]>
git.wh0rd.org - tt-rss.git/blob - plugins/auth_remote/init.php
2 class Auth_Remote
extends Plugin
implements IAuthModule
{
9 "Authenticates against remote password (e.g. supplied by Apache)",
14 function init($host) {
16 $this->base
= new Auth_Base();
18 $host->add_hook($host::HOOK_AUTH_USER
, $this);
21 function get_login_by_ssl_certificate() {
22 $cert_serial = db_escape_string( get_ssl_certificate_id());
25 $result = db_query( "SELECT login FROM ttrss_user_prefs, ttrss_users
26 WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
27 owner_uid = ttrss_users.id");
29 if (db_num_rows($result) != 0) {
30 return db_escape_string( db_fetch_result($result, 0, "login"));
38 function authenticate($login, $password) {
39 $try_login = db_escape_string( $_SERVER["REMOTE_USER"]);
42 if (!$try_login) $try_login = db_escape_string( $_SERVER["REDIRECT_REMOTE_USER"]);
44 if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
45 # if (!$try_login) $try_login = "test_qqq";
48 $user_id = $this->base
->auto_create_user($try_login);
51 $_SESSION["fake_login"] = $try_login;
52 $_SESSION["fake_password"] = "******";
53 $_SESSION["hide_hello"] = true;
54 $_SESSION["hide_logout"] = true;
56 // LemonLDAP can send user informations via HTTP HEADER
57 if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE
){
59 $fullname = $_SERVER['HTTP_USER_NAME'] ?
$_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
61 $fullname = db_escape_string( $fullname);
62 db_query( "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
66 $email = $_SERVER['HTTP_USER_MAIL'] ?
$_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
68 $email = db_escape_string( $email);
69 db_query( "UPDATE ttrss_users SET email = '$email' WHERE id = " .