Modularize authentication system

This allows to easily add LDAP and other support.

Signed-off-by: Florian Pritz <bluewind@xinu.at>

2 files changed, 157 insertions, 0 deletions

diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php
new file mode 100644
index 000000000..c06f4f723
--- /dev/null
+++ b/application/libraries/Duser/Duser.php
@@ -0,0 +1,94 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under GPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+abstract class Duser_Driver extends CI_Driver {
+
+	// List of optional functions or function group that are implemented
+	//
+	// Possible values are names of functions already implemented in this
+	// abstract class or the function groups listed below.
+	//
+	// Possible function groups are:
+	//  - can_register_new_users
+	//  - can_reset_password
+	public $optional_functions = array();
+
+	/*
+	 * The array should contain the following keys:
+	 *  - username VARCHAR
+	 *  - userid INT > 0
+	 *
+	 * @return mixed array on success, false on failure
+	 */
+	abstract public function login($username, $password);
+
+	public function username_exists($username) {
+		return false;
+	}
+}
+
+class Duser extends CI_Driver_Library {
+
+	protected $_adapter = null;
+
+	protected $valid_drivers = array(
+		'duser_db'
+	);
+
+	function __construct()
+	{
+		// TODO: read config
+		$this->_adapter = 'db';
+	}
+
+	// require an optional function to be implemented
+	public function require_implemented($function) {
+		if (!$this->is_implemented($function)) {
+			show_error(""
+				."Optional function '".$function."' not implemented in user adapter '".$this->_adapter."'. "
+				."Requested functionally unavailable.");
+		}
+	}
+
+	// check if an optional function is implemented
+	public function is_implemented($function) {
+		if (in_array($function, $this->{$this->_adapter}->optional_functions)) {
+			return true;
+		}
+
+		return false;
+	}
+
+	public function login($username, $password)
+	{
+		$login_info = $this->{$this->_adapter}->login($username, $password);
+		if ($login_info === false) {
+			return false;
+		}
+
+		$CI =& get_instance();
+
+		$CI->session->set_userdata('logged_in', true);
+		$CI->session->set_userdata('username', $login_info["username"]);
+		$CI->session->set_userdata('userid', $login_info["userid"]);
+
+		return true;
+	}
+
+	public function username_exists($username)
+	{
+		$this->require_implemented(__FUNCTION__);
+
+		if ($username === false) {
+			return false;
+		}
+
+		return $this->{$this->_adapter}->username_exists($username);
+	}
+}
diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php
new file mode 100644
index 000000000..806b0d150
--- /dev/null
+++ b/application/libraries/Duser/drivers/Duser_db.php
@@ -0,0 +1,63 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under GPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Duser_db extends Duser_Driver {
+
+	public $optional_functions = array(
+		'username_exists',
+		'can_reset_password',
+		'can_register_new_users'
+	);
+
+	public function login($username, $password)
+	{
+		$CI =& get_instance();
+
+		$query = $CI->db->query('
+			SELECT username, id, password
+			FROM `users`
+			WHERE `username` = ?
+			', array($username))->row_array();
+
+		if (!isset($query["username"]) || $query["username"] !== $username) {
+			return false;
+		}
+
+		if (!isset($query["password"])) {
+			return false;
+		}
+
+		if (crypt($password, $query["password"]) === $query["password"]) {
+			return array(
+				"username" => $username,
+				"userid" => $query["id"]
+			);
+		} else {
+			return false;
+		}
+	}
+
+	public function username_exists($username)
+	{
+		$CI =& get_instance();
+
+		$query = $CI->db->query("
+			SELECT id
+			FROM users
+			WHERE username = ?
+			", array($username));
+
+		if ($query->num_rows() > 0) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+}