mtrack /inc/auth/mtrack.php

Language PHP Lines 122
MD5 Hash ed5aeff14cdfa334bd6e5f392230705f Estimated Cost $2,156 (why?)
Repository https://bitbucket.org/yoander/mtrack View Raw File View Project SPDX
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php # vim:ts=2:sw=2:et:
/* For licensing and copyright terms, see the file named LICENSE */

/* mtrack locally maintained authentication */

class MTrackAuth_MTrack implements IMTrackAuth, IMTrackNavigationHelper {
  function __construct() {
    MTrackAuth::registerMech($this);
    MTrackNavigation::registerHelper($this);
  }

  function augmentUserInfo(&$content) {
    if (MTrackAuth::whoami() == 'anonymous' && !$this->authenticate()) {
      $content = "<a href='$GLOBALS[ABSWEB]auth/'>Log In</a>";
    }
  }

  function augmentNavigation($id, &$items) {
  }

  /* If we're running under the REST bits, we may want to use HTTP
   * auth instead of cookies.
   *
   * if we've already got a session, and it is not empty,
   * we assume that the session was started via browser based auth,
   * or by some cookie aware client.
   *
   * Otherwise, we want to use HTTP auth
   */
  function shouldUseHTTPAuth() {
    if (defined('MTRACK_IS_REST_API')) {
      if (isset($_COOKIE[session_name()])) {
        /* client sent us a cookie */
        return false;
      }
      return true;
    }
    return false;
  }

  function authenticate() {
    if ($this->shouldUseHTTPAuth()) {
      if (isset($_SERVER['PHP_AUTH_USER'])) {
        $user = MTrackUser::loadUser($_SERVER['PHP_AUTH_USER'], true);
        if (!$user) {
          return null;
        }
        if ($user->verifyPassword($_SERVER['PHP_AUTH_PW'])) {
          return $user->userid;
        }
      }
      return null;
    } 

    if (!strlen(session_id()) && php_sapi_name() != 'cli') {
      session_start();
    }

    if (isset($_SESSION['auth.mtrack'])) {
      return $_SESSION['auth.mtrack'];
    }
    return null;
  }

  function doAuthenticate($force = false) {
    if (defined('MTRACK_IS_REST_API')) {
      if ($this->shouldUseHTTPAuth()) {
        header("WWW-Authenticate: Basic realm=\"$_SERVER[SERVER_NAME]\"");
        exit;
      }
    }
    if ($force) {
      if ($this->shouldUseHTTPAuth()) {
        header("WWW-Authenticate: Basic realm=\"$_SERVER[SERVER_NAME]\"");
      } else {
        header("Location: $GLOBALS[ABSWEB]auth/");
      }
      exit;
    }
    return null;
  }

  function enumGroups() {
    return null;
  }

  function getGroups($username) {
    return null;
  }

  function addToGroup($username, $groupname)
  {
    return null;
  }

  function removeFromGroup($username, $groupname)
  {
    return null;
  }

  function getUserData($username) {
    return null;
  }

  function canLogOut() {
    return true;
  }

  function LogOut() {
    if (isset($_COOKIE[session_name()])) {
      if (!session_id()) session_start();
      if (isset($_SESSION['auth.mtrack'])) {
        session_destroy();
        header('Location: ' . $GLOBALS['ABSWEB']);
        exit;
      }
    }
  }

}
Back to Top