From 632a990cfb906ef9019290f3dc7361bef3e6c1bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cornelius=20Wei=C3=9F?= Date: Wed, 11 May 2005 18:25:17 +0000 Subject: [PATCH] added support for authentication via cookie. NOTE: you have to enable this in setup if u want to use it. --- login.php | 72 +++++++++++++++++++++++++++++ logout.php | 1 + phpgwapi/inc/class.auth_sql.inc.php | 6 ++- phpgwapi/templates/idots/login.tpl | 7 +++ setup/templates/default/config.tpl | 27 +++++++++++ 5 files changed, 111 insertions(+), 2 deletions(-) diff --git a/login.php b/login.php index 36fa718843..1d718446f1 100755 --- a/login.php +++ b/login.php @@ -151,6 +151,20 @@ { $passwd = $_POST['passwd']; $passwd_type = $_POST['passwd_type']; + + if($GLOBALS['egw_info']['server']['allow_cookie_auth']) + { + $eGW_remember = unserialize(stripslashes($_COOKIE['eGW_remeber'])); + + if($eGW_remember['login'] && $eGW_remember['passwd'] && $eGW_remember['passwd_type']) + { + $_SERVER['PHP_AUTH_USER'] = $login = $eGW_remember['login']; + $_SERVER['PHP_AUTH_PW'] = $passwd = $eGW_remember['passwd']; + $passwd_type = $eGW_remember['passwd_type']; + $submit = True; + } + } + } # Apache + mod_ssl style SSL certificate authentication @@ -192,6 +206,7 @@ if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' && !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN'])) { + $GLOBALS['phpgw']->session->phpgw_setcookie('eGW_remeber'); $GLOBALS['egw']->redirect($GLOBALS['egw']->link('/login.php','cd=5')); } #if(!isset($_COOKIE['eGroupWareLoginTime'])) @@ -233,10 +248,40 @@ if(!isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid']) { + $GLOBALS['phpgw']->session->phpgw_setcookie('eGW_remeber'); $GLOBALS['egw']->redirect($GLOBALS['egw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['egw']->session->cd_reason); } else { + /* set auth_cookie */ + if($GLOBALS['egw_info']['server']['allow_cookie_auth'] && $_POST['remember_me'] && $_POST['passwd']) + { + switch ($_POST['remember_me']) + { + case '1hour' : + $remember_time = time()+60*60; + break; + case '1day' : + $remember_time = time()+60*60*24; + break; + case '1week' : + $remember_time = time()+60*60*24*7; + break; + case '1month' : + $remember_time = time()+60*60*24*30; + break; + case 'forever' : + default: + $remember_time = 2147483647; + break; + } + $GLOBALS['egw']->session->phpgw_setcookie('eGW_remeber',serialize(array( + 'login' => $login, + 'passwd' => $passwd, + 'passwd_type' => $passwd_type)), + $remember_time); + } + if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) && $_POST['lang'] != $GLOBALS['egw_info']['user']['preferences']['common']['lang']) { @@ -399,6 +444,33 @@ } } + /********************************************************\ + * Check if authentification via cookies is allowed * + * and place a time selectbox, how long cookie is valid * + \********************************************************/ + + if($GLOBALS['egw_info']['server']['allow_cookie_auth']) + { + $this->html = CreateObject('phpgwapi.html'); /* Why the hell was nobody useing this here before??? */ + $tmpl->set_block('login_form','remember_me_selection'); + $tmpl->set_var('lang_remember_me',lang('Remember me')); + $tmpl->set_var('select_remember_me',$this->html->select('remember_me', 'forever', array( + false => lang('not'), + '1hour' => lang('1 Hour'), + '1day' => lang('1 Day'), + '1week'=> lang('1 Week'), + '1month' => lang('1 Month'), + 'forever' => lang('Forever')),true + )); + } + else + { + /* trick to make remember_me section disapear */ + $tmpl->set_block('login_form','remember_me_selection'); + $tmpl->set_var('remember_me_selection',''); + } + + // add a content-type header to overwrite an existing default charset in apache (AddDefaultCharset directiv) header('Content-type: text/html; charset='.$GLOBALS['egw']->translation->charset()); diff --git a/logout.php b/logout.php index 716723f864..682d4540ed 100755 --- a/logout.php +++ b/logout.php @@ -55,6 +55,7 @@ )); } } + $GLOBALS['phpgw']->session->phpgw_setcookie('eGW_remeber'); $GLOBALS['phpgw']->session->phpgw_setcookie('sessionid'); $GLOBALS['phpgw']->session->phpgw_setcookie('kp3'); $GLOBALS['phpgw']->session->phpgw_setcookie('domain'); diff --git a/phpgwapi/inc/class.auth_sql.inc.php b/phpgwapi/inc/class.auth_sql.inc.php index f99aa853e1..1714a3cf56 100644 --- a/phpgwapi/inc/class.auth_sql.inc.php +++ b/phpgwapi/inc/class.auth_sql.inc.php @@ -67,8 +67,10 @@ // do we have to migrate an old password ? if($GLOBALS['egw_info']['server']['pwd_migration_allowed']) { - if(!is_array($GLOBALS['egw_info']['server']['pwd_migration_types'])) return false; - foreach($GLOBALS['egw_info']['server']['pwd_migration_types'] as $handle => $type) + if(!isset($GLOBALS['egw_info']['server']['pwd_migration_types'])) return false; + + $allowed_types = explode(',', $GLOBALS['egw_info']['server']['pwd_migration_types']); + foreach($allowed_types as $num => $type) { if($this->compare_password($passwd,$this->db->f('account_pwd'),$type,strtolower($username))) { diff --git a/phpgwapi/templates/idots/login.tpl b/phpgwapi/templates/idots/login.tpl index b57a6585db..7d7f6161f6 100755 --- a/phpgwapi/templates/idots/login.tpl +++ b/phpgwapi/templates/idots/login.tpl @@ -89,6 +89,13 @@ + + + {lang_remember_me}:  + {select_remember_me} + + + {lang_username}:  diff --git a/setup/templates/default/config.tpl b/setup/templates/default/config.tpl index 6901896d02..0b95f533e3 100644 --- a/setup/templates/default/config.tpl +++ b/setup/templates/default/config.tpl @@ -174,6 +174,33 @@ + + {lang_Allow_authentification_via_cookie}: + + + + + + + {lang_Allow_password_migration}: + + + + + + + {lang_Allowed_migration_types_(comma-separated)}: + + + + + {lang_Minimum_account_id_(e.g._500_or_100,_etc.)}: