From 29422fa55379aa61a61019b832c83dab6d450264 Mon Sep 17 00:00:00 2001
From: cweiske
Date: Sat, 3 Oct 2009 14:00:33 +0000
Subject: move files to new locations

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@386 b3834d28-1941-0410-a4f8-b48e95affb8f
---
 www/api/httpauth.inc.php | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 www/api/httpauth.inc.php

(limited to 'www/api/httpauth.inc.php')

diff --git a/www/api/httpauth.inc.php b/www/api/httpauth.inc.php
new file mode 100644
index 0000000..5dd7444
--- /dev/null
+++ b/www/api/httpauth.inc.php
@@ -0,0 +1,33 @@
+<?php
+require_once('../header.inc.php');
+
+//  Provides HTTP Basic authentication of a user, and sets two variables, sId and username,
+//  with the user's info.
+
+function authenticate() {
+	header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
+	header('HTTP/1.0 401 Unauthorized');
+
+	die(T_("Use of the API calls requires authentication."));
+}
+
+if(!$userservice->isLoggedOn()) {
+	/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
+	 ( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
+	if((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
+	&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
+		list($name, $password) = explode(':', base64_decode($matches[1]));
+		$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+		$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+	}
+
+	if (!isset($_SERVER['PHP_AUTH_USER'])) {
+		authenticate();
+	} else {
+		$login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+		if (!$login) {
+			authenticate();
+		}
+	}
+}
+?>
-- 
cgit v1.2.3-54-g00ecf