]> git.mxchange.org Git - friendica-addons.git/blob - dav/friendica/dav_friendica_auth.inc.php
Merge pull request #415 from Hypolite/task/replace-explicit-php-logical-operators
[friendica-addons.git] / dav / friendica / dav_friendica_auth.inc.php
1 <?php
2
3 class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
4
5     public function __construct() {
6     }
7
8
9         /**
10          * @var Sabre_DAV_Auth_Backend_Std|null
11          */
12         private static $intstance = null;
13
14         /**
15          * @static
16          * @return Sabre_DAV_Auth_Backend_Std
17          */
18         public static function &getInstance() {
19                 if (is_null(self::$intstance)) {
20                         self::$intstance = new Sabre_DAV_Auth_Backend_Std();
21                 }
22                 return self::$intstance;
23         }
24
25
26         /**
27          * @return array
28          */
29         public function getUsers() {
30         return array($this->currentUser);
31     }
32
33         /**
34          * @return null|string
35          */
36         public function getCurrentUser() {
37         return $this->currentUser;
38     }
39
40         /**
41          * Authenticates the user based on the current request.
42          *
43          * If authentication is successful, true must be returned.
44          * If authentication fails, an exception must be thrown.
45          *
46          * @param Sabre_DAV_Server $server
47          * @param string $realm
48          * @throws Sabre_DAV_Exception_NotAuthenticated
49          * @return bool
50          */
51         public function authenticate(Sabre_DAV_Server $server, $realm) {
52
53                 $a = get_app();
54                 if (isset($a->user["uid"])) {
55                         $this->currentUser = strtolower($a->user["nickname"]);
56                         return true;
57                 }
58
59                 $auth = new Sabre_HTTP_BasicAuth();
60                 $auth->setHTTPRequest($server->httpRequest);
61                 $auth->setHTTPResponse($server->httpResponse);
62                 $auth->setRealm($realm);
63                 $userpass = $auth->getUserPass();
64                 if (!$userpass) {
65                         $auth->requireLogin();
66                         throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
67                 }
68
69                 // Authenticates the user
70                 if (!$this->validateUserPass($userpass[0],$userpass[1])) {
71                         $auth->requireLogin();
72                         throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
73                 }
74                 $this->currentUser = strtolower($userpass[0]);
75                 return true;
76         }
77
78
79         /**
80          * @param string $username
81          * @param string $password
82          * @return bool
83          */
84         protected function validateUserPass($username, $password) {
85                 $encrypted = hash('whirlpool',trim($password));
86                 $r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
87                         dbesc(trim($username)),
88                         dbesc($encrypted)
89                 );
90                 return ($r[0]["anz"] == 1);
91     }
92     
93 }