SemanticScuttle/www/api/httpauth.inc.php

59 lines
1.9 KiB
PHP
Raw Normal View History

<?php
/**
* Checks if the user is logged on and sends a HTTP basic auth
* request to the browser if not. In that case the script ends.
* If username and password are available, the user service's
* login method is used to log the user in.
*
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once '../www-header.php';
/**
* Sends HTTP auth headers to the browser
*/
function authenticate()
{
header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
header('HTTP/1.0 401 Unauthorized');
die(T_("Use of the API calls requires authentication."));
}
if (!$userservice->isLoggedOn()) {
/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
if ((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
&& isset($_SERVER['REMOTE_USER'])
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)
) {
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
if (!isset($_SERVER['PHP_AUTH_USER'])) {
authenticate();
} else {
$login = $userservice->login(
$_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
);
if ($login) {
$currentUser = $userservice->getCurrentObjectUser();
} else {
authenticate();
}
}
}
?>