-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathauth.php
134 lines (106 loc) · 4.57 KB
/
auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
/**
* django auth backend
*
* Uses external trust mechanism to check against a django session id
* Needs to run python3 to extract user from session data
*
* @author Andreas Gohr <[email protected]>
* @author Michael Luggen <michael.luggen at unifr.ch>
* @author Robert Czechowski <zgtm at zgtm.de>
*/
define('DOKU_AUTH', dirname(__FILE__));
define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
class auth_plugin_authdjango extends DokuWiki_Auth_Plugin {
var $dbh = null; // db handle
/**
* Constructor.
*
* Sets additional capabilities and config strings
* @author Michael Luggen <michael.luggen at rhone.ch>
* @author Robert Czechowski <zgtm at zgtm.de>
*/
function auth_plugin_authdjango(){
global $config_cascade;
global $dbh;
$this->cando['external'] = true;
$this->cando['getGroups'] = true;
$this->cando['logout'] = false;
try {
// Connecting, selecting database
if ($this->getConf('protocol') == 'sqlite') {
$this->dbh = new PDO('sqlite:' . $this->getConf('server'));
}
else {
$this->dbh = new PDO($this->getConf('protocol') . ':host=' . $this->getConf('server') . ';dbname=' . $this->getConf('db'), $this->getConf('user'), $this->getConf('password'));
}
} catch (PDOException $e) {
msg("Can not connect to database!", -1);
$this->success = false;
}
$this->success = true;
}
function trustExternal($user,$pass,$sticky=false){
global $USERINFO;
global $conf;
global $dbh;
$sticky ? $sticky = true : $sticky = false; //sanity check
/**
* Just checks against the django sessionid variable,
* gets user info from django-database
*/
if (isset($_COOKIE['sessionid']) && $this->dbh) {
$s_id = $_COOKIE['sessionid'];
// Look the cookie up in the db
$query = 'SELECT session_data FROM django_session WHERE session_key=' . $this->dbh->quote($s_id) . ' LIMIT 1;';
$result = $this->dbh->query($query) or die('Query failed1: ' . $this->dbh->errorInfo());
$ar = $result->fetch(PDO::FETCH_ASSOC);
$session_data = $ar['session_data'];
// TODO: $session_data can now be empty if the session does not exist in database, handle correctly instead of just dying
//decrypting the session_data
$session_json = preg_split('/:/', base64_decode($session_data), 2)[1];
$userid = json_decode($session_json, true)['_auth_user_id'];
$query2 = 'SELECT username, first_name, last_name, email FROM auth_user WHERE id=' . $this->dbh->quote($userid) . ' LIMIT 1;';
$result2 = $this->dbh->query($query2) or die('Query failed2: ' . print_r($this->dbh->errorInfo()));
$user = $result2->fetch(PDO::FETCH_ASSOC);
$username = $user['username'];
$userfullname = $user['first_name'] . " " . $user['last_name'];
$useremail = $user['email'];
// okay we're logged in - set the globals
$groups = $this->_getUserGroups($username);
$USERINFO['name'] = $username;
$USERINFO['pass'] = '';
$USERINFO['mail'] = $useremail;
$groups[] = 'user';
$USERINFO['grps'] = $groups;
$_SERVER['REMOTE_USER'] = $username;
$_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
return true;
}
return false;
}
function _getUserGroups($user){
$query = 'SELECT auth_group.name FROM auth_user, auth_user_groups, auth_group where auth_user.username = ' . $this->dbh->quote($user) . ' AND auth_user.id = auth_user_groups.user_id AND auth_user_groups.group_id = auth_group.id;';
$result = $this->dbh->query($query) or die('Query failed3: ' . $this->dbh->errorInfo());
$a = 0;
foreach ($result as $row) {
$groups[$a] = $row[0];
$a++;
};
return $groups;
}
function retrieveGroups($start=0,$limit=0){
$query = 'SELECT auth_group.name FROM auth_group';
$result = $this->dbh->query($query) or die('Query failed4: ' . $this->dbh->errorInfo());
$a = 0;
foreach ($result as $row) {
$groups[$a] = $row[0];
$a++;
};
return $groups;
}
function __destruct() {
$this->dbh = null;
}
}