* Adds an attribute parameter to the ldap adapter Using this parameter is much more efficient than the default action (which is to return all attributes and their associated values). The use of this parameter should therefore be considered good practice. (from https://www.php.net/manual/en/function.ldap-search.php) * Updates the docs about ldap_attributes parameter * Enhances portuguese translation * Update backend/Services/Auth/Adapters/LDAP.php Commit suggestion
		
			
				
	
	
	
		
			4.7 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	currentMenu
| currentMenu | 
|---|
| auth | 
Default Auth service
By default, users are stored in json file. For some use-cases, this is enough. It also makes this app lightweight since no database is required.
Default handler accepts only file name parameter. This file should be writable by the web server.
        'Filegator\Services\Auth\AuthInterface' => [
            'handler' => '\Filegator\Services\Auth\Adapters\JsonFile',
            'config' => [
                'file' => __DIR__.'/private/users.json',
            ],
        ],
Configuring Auth service to use database
You can use mysql database to store your users.
First, create a table users with this sql query:
CREATE TABLE `users` (
    `id` int(10) NOT NULL AUTO_INCREMENT,
    `username` varchar(255) NOT NULL,
    `name` varchar(255) NOT NULL,
    `role` varchar(20) NOT NULL,
    `permissions` varchar(200) NOT NULL,
    `homedir` varchar(2000) NOT NULL,
    `password` varchar(255) NOT NULL,
    PRIMARY KEY (`id`),
    KEY `username` (`username`)
) CHARSET=utf8 COLLATE=utf8_bin;
Then, import default users with sql query:
INSERT INTO `users` (`username`, `name`, `role`, `permissions`, `homedir`, `password`)
VALUES
('guest', 'Guest', 'guest', '', '/', ''),
('admin', 'Admin', 'admin', 'read|write|upload|download|batchdownload|zip', '/', '$2y$10$Nu35w4pteLfc7BDCIkDPkecjw8wsH8Y2GMfIewUbXLT7zzW6WOxwq');
At the end, open configuration.php and update AuthInterface handler to reflect your database settings:
        'Filegator\Services\Auth\AuthInterface' => [
            'handler' => '\Filegator\Services\Auth\Adapters\Database',
            'config' => [
                'driver' => 'mysqli',
                'host' => 'localhost',
                'username' => 'root',
                'password' => 'password',
                'database' => 'filegator',
            ],
        ],
Configuring Auth service to use WordPress
Replace your current Auth handler in configuration.php file like this:
        'Filegator\Services\Auth\AuthInterface' => [
            'handler' => '\Filegator\Services\Auth\Adapters\WPAuth',
            'config' => [
                'wp_dir' => '/var/www/my_wordpress_site/',
                'permissions' => ['read', 'write', 'upload', 'download', 'batchdownload', 'zip'],
                'private_repos' => false,
            ],
        ],
Adjust in the config above:
- wp_dirshould be the directory path of your wordpress installation
- permissionsis the array of permissions given to each user
- private_reposeach user will have its own sub folder, admin will see everything (false/true)
Note: With more recent versions of FileGator you can set guest_redirection in your configuration.php to redirect logged-out users back to your WP site:
'frontend_config' => [
  ...
    'guest_redirection' => 'http://example.com/wp-admin/',
  ...
]
Configuring Auth service to use LDAP
Replace your current Auth handler in configuration.php file like this:
        'Filegator\Services\Auth\AuthInterface' => [
            'handler' => '\Filegator\Services\Auth\Adapters\LDAP',
            'config' => [
                    'private_repos' => false,
                    'ldap_server'=>'ldap://192.168.1.1',
                    'ldap_bindDN'=>'uid=ldapbinduser,cn=users,dc=ldap,dc=example,dc=com',
                    'ldap_bindPass'=>'ldapbinduser-password',
                    'ldap_baseDN'=>'cn=users,dc=ldap,dc=example,dc=com',
                    'ldap_filter'=>'(uid=*)', //ex: 'ldap_filter'=>'(&(uid=*)(memberOf=cn=administrators,cn=groups,dc=ldap,dc=example,dc=com))',
                    'ldap_attributes' => ["uid","cn","dn"],
                    'ldap_userFieldMapping'=> [
                        'username' =>'uid',
                        'name' =>'cn',
                        'userDN' =>'dn',
                        'default_permissions' => 'read|write|upload|download|batchdownload|zip',
                        'admin_usernames' =>['user1', 'user2'],
                    ],
            ],
        ],
Custom Authentication using 3rd party
If you want to use FileGator as a part of another application, you probably already have users stored somewhere else. What you need in this case is to build a new custom Auth adapter that matches the AuthInterface to connect those two. This new adapter will try to authenticate users in your application and translate each user into filegator User object.
API authentication
Front-end will use session based authentication to authenticate and consume the back-end.
Note: The application will not work if you disable cookies.