFO);
$this->errors[$name] = true;
return $user;
}
}
return $user;
} /* }}} */
}

View File

@ -68,3 +68,4 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {
require_once("inc.ConversionInit.php");
require_once('inc.FulltextInit.php');
require_once('inc.AuthenticationInit.php');

View File

@ -89,6 +89,7 @@ $controller->setParam('lang', $lang);
$controller->setParam('sesstheme', $sesstheme);
$controller->setParam('referuri', $referuri);
$controller->setParam('session', $session);
$controller->setParam('authenticator', $authenticator);
if(!$controller()) {
$session = null;
add_log_line("login failed", PEAR_LOG_ERR);