Source for file auth.coord.php

Documentation is available at auth.coord.php

  1. <?php
  2. /**
  3. @package    jelix
  4. @subpackage coord_plugin
  5. @author     Croes Gérald
  6. @contributor  Laurent Jouanneau, Frédéric Guillot, Antoine Detante, Julien Issler
  7. @copyright  2001-2005 CopixTeam, 2005-2007 Laurent Jouanneau, 2007 Frédéric Guillot, 2007 Antoine Detante
  8. @copyright  2007 Julien Issler
  9. *
  10. *  This class was get originally from an experimental branch of the Copix project
  11. *  (PluginAuth, Copix 2.3dev20050901, http://www.copix.org)
  12. *  Few lines of code are still copyrighted 2001-2005 CopixTeam (LGPL licence).
  13. *  Initial authors of this Copix classes are Gerald Croes and Laurent Jouanneau,
  14. *  and this class was adapted for Jelix by Laurent Jouanneau
  15. *
  16. @licence  http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public Licence, see LICENCE file
  17. */
  18.  
  19. /**
  20.  *
  21.  */
  22. require(JELIX_LIB_PATH.'auth/jAuth.class.php');
  23. require(JELIX_LIB_PATH.'auth/jAuthDummyUser.class.php');
  24.  
  25. /**
  26.  * deprecated class. It is here only for a soft migrating from jelix 1.0b3 to 1.0
  27.  * when a jDummyAuthUser object is stored in a session
  28.  * @deprecated
  29.  */
  30. class jDummyAuthUser extends jAuthUser {
  31. }
  32.  
  33. /**
  34. @package    jelix
  35. @subpackage coord_plugin
  36. */
  37. class AuthCoordPlugin implements jICoordPlugin {
  38.     public $config;
  39.  
  40.     function __construct($conf){
  41.         $this->config = $conf;
  42.  
  43.         if (!isset($this->config['session_name'])
  44.             || $this->config['session_name'== ''){
  45.             $this->config['session_name''JELIX_USER';
  46.         }
  47.     }
  48.  
  49.     /**
  50.      * @param    array  $params   plugin parameters for the current action
  51.      * @return null or jSelectorAct  if action should change
  52.      */
  53.     public function beforeAction ($params){
  54.         $notLogged false;
  55.         $badip false;
  56.         $selector null;
  57.         // Check if auth cookie exist and user isn't logged on
  58.         if (isset($this->config['persistant_enable']&& $this->config['persistant_enable'&& !jAuth::isConnected()) {
  59.             if (isset($this->config['persistant_cookie_name']&& isset($this->config['persistant_crypt_key'])) {
  60.                 $cookieName $this->config['persistant_cookie_name'];
  61.                 if (isset($_COOKIE[$cookieName]['auth']&& strlen($_COOKIE[$cookieName]['auth'])>0{
  62.                     $decrypted jCrypt::decrypt($_COOKIE[$cookieName]['auth'],$this->config['persistant_crypt_key']);
  63.                     $decrypted @unserialize($decrypted);
  64.                     if ($decrypted && is_array($decrypted)) {
  65.                         list($login$password$decrypted;
  66.                         jAuth::login($login,$password);
  67.                     }
  68.                 }
  69.                 if (isset($_COOKIE[$cookieName]['login'])) {
  70.                     // destroy deprecated cookies
  71.                     setcookie($cookieName.'[login]'''time(3600$this->config['persistant_cookie_path']);
  72.                     setcookie($cookieName.'[passwd]'''time(3600$this->config['persistant_cookie_path']);
  73.                 }
  74.             }
  75.             else {
  76.                 throw new jException('jelix~auth.error.persistant.incorrectconfig','persistant_cookie_name, persistant_crypt_key');
  77.             }
  78.         }
  79.         //Do we check the ip ?
  80.         if ($this->config['secure_with_ip']){
  81.             if (isset ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])){
  82.                 $_SESSION['JELIX_AUTH_SECURE_WITH_IP'$this->_getIpForSecure ();
  83.             }else{
  84.                 if (($_SESSION['JELIX_AUTH_SECURE_WITH_IP'!= $this->_getIpForSecure ())){
  85.                     session_destroy ();
  86.                     $selector new jSelectorAct($this->config['bad_ip_action']);
  87.                     $notLogged true;
  88.                     $badip true;
  89.                 }
  90.             }
  91.         }
  92.  
  93.         //Creating the user's object if needed
  94.         if (isset ($_SESSION[$this->config['session_name']])){
  95.             $notLogged true;
  96.             $_SESSION[$this->config['session_name']] new jAuthDummyUser();
  97.         }else{
  98.             $notLogged jAuth::isConnected();
  99.         }
  100.         if(!$notLogged && $this->config['timeout']){
  101.             if(isset($_SESSION['JELIX_AUTH_LASTTIME'])){
  102.                 if((time($_SESSION['JELIX_AUTH_LASTTIME')($this->config['timeout'*60)){
  103.                     $notLogged true;
  104.                     jAuth::logout();
  105.                     unset($_SESSION['JELIX_AUTH_LASTTIME']);
  106.                 }else{
  107.                     $_SESSION['JELIX_AUTH_LASTTIME'time();
  108.                 }
  109.             }else{
  110.                 $_SESSION['JELIX_AUTH_LASTTIME'time();
  111.             }
  112.         }
  113.         $needAuth = isset($params['auth.required']($params['auth.required']==true):$this->config['auth_required'];
  114.         $authok false;
  115.  
  116.         if($needAuth){
  117.             if($notLogged){
  118.                 if($this->config['on_error'== 
  119.                     || !$GLOBALS['gJCoord']->request->isAllowedResponse('jResponseRedirect')){
  120.                     throw new jException($this->config['error_message']);
  121.                 }else{
  122.                     if(!$badip){
  123.                         $auth_url_return $GLOBALS['gJCoord']->request->getParam('auth_url_return');
  124.                         if($auth_url_return === null)
  125.                             $GLOBALS['gJCoord']->request->params['auth_url_return'jUrl::getCurrentUrl();
  126.                         $selectornew jSelectorAct($this->config['on_error_action']);
  127.                     }
  128.                 }
  129.             }else{
  130.                 $authoktrue;
  131.             }
  132.         }else{
  133.           $authoktrue;
  134.         }
  135.  
  136.         return $selector;
  137.     }
  138.  
  139.  
  140.     public function beforeOutput(){}
  141.  
  142.     public function afterProcess (){}
  143.  
  144.     /**
  145.     * Getting IP adress of the user
  146.     * @return string 
  147.     * @access private
  148.     */
  149.     private function _getIpForSecure (){
  150.         //this method is heavily based on the article found on
  151.         // phpbuilder.com, and from the comments on the official phpdoc.
  152.         if (isset ($_SERVER['HTTP_X_FORWARDED_FOR']&& $_SERVER['HTTP_X_FORWARDED_FOR']){
  153.             $IP_ADDR $_SERVER['HTTP_X_FORWARDED_FOR'];
  154.         }else if (isset ($_SERVER['HTTP_CLIENT_IP']&& $_SERVER['HTTP_CLIENT_IP']){
  155.             $IP_ADDR =  $_SERVER['HTTP_CLIENT_IP'];
  156.         }else{
  157.             $IP_ADDR $_SERVER['REMOTE_ADDR'];
  158.         }
  159.  
  160.         // get server ip and resolved it
  161.         $FIRE_IP_ADDR $_SERVER['REMOTE_ADDR'];
  162.         $ip_resolved gethostbyaddr($FIRE_IP_ADDR);
  163.         // builds server ip infos string
  164.         $FIRE_IP_LITT ($FIRE_IP_ADDR != $ip_resolved && $ip_resolved$FIRE_IP_ADDR." - "$ip_resolved $FIRE_IP_ADDR;
  165.         // builds client ip full infos string
  166.         $toReturn ($IP_ADDR != $FIRE_IP_ADDR"$IP_ADDR | $FIRE_IP_LITT$FIRE_IP_LITT;
  167.         return $toReturn;
  168.     }
  169. }

Documentation generated on Thu, 22 Mar 2012 22:12:53 +0100 by phpDocumentor 1.4.3