nearly there with auth integration

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@627 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
cweiske 2010-02-02 19:27:03 +00:00
parent 6f7316e421
commit b74c17f1b5
2 changed files with 262 additions and 0 deletions

View file

@ -661,4 +661,48 @@ $avahiServiceFilePrefix = 'semanticscuttle-';
*/
$avahiTagName = 'zeroconf';
/**
* Array of key value pairs to override service class names.
* Key is the old service name ("User"), value the new class
* name.
*
* @var array
*/
$serviceoverrides = array();
/****************************
* External user authentication
*/
/**
* Type of external authentication via PEAR Auth
* To use this, you also need to set
* $serviceoverrides['User'] = 'SemanticScuttle_Service_AuthUser';
*
* @link http://pear.php.net/manual/en/package.authentication.auth.intro-storage.php
*
* @var string
*/
$authType = null;
/**
* Options for external authentication via PEAR Auth
*
* @link http://pear.php.net/manual/en/package.authentication.auth.intro.php
*
* @var array
*/
$authOptions = null;
/**
* Enable debugging for PEAR Authentication
*
* @var boolean
*/
$authDebug = false;
?>

View file

@ -0,0 +1,218 @@
<?php
/**
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once 'Auth.php';
require_once 'SemanticScuttle/Service/User.php';
/**
* SemanticScuttle extendet user management service utilizing
* the PEAR Auth package to enable authentication against
* different services, i.e. LDAP or other databases.
*
* Requires the Log packages for debugging purposes.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Christian Weiske <cweiske@cweiske.de>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
class SemanticScuttle_Service_AuthUser extends SemanticScuttle_Service_User
{
/**
* PEAR Auth instance
*
* @var Auth
*/
protected $auth = null;
/**
* If we want to debug authentication process
*
* @var boolean
*/
protected $authdebug = false;
/**
* Authentication type (i.e. LDAP)
*
* @var string
*
* @link http://pear.php.net/manual/en/package.authentication.auth.intro-storage.php
*/
var $authtype = null;
/**
* Authentication options
*
* @var array
*
* @link http://pear.php.net/manual/en/package.authentication.auth.intro.php
*/
var $authoptions = null;
/**
* Returns the single service instance
*
* @param sql_db $db Database object
*
* @return SemanticScuttle_Service_AuthUser
*/
public static function getInstance($db)
{
static $instance;
if (!isset($instance)) {
$instance = new self($db);
}
return $instance;
}
/**
* Create new instance
*
* @var sql_db $db Database object
*/
protected function __construct($db)
{
parent::__construct($db);
$this->authtype = $GLOBALS['authType'];
$this->authoptions = $GLOBALS['authOptions'];
$this->authdebug = $GLOBALS['authDebug'];
//FIXME: throw error when no authtype set?
if (!$this->authtype) {
return;
}
require_once 'Auth.php';
$this->auth = new Auth($this->authtype, $this->authoptions);
//FIXME: check if it worked (i.e. db connection)
if ($this->authdebug) {
require_once 'Log.php';
$this->auth->logger = Log::singleton(
'display', '', '', array(), PEAR_LOG_DEBUG
);
$this->auth->enableLogging = true;
}
$this->auth->setShowLogin(false);
}
/**
* Return current user id based on session or cookie
*
* @return mixed Integer user id or boolean false when user
* could not be found or is not logged on.
*/
public function getCurrentUserId()
{
if (!$this->auth) {
return parent::getCurrentUserId();
}
//FIXME: caching?
$name = $this->auth->getUsername();
if (!$name) {
return false;
}
return $this->getIdFromUser($name);
}
/**
* Try to authenticate and login a user with
* username and password.
*
* @param string $username Name of user
* @param string $password Password
* @param boolean $remember If a long-time cookie shall be set
*
* @return boolean True if the user could be authenticated,
* false if not.
*/
public function login($username, $password, $remember = false)
{
if (!$this->auth) {
return parent::login($username, $password, $remember);
}
$ok = $this->loginAuth($username, $password);
$password = $this->sanitisePassword($password);
$id = $this->getIdFromUser($username);
//FIXME: check against auth
}
/**
* Uses PEAR's Auth class to authenticate the user against a container.
* This allows us to use LDAP, a different database or some other
* external system.
*
* @param string $username Username to check
* @param string $password Password to check
*
* @return boolean If the user has been authenticated or not
*/
public function loginAuth($username, $password)
{
$this->auth->post = array(
'username' => $username,
'password' => $password,
);
$this->auth->start();
if (!$this->auth->checkAuth()) {
return false;
}
//put user in database
if (!$this->getUserByUsername($username)) {
$this->addUser(
$username, $password,
$username . '@' . $GLOBALS['authemaildomain']
);
}
//FIXME: what if the user changed his password?
//FIXME: what if the user does not need an email domain?
return true;
}
/**
* Logs the current user out of the system.
*
* @return void
*/
public function logout()
{
parent::logout();
if ($this->auth) {
$this->auth->logout();
$this->auth = null;
}
}
}
?>