mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-10-04 15:12:30 +00:00
59 lines
1.6 KiB
PHP
59 lines
1.6 KiB
PHP
<?php
|
||
/**
|
||
* Implementation of user authentication
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @license GPL 2
|
||
* @version @version@
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright Copyright (C) 2010-2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
|
||
require_once "inc.ClassAuthentication.php";
|
||
|
||
/**
|
||
* Abstract class to authenticate user against ѕeeddms database
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright Copyright (C) 2010-2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
|
||
|
||
/**
|
||
* Do Authentication
|
||
*
|
||
* @param string $username
|
||
* @param string $password
|
||
* @return object|boolean user object if authentication was successful otherwise false
|
||
*/
|
||
public function authenticate($username, $password) { /* {{{ */
|
||
$settings = $this->settings;
|
||
$dms = $this->dms;
|
||
|
||
// Try to find user with given login.
|
||
if($user = $dms->getUserByLogin($username)) {
|
||
$userid = $user->getID();
|
||
|
||
// Check if password matches (if not a guest user)
|
||
// Assume that the password has been sent via HTTP POST. It would be careless
|
||
// (and dangerous) for passwords to be sent via GET.
|
||
if (!seed_pass_verify($password, $user->getPwd())) {
|
||
/* if counting of login failures is turned on, then increment its value */
|
||
if($settings->_loginFailure) {
|
||
$failures = $user->addLoginFailure();
|
||
if($failures >= $settings->_loginFailure)
|
||
$user->setDisabled(true);
|
||
}
|
||
$user = false;
|
||
}
|
||
}
|
||
|
||
return $user;
|
||
} /* }}} */
|
||
}
|