Overview

Packages

  • awl
    • AuthPlugin
    • AwlDatabase
    • Browser
    • classEditor
    • DataEntry
    • DataUpdate
    • EMail
    • iCalendar
    • MenuSet
    • PgQuery
    • Session
    • Translation
    • User
    • Utilities
    • Validation
    • vCalendar
    • vComponent
    • XMLDocument
    • XMLElement
  • None
  • PHP

Classes

  • AuthPlugin

Functions

  • auth_external
  • auth_other_awl
  • Overview
  • Package
  • Function
  • Tree
  • Deprecated
  • Todo
  1: <?php
  2: /**
  3: * The authentication handling plugins can be used by the Session class to
  4: * provide authentication.
  5: *
  6: * Each authenticate hook needs to:
  7: *   - Accept a username / password
  8: *   - Confirm the username / password are correct
  9: *   - Create (or update) a 'usr' record in our database
 10: *   - Return the 'usr' record as an object
 11: *   - Return === false when authentication fails
 12: *
 13: * It can expect that:
 14: *   - Configuration data will be in $c->authenticate_hook['config'], which might be an array, or whatever is needed.
 15: *
 16: * In order to be called:
 17: *   - This file should be included
 18: *   - $c->authenticate_hook['call'] should be set to the name of the plugin
 19: *   - $c->authenticate_hook['config'] should be set up with any configuration data for the plugin
 20: *
 21: * @package   awl
 22: * @subpackage   AuthPlugin
 23: * @author    Andrew McMillan <andrew@mcmillan.net.nz>
 24: * @copyright Catalyst IT Ltd, Morphoss Ltd <http://www.morphoss.com/>
 25: * @license   http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
 26: */
 27: 
 28: require_once('AWLUtilities.php');
 29: require_once('DataUpdate.php');
 30: 
 31: /**
 32: * Authenticate against a different PostgreSQL database which contains a usr table in
 33: * the AWL format.
 34: *
 35: * @package   awl
 36: */
 37: function auth_other_awl( $username, $password ) {
 38:   global $c;
 39: 
 40:   $authconn = pg_Connect($c->authenticate_hook['config']['connection']);
 41:   if ( ! $authconn ) {
 42:     echo <<<EOERRMSG
 43:   <html><head><title>Database Connection Failure</title></head><body>
 44:   <h1>Database Error</h1>
 45:   <h3>Could not connect to PostgreSQL database</h3>
 46:   </body>
 47:   </html>
 48: EOERRMSG;
 49:     exit(1);
 50:   }
 51: 
 52:   if ( isset($c->authenticate_hook['config']['columns']) )
 53:     $cols = $c->authenticate_hook['config']['columns'];
 54:   else
 55:     $cols = "*";
 56: 
 57:   if ( isset($c->authenticate_hook['config']['where']) )
 58:     $andwhere = " AND ".$c->authenticate_hook['config']['where'];
 59:   else
 60:     $andwhere = "";
 61: 
 62:   $qry = new AwlQuery("SELECT $cols FROM usr WHERE lower(username) = text(?) $andwhere", strtolower($username) );
 63:   $qry->SetConnection($authconn);
 64:   if ( $qry->Exec('Login',__LINE,__FILE__) && $qry->rows() == 1 ) {
 65:     $usr = $qry->Fetch();
 66:     if ( session_validate_password( $password, $usr->password ) ) {
 67: 
 68:       $qry = new AwlQuery("SELECT * FROM usr WHERE user_no = $usr->user_no;" );
 69:       if ( $qry->Exec('Login',__LINE,__FILE__) && $qry->rows() == 1 )
 70:         $type = "UPDATE";
 71:       else
 72:         $type = "INSERT";
 73: 
 74:       $qry = new AwlQuery( sql_from_object( $usr, $type, 'usr', "WHERE user_no=$usr->user_no" ) );
 75:       $qry->Exec('Login',__LINE__,__FILE__);
 76: 
 77:       /**
 78:       * We disallow login by inactive users _after_ we have updated the local copy
 79:       */
 80:       if ( isset($usr->active) && $usr->active == 'f' ) return false;
 81: 
 82:       return $usr;
 83:     }
 84:   }
 85: 
 86:   return false;
 87: 
 88: }
 89: 
 90: 
 91: /**
 92: * Authentication has already happened.  We know the username, we just need
 93: * to do the authorisation / access control.  The password is ignored.
 94: *
 95: * @package   awl
 96: */
 97: function auth_external( $username, $password ) {
 98:   global $c;
 99: 
100:   $qry = new AwlQuery("SELECT * FROM usr WHERE active AND lower(username) = text(?) ", strtolower($username) );
101:   if ( $qry->Exec('Login',__LINE__,__FILE__) && $qry->rows() == 1 ) {
102:     $usr = $qry->Fetch();
103:     return $usr;
104:   }
105: 
106:   return false;
107: 
108: }
109: 
110: 
111: 
AWL API documentation generated by ApiGen 2.8.0