classes/auth/base.php

   1 <?php
   2 class Auth_Base {
   3         private $dbh;
   4
   5         function __construct() {
   6                 $this->dbh = Db::get();
   7         }
   8
   9         function check_password($owner_uid, $password) {
  10                 return false;
  11         }
  12
  13         function authenticate($login, $password) {
  14                 return false;
  15         }
  16
  17         // Auto-creates specified user if allowed by system configuration
  18         // Can be used instead of find_user_by_login() by external auth modules
  19         function auto_create_user($login, $password = false) {
  20                 if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
  21                         $user_id = $this->find_user_by_login($login);
  22
  23                         if (!$password) $password = make_password();
  24
  25                         if (!$user_id) {
  26                                 $login = $this->dbh->escape_string($login);
  27                                 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
  28                                 $pwd_hash = encrypt_password($password, $salt, true);
  29
  30                                 $query = "INSERT INTO ttrss_users
  31                                                 (login,access_level,last_login,created,pwd_hash,salt)
  32                                                 VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')";
  33
  34                                 $this->dbh->query($query);
  35
  36                                 return $this->find_user_by_login($login);
  37
  38                         } else {
  39                                 return $user_id;
  40                         }
  41                 }
  42
  43                 return $this->find_user_by_login($login);
  44         }
  45
  46         function find_user_by_login($login) {
  47                 $login = $this->dbh->escape_string($login);
  48
  49                 $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE
  50                         login = '$login'");
  51
  52                 if ($this->dbh->num_rows($result) > 0) {
  53                         return $this->dbh->fetch_result($result, 0, "id");
  54                 } else {
  55                         return false;
  56                 }
  57
  58         }
  59 }
  60
  61 ?>