diff options
Diffstat (limited to 'application/libraries/Duser/drivers')
-rw-r--r-- | application/libraries/Duser/drivers/Duser_db.php | 79 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_fluxbb.php | 53 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_ldap.php | 79 |
3 files changed, 211 insertions, 0 deletions
diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php new file mode 100644 index 000000000..062da9e54 --- /dev/null +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -0,0 +1,79 @@ +<?php +/* + * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +class Duser_db extends Duser_Driver { + + /* FIXME: If you use this driver as a template, remove can_reset_password + * and can_register_new_users. These features require the DB driver and + * will NOT work with other drivers. + */ + public $optional_functions = array( + 'can_reset_password', + 'can_register_new_users', + 'can_change_email', + 'can_delete_account', + ); + + public function login($username, $password) + { + $CI =& get_instance(); + + $query = $CI->db->select('username, id, password') + ->from('users') + ->where('username', $username) + ->get()->row_array(); + + if (empty($query)) { + return false; + } + + if (password_verify($password, $query['password'])) { + $CI->muser->rehash_password($query['id'], $password, $query['password']); + return array( + "username" => $username, + "userid" => $query["id"] + ); + } else { + return false; + } + } + + public function username_exists($username) + { + $CI =& get_instance(); + + $query = $CI->db->select('id') + ->from('users') + ->where('username', $username) + ->get(); + + if ($query->num_rows() > 0) { + return true; + } else { + return false; + } + } + + public function get_email($userid) + { + $CI =& get_instance(); + + $query = $CI->db->select('email') + ->from('users') + ->where('id', $userid) + ->get()->row_array(); + + if (empty($query)) { + throw new \exceptions\ApiException("libraries/duser/db/get_email-failed", "Failed to get email address from db"); + } + + return $query["email"]; + } + +} diff --git a/application/libraries/Duser/drivers/Duser_fluxbb.php b/application/libraries/Duser/drivers/Duser_fluxbb.php new file mode 100644 index 000000000..1790e830b --- /dev/null +++ b/application/libraries/Duser/drivers/Duser_fluxbb.php @@ -0,0 +1,53 @@ +<?php +/* + * Copyright 2013 Pierre Schmitz <pierre@archlinux.de> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +class Duser_fluxbb extends Duser_Driver { + + private $CI = null; + private $config = array(); + + function __construct() + { + $this->CI =& get_instance(); + $this->config = $this->CI->config->item('auth_fluxbb'); + } + + public function login($username, $password) + { + $query = $this->CI->db->query(' + SELECT username, id + FROM '.$this->config['database'].'.users + WHERE username = ? AND password = ? + ', array($username, sha1($password)))->row_array(); + + if (!empty($query)) { + return array( + 'username' => $query['username'], + 'userid' => $query['id'] + ); + } else { + return false; + } + } + + public function username_exists($username) + { + $query = $this->CI->db->query(' + SELECT id + FROM '.$this->config['database'].'.users + WHERE username = ? + ', array($username)); + + if ($query->num_rows() > 0) { + return true; + } else { + return false; + } + } +} diff --git a/application/libraries/Duser/drivers/Duser_ldap.php b/application/libraries/Duser/drivers/Duser_ldap.php new file mode 100644 index 000000000..9481397d0 --- /dev/null +++ b/application/libraries/Duser/drivers/Duser_ldap.php @@ -0,0 +1,79 @@ +<?php +/* + * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * Contributions by Hannes Rist + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +class Duser_ldap extends Duser_Driver { + // none supported + public $optional_functions = array(); + + // Original source: http://code.activestate.com/recipes/101525-ldap-authentication/ + public function login($username, $password) { + $CI =& get_instance(); + + $config = $CI->config->item("auth_ldap"); + + if ($username == "" || $password == "") { + return false; + } + + $ds = ldap_connect($config['host'],$config['port']); + if ($ds === false) { + return false; + } + + if (isset($config['bind_rdn']) && isset($config['bind_password'])) { + ldap_bind($ds, $config['bind_rdn'], $config['bind_password']); + } + + if (isset($config['filter'])) { + $filter = sprintf($config['filter'], $username); + } else { + $filter = $config["username_field"].'='.$username; + } + + + switch ($config["scope"]) { + case "base": + $r = ldap_read($ds, $config['basedn'], $filter); + break; + case "one": + $r = ldap_list($ds, $config['basedn'], $filter); + break; + case "subtree": + $r = ldap_search($ds, $config['basedn'], $filter); + break; + default: + throw new \exceptions\ApiException("libraries/duser/ldap/invalid-ldap-scope", "Invalid LDAP scope"); + } + if ($r === false) { + return false; + } + + foreach ($config["options"] as $key => $value) { + if (ldap_set_option($ds, $key, $value) === false) { + return false; + } + } + + $result = ldap_get_entries($ds, $r); + if ($result === false || !isset($result[0])) { + return false; + } + + // ignore errors from ldap_bind as it will throw an error if the password is incorrect + if (@ldap_bind($ds, $result[0]['dn'], $password)) { + ldap_unbind($ds); + return array( + "username" => $result[0][$config["username_field"]][0], + "userid" => $result[0][$config["userid_field"]][0] + ); + } + + return false; + } +} |