classes/auth/base.php

   1 <?php
   2 class Auth_Base {
   3         private $dbh;
   4
   5         function __construct() {
   6                 $this->dbh = Db::get();
   7         }
   8
   9         /**
  10          * @SuppressWarnings(unused)
  11          */
  12         function check_password($owner_uid, $password) {
  13                 return false;
  14         }
  15
  16         /**
  17          * @SuppressWarnings(unused)
  18          */
  19         function authenticate($login, $password) {
  20                 return false;
  21         }
  22
  23         // Auto-creates specified user if allowed by system configuration
  24         // Can be used instead of find_user_by_login() by external auth modules
  25         function auto_create_user($login, $password = false) {
  26                 if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
  27                         $user_id = $this->find_user_by_login($login);
  28
  29                         if (!$password) $password = make_password();
  30
  31                         if (!$user_id) {
  32                                 $login = $this->dbh->escape_string($login);
  33                                 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
  34                                 $pwd_hash = encrypt_password($password, $salt, true);
  35
  36                                 $query = "INSERT INTO ttrss_users
  37                                                 (login,access_level,last_login,created,pwd_hash,salt)
  38                                                 VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')";
  39
  40                                 $this->dbh->query($query);
  41
  42                                 return $this->find_user_by_login($login);
  43
  44                         } else {
  45                                 return $user_id;
  46                         }
  47                 }
  48
  49                 return $this->find_user_by_login($login);
  50         }
  51
  52         function find_user_by_login($login) {
  53                 $login = $this->dbh->escape_string($login);
  54
  55                 $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE
  56                         login = '$login'");
  57
  58                 if ($this->dbh->num_rows($result) > 0) {
  59                         return $this->dbh->fetch_result($result, 0, "id");
  60                 } else {
  61                         return false;
  62                 }
  63
  64         }
  65 }
  66
  67 ?>