diff options
author | Florian Pritz <bluewind@xinu.at> | 2013-01-30 22:31:11 +0100 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2013-01-30 22:31:11 +0100 |
commit | f8ac2f6582001bfa3b42ac4fbdc77ff97137a8f8 (patch) | |
tree | cc6979a56bd458546582b7da3c69bf0ec5f8af82 /application | |
parent | e8d30fa25470f3912c0d4e8629fc7b764aae1c72 (diff) |
Modularize authentication system
This allows to easily add LDAP and other support.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r-- | application/controllers/user.php | 4 | ||||
-rw-r--r-- | application/libraries/Duser/Duser.php | 94 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_db.php | 63 | ||||
-rw-r--r-- | application/models/muser.php | 40 |
4 files changed, 164 insertions, 37 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php index 1562ae9fd..50eb1b363 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -74,6 +74,7 @@ class User extends CI_Controller { function create_invitation_key() { + $this->duser->require_implemented("can_register_new_users"); $this->muser->require_access(); $userid = $this->muser->get_userid(); @@ -103,6 +104,7 @@ class User extends CI_Controller { function invite() { + $this->duser->require_implemented("can_register_new_users"); $this->muser->require_access(); $userid = $this->muser->get_userid(); @@ -123,6 +125,7 @@ class User extends CI_Controller { function register() { + $this->duser->require_implemented("can_register_new_users"); $key = $this->uri->segment(3); $process = $this->input->post("process"); $values = array( @@ -195,6 +198,7 @@ class User extends CI_Controller { // This routes the different steps of a password reset function reset_password() { + $this->duser->require_implemented("can_reset_password"); $key = $this->uri->segment(3); if ($_SERVER["REQUEST_METHOD"] == "GET" && $key === false) { diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php new file mode 100644 index 000000000..c06f4f723 --- /dev/null +++ b/application/libraries/Duser/Duser.php @@ -0,0 +1,94 @@ +<?php +/* + * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under GPLv3 + * (see COPYING for full license text) + * + */ + +abstract class Duser_Driver extends CI_Driver { + + // List of optional functions or function group that are implemented + // + // Possible values are names of functions already implemented in this + // abstract class or the function groups listed below. + // + // Possible function groups are: + // - can_register_new_users + // - can_reset_password + public $optional_functions = array(); + + /* + * The array should contain the following keys: + * - username VARCHAR + * - userid INT > 0 + * + * @return mixed array on success, false on failure + */ + abstract public function login($username, $password); + + public function username_exists($username) { + return false; + } +} + +class Duser extends CI_Driver_Library { + + protected $_adapter = null; + + protected $valid_drivers = array( + 'duser_db' + ); + + function __construct() + { + // TODO: read config + $this->_adapter = 'db'; + } + + // require an optional function to be implemented + public function require_implemented($function) { + if (!$this->is_implemented($function)) { + show_error("" + ."Optional function '".$function."' not implemented in user adapter '".$this->_adapter."'. " + ."Requested functionally unavailable."); + } + } + + // check if an optional function is implemented + public function is_implemented($function) { + if (in_array($function, $this->{$this->_adapter}->optional_functions)) { + return true; + } + + return false; + } + + public function login($username, $password) + { + $login_info = $this->{$this->_adapter}->login($username, $password); + if ($login_info === false) { + return false; + } + + $CI =& get_instance(); + + $CI->session->set_userdata('logged_in', true); + $CI->session->set_userdata('username', $login_info["username"]); + $CI->session->set_userdata('userid', $login_info["userid"]); + + return true; + } + + public function username_exists($username) + { + $this->require_implemented(__FUNCTION__); + + if ($username === false) { + return false; + } + + return $this->{$this->_adapter}->username_exists($username); + } +} diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php new file mode 100644 index 000000000..806b0d150 --- /dev/null +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -0,0 +1,63 @@ +<?php +/* + * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under GPLv3 + * (see COPYING for full license text) + * + */ + +class Duser_db extends Duser_Driver { + + public $optional_functions = array( + 'username_exists', + 'can_reset_password', + 'can_register_new_users' + ); + + public function login($username, $password) + { + $CI =& get_instance(); + + $query = $CI->db->query(' + SELECT username, id, password + FROM `users` + WHERE `username` = ? + ', array($username))->row_array(); + + if (!isset($query["username"]) || $query["username"] !== $username) { + return false; + } + + if (!isset($query["password"])) { + return false; + } + + if (crypt($password, $query["password"]) === $query["password"]) { + return array( + "username" => $username, + "userid" => $query["id"] + ); + } else { + return false; + } + } + + public function username_exists($username) + { + $CI =& get_instance(); + + $query = $CI->db->query(" + SELECT id + FROM users + WHERE username = ? + ", array($username)); + + if ($query->num_rows() > 0) { + return true; + } else { + return false; + } + } + +} diff --git a/application/models/muser.php b/application/models/muser.php index c277118f2..d13e0662a 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -17,6 +17,7 @@ class Muser extends CI_Model { } $this->load->helper("filebin"); + $this->load->driver("duser"); } function has_session() @@ -56,28 +57,7 @@ class Muser extends CI_Model { function login($username, $password) { $this->require_session(); - $query = $this->db->query(' - SELECT username, id, password - FROM `users` - WHERE `username` = ? - ', array($username))->row_array(); - - if (!isset($query["username"]) || $query["username"] !== $username) { - return false; - } - - if (!isset($query["password"])) { - return false; - } - - if (crypt($password, $query["password"]) === $query["password"]) { - $this->session->set_userdata('logged_in', true); - $this->session->set_userdata('username', $username); - $this->session->set_userdata('userid', $query["id"]); - return true; - } else { - return false; - } + return $this->duser->login($username, $password); } function logout() @@ -127,21 +107,7 @@ class Muser extends CI_Model { function username_exists($username) { - if ($username === false) { - return false; - } - - $query = $this->db->query(" - SELECT id - FROM users - WHERE username = ? - ", array($username)); - - if ($query->num_rows() > 0) { - return true; - } else { - return false; - } + return $this->duser->username_exists($username); } function get_action($action, $key) |