]>
git.wh0rd.org - tt-rss.git/blob - plugins/auth_remote/init.php
2 class Auth_Remote
extends Plugin
implements IAuthModule
{
10 "Authenticates against remote password (e.g. supplied by Apache)",
15 function init($host) {
16 $this->link
= $host->get_link();
18 $this->base
= new Auth_Base($this->link
);
20 $host->add_hook($host::HOOK_AUTH_USER
, $this);
23 function get_login_by_ssl_certificate() {
24 $cert_serial = db_escape_string($this->link
, get_ssl_certificate_id());
27 $result = db_query($this->link
, "SELECT login FROM ttrss_user_prefs, ttrss_users
28 WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
29 owner_uid = ttrss_users.id");
31 if (db_num_rows($result) != 0) {
32 return db_escape_string($this->link
, db_fetch_result($result, 0, "login"));
40 function authenticate($login, $password) {
41 $try_login = db_escape_string($this->link
, $_SERVER["REMOTE_USER"]);
44 if (!$try_login) $try_login = db_escape_string($this->link
, $_SERVER["REDIRECT_REMOTE_USER"]);
46 if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
47 # if (!$try_login) $try_login = "test_qqq";
50 $user_id = $this->base
->auto_create_user($try_login);
53 $_SESSION["fake_login"] = $try_login;
54 $_SESSION["fake_password"] = "******";
55 $_SESSION["hide_hello"] = true;
56 $_SESSION["hide_logout"] = true;
58 // LemonLDAP can send user informations via HTTP HEADER
59 if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE
){
61 $fullname = $_SERVER['HTTP_USER_NAME'] ?
$_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
63 $fullname = db_escape_string($this->link
, $fullname);
64 db_query($this->link
, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
68 $email = $_SERVER['HTTP_USER_MAIL'] ?
$_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
70 $email = db_escape_string($this->link
, $email);
71 db_query($this->link
, "UPDATE ttrss_users SET email = '$email' WHERE id = " .