]> git.wh0rd.org - tt-rss.git/blob - classes/auth/base.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
strip_harmful_tags: remove data- attributes
[tt-rss.git] / classes / auth / base.php
1 <?php
2 class Auth_Base {
3 private $pdo;
4
5 function __construct() {
6 $this->pdo = Db::pdo();
7 }
8
9 /**
10 * @SuppressWarnings(unused)
11 */
12 function check_password($owner_uid, $password) {
13 return false;
14 }
15
16 /**
17 * @SuppressWarnings(unused)
18 */
19 function authenticate($login, $password) {
20 return false;
21 }
22
23 // Auto-creates specified user if allowed by system configuration
24 // Can be used instead of find_user_by_login() by external auth modules
25 function auto_create_user($login, $password = false) {
26 if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
27 $user_id = $this->find_user_by_login($login);
28
29 if (!$password) $password = make_password();
30
31 if (!$user_id) {
32 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
33 $pwd_hash = encrypt_password($password, $salt, true);
34
35 $sth = $this->pdo->prepare("INSERT INTO ttrss_users
36 (login,access_level,last_login,created,pwd_hash,salt)
37 VALUES (?, 0, null, NOW(), ?,?)");
38 $sth->execute([$login, $pwd_hash, $salt]);
39
40 return $this->find_user_by_login($login);
41
42 } else {
43 return $user_id;
44 }
45 }
46
47 return $this->find_user_by_login($login);
48 }
49
50 function find_user_by_login($login) {
51 $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE
52 login = ?");
53 $sth->execute([$login]);
54
55 if ($row = $sth->fetch()) {
56 return $row["id"];
57 } else {
58 return false;
59 }
60
61 }
62 }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/