]>
git.wh0rd.org - tt-rss.git/blob - plugins/auth_remote/init.php
dd04dcd10503487832adc6351dd9ace272adbc0a
2 class Auth_Remote
extends Plugin
implements IAuthModule
{
9 "Authenticates against remote password (e.g. supplied by Apache)",
14 function init($host) {
16 $this->base
= new Auth_Base();
18 $host->add_hook($host::HOOK_AUTH_USER
, $this);
21 function get_login_by_ssl_certificate() {
22 $cert_serial = db_escape_string(get_ssl_certificate_id());
25 $result = db_query("SELECT login FROM ttrss_user_prefs, ttrss_users
26 WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
27 owner_uid = ttrss_users.id");
29 if (db_num_rows($result) != 0) {
30 return db_escape_string(db_fetch_result($result, 0, "login"));
38 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
40 function authenticate($login, $password) {
41 $try_login = db_escape_string($_SERVER["REMOTE_USER"]);
44 if (!$try_login) $try_login = db_escape_string($_SERVER["REDIRECT_REMOTE_USER"]);
45 if (!$try_login) $try_login = db_escape_string($_SERVER["PHP_AUTH_USER"]);
47 if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
50 $user_id = $this->base
->auto_create_user($try_login, $password);
53 $_SESSION["fake_login"] = $try_login;
54 $_SESSION["fake_password"] = "******";
55 $_SESSION["hide_hello"] = true;
56 $_SESSION["hide_logout"] = true;
58 // LemonLDAP can send user informations via HTTP HEADER
59 if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE
){
61 $fullname = $_SERVER['HTTP_USER_NAME'] ?
$_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
63 $fullname = db_escape_string($fullname);
64 db_query("UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
68 $email = $_SERVER['HTTP_USER_MAIL'] ?
$_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
70 $email = db_escape_string($email);
71 db_query("UPDATE ttrss_users SET email = '$email' WHERE id = " .
83 function api_version() {