]> git.wh0rd.org Git - tt-rss.git/blob - classes/auth/base.php
projects / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
strip_harmful_tags: remove data- attributes
[tt-rss.git] / classes / auth / base.php
1 <?php
2 class Auth_Base {
3         private $pdo;
4
5         function __construct() {
6                 $this->pdo = Db::pdo();
7         }
8
9         /**
10          * @SuppressWarnings(unused)
11          */
12         function check_password($owner_uid, $password) {
13                 return false;
14         }
15
16         /**
17          * @SuppressWarnings(unused)
18          */
19         function authenticate($login, $password) {
20                 return false;
21         }
22
23         // Auto-creates specified user if allowed by system configuration
24         // Can be used instead of find_user_by_login() by external auth modules
25         function auto_create_user($login, $password = false) {
26                 if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
27                         $user_id = $this->find_user_by_login($login);
28
29                         if (!$password) $password = make_password();
30
31                         if (!$user_id) {
32                                 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
33                                 $pwd_hash = encrypt_password($password, $salt, true);
34
35                                 $sth = $this->pdo->prepare("INSERT INTO ttrss_users
36                                                 (login,access_level,last_login,created,pwd_hash,salt)
37                                                 VALUES (?, 0, null, NOW(), ?,?)");
38                                 $sth->execute([$login, $pwd_hash, $salt]);
39
40                                 return $this->find_user_by_login($login);
41
42                         } else {
43                                 return $user_id;
44                         }
45                 }
46
47                 return $this->find_user_by_login($login);
48         }
49
50         function find_user_by_login($login) {
51                 $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE
52                         login = ?");
53                 $sth->execute([$login]);
54
55                 if ($row = $sth->fetch()) {
56                         return $row["id"];
57                 } else {
58                         return false;
59                 }
60
61         }
62 }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/