mirror/php-ifm
1
0
Fork 0
mirror of https://github.com/misterunknown/ifm.git synced 2025-08-10 18:14:00 +02:00
Code Issues Releases Wiki Activity

Revert to old authentication function for now.

Browse Source 
Signed-off-by: Marco Dickert <marco@misterunknown.de>
This commit is contained in:
Marco Dickert
2020-07-18 19:01:23 +02:00
parent d286c0a07c
commit 3bc1e0ee97
1 changed files with 18 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/main.php
View File

@@ -972,7 +972,7 @@ IFM_ASSETS
$item = utf8_encode( $item ); $item = utf8_encode( $item );
} }
public function checkAuth() { function checkAuth() {
if( $this->config['auth'] == 0 ) if( $this->config['auth'] == 0 )
return true; return true;
@@ -994,16 +994,13 @@ IFM_ASSETS
if( ! isset( $_SESSION['ifmauth'] ) || $_SESSION['ifmauth'] !== true ) { if( ! isset( $_SESSION['ifmauth'] ) || $_SESSION['ifmauth'] !== true ) {
$login_failed = false; $login_failed = false;
$login_message = "";
if( isset( $_POST["inputLogin"] ) && isset( $_POST["inputPassword"] ) ) { if( isset( $_POST["inputLogin"] ) && isset( $_POST["inputPassword"] ) ) {
$state = $this->checkCredentials( $_POST["inputLogin"], $_POST["inputPassword"] ); if( $this->checkCredentials( $_POST["inputLogin"], $_POST["inputPassword"] ) ) {
if($state['status']) {
$_SESSION['ifmauth'] = true; $_SESSION['ifmauth'] = true;
} }
else { else {
$_SESSION['ifmauth'] = false; $_SESSION['ifmauth'] = false;
$login_failed = true; $login_failed = true;
$login_message = $state['message'];
} }
} }
@@ -1016,7 +1013,7 @@ IFM_ASSETS
else else
$this->jsonResponse( array( "status"=>"ERROR", "message"=>"not authenticated" ) ); $this->jsonResponse( array( "status"=>"ERROR", "message"=>"not authenticated" ) );
} else { } else {
$this->loginForm($login_failed, $login_message); $this->loginForm($login_failed);
} }
return false; return false;
} }
@@ -1026,7 +1023,6 @@ IFM_ASSETS
} }
private function checkCredentials( $user, $pass ) { private function checkCredentials( $user, $pass ) {
$authenticated = array("status" => false, "message" => "");
list( $src, $srcopt ) = explode( ";", $this->config['auth_source'], 2 ); list( $src, $srcopt ) = explode( ";", $this->config['auth_source'], 2 );
switch( $src ) { switch( $src ) {
case "inline": case "inline":
@@ -1039,11 +1035,12 @@ IFM_ASSETS
$htpasswd = new Htpasswd( $srcopt ); $htpasswd = new Htpasswd( $srcopt );
return $htpasswd->verify( $user, $pass ); return $htpasswd->verify( $user, $pass );
} else { } else {
// trigger_error( "IFM: Fatal: Credential file does not exist or is not readable" ); trigger_error( "IFM: Fatal: Credential file does not exist or is not readable" );
return $authenticated; return false;
} }
break; break;
case "ldap": case "ldap":
$authenticated = false;
$ldapopts = explode( ";", $srcopt ); $ldapopts = explode( ";", $srcopt );
if( count( $ldapopts ) === 3 ) { if( count( $ldapopts ) === 3 ) {
list( $ldap_server, $rootdn, $ufilter ) = explode( ";", $srcopt ); list( $ldap_server, $rootdn, $ufilter ) = explode( ";", $srcopt );
@@ -1053,8 +1050,8 @@ IFM_ASSETS
} }
$u = "uid=" . $user . "," . $rootdn; $u = "uid=" . $user . "," . $rootdn;
if( ! $ds = ldap_connect( $ldap_server ) ) { if( ! $ds = ldap_connect( $ldap_server ) ) {
$authenticated['status'] = false; trigger_error( "Could not reach the ldap server.", E_USER_ERROR );
$authenticated['message'] = "Could not reach the ldap server."; return false;
} }
ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 ); ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
if( $ds ) { if( $ds ) {
@@ -1062,29 +1059,28 @@ IFM_ASSETS
if( $ldbind ) { if( $ldbind ) {
if( $ufilter ) { if( $ufilter ) {
if( ldap_count_entries( $ds, ldap_search( $ds, $rootdn, $ufilter ) ) > 0 ){ if( ldap_count_entries( $ds, ldap_search( $ds, $rootdn, $ufilter ) ) > 0 ){
$authenticated['status'] = true; $authenticated = true;
} else { } else {
$authenticated['status'] = false; trigger_error( "User not allowed.", E_USER_ERROR );
$authenticated['message'] = "User not allowed."; $authenticated = false;
} }
} else { } else {
$authenticated['status'] = true; $authenticated = true;
} }
} else { } else {
$authenticated['status'] = false; trigger_error( ldap_error( $ds ), E_USER_ERROR );
$authenticated['message'] = ldap_error( $ds ); $authenticated = false;
} }
ldap_unbind( $ds ); ldap_unbind( $ds );
} else { } else
$authenticated['status'] = false; $authenticated = false;
}
return $authenticated; return $authenticated;
break; break;
} }
return $authenticated; return false;
} }
private function loginForm($loginFailed=false, $loginMessage) { private function loginForm($loginFailed=false, $loginMessage="") {
$err = ""; $err = "";
if( $loginFailed ) if( $loginFailed )
$err = '<div class="alert alert-danger" role="alert">'.$loginMessage.'</div>'; $err = '<div class="alert alert-danger" role="alert">'.$loginMessage.'</div>';