]> git.mxchange.org Git - friendica.git/blob - src/Module/Security/Login.php
projects / friendica.git / blob
? search:


311cbdd9bbb69d0db9de0fb75bb495bd81c54353
[friendica.git] / src / Module / Security / Login.php
1 <?php
2
3 /**
4  * @file src/Module/Login.php
5  */
6
7 namespace Friendica\Module\Security;
8
9 use Friendica\BaseModule;
10 use Friendica\App\Authentication;
11 use Friendica\Core\Config;
12 use Friendica\Core\Hook;
13 use Friendica\Core\L10n;
14 use Friendica\Core\Renderer;
15 use Friendica\Core\Session;
16 use Friendica\Module\Register;
17 use Friendica\Util\Strings;
18
19 /**
20  * Login module
21  *
22  * @author Hypolite Petovan <hypolite@mrpetovan.com>
23  */
24 class Login extends BaseModule
25 {
26         public static function content(array $parameters = [])
27         {
28                 $a = self::getApp();
29
30                 if (local_user()) {
31                         $a->internalRedirect();
32                 }
33
34                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
35         }
36
37         public static function post(array $parameters = [])
38         {
39                 $return_path = Session::get('return_path');
40                 Session::clear();
41                 Session::set('return_path', $return_path);
42
43                 // OpenId Login
44                 if (
45                         empty($_POST['password'])
46                         && (!empty($_POST['openid_url'])
47                                 || !empty($_POST['username']))
48                 ) {
49                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
50
51                         /** @var Authentication $authentication */
52                         $authentication = self::getClass(Authentication::class);
53                         $authentication->withOpenId($openid_url, !empty($_POST['remember']));
54                 }
55
56                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
57                         /** @var Authentication $authentication */
58                         $authentication = self::getClass(Authentication::class);
59                         $authentication->withPassword(
60                                 self::getApp(),
61                                 trim($_POST['username']),
62                                 trim($_POST['password']),
63                                 !empty($_POST['remember'])
64                         );
65                 }
66         }
67
68         /**
69          * @brief Wrapper for adding a login box.
70          *
71          * @param string $return_path  The path relative to the base the user should be sent
72          *                             back to after login completes
73          * @param bool   $register     If $register == true provide a registration link.
74          *                             This will most always depend on the value of config.register_policy.
75          * @param array  $hiddens      optional
76          *
77          * @return string Returns the complete html for inserting into the page
78          *
79          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
80          * @hooks 'login_hook' string $o
81          */
82         public static function form($return_path = null, $register = false, $hiddens = [])
83         {
84                 $a = self::getApp();
85                 $o = '';
86
87                 $noid = Config::get('system', 'no_openid');
88
89                 if ($noid) {
90                         Session::remove('openid_identity');
91                         Session::remove('openid_attributes');
92                 }
93
94                 $reg = false;
95                 if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
96                         $reg = [
97                                 'title' => L10n::t('Create a New Account'),
98                                 'desc' => L10n::t('Register'),
99                                 'url' => self::getRegisterURL()
100                         ];
101                 }
102
103                 if (is_null($return_path)) {
104                         $return_path = $a->query_string;
105                 }
106
107                 if (local_user()) {
108                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
109                 } else {
110                         $a->page['htmlhead'] .= Renderer::replaceMacros(
111                                 Renderer::getMarkupTemplate('login_head.tpl'),
112                                 [
113                                         '$baseurl' => $a->getBaseURL(true)
114                                 ]
115                         );
116
117                         $tpl = Renderer::getMarkupTemplate('login.tpl');
118                         $_SESSION['return_path'] = $return_path;
119                 }
120
121                 if (!empty(Session::get('openid_identity'))) {
122                         $openid_title = L10n::t('Your OpenID: ');
123                         $openid_readonly = true;
124                         $identity = Session::get('openid_identity');
125                         $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
126                 } else {
127                         $openid_title = L10n::t('Or login using OpenID: ');
128                         $openid_readonly = false;
129                         $identity = '';
130                         $username_desc = '';
131                 }
132
133                 $o .= Renderer::replaceMacros(
134                         $tpl,
135                         [
136                                 '$dest_url'     => self::getApp()->getBaseURL(true) . '/login',
137                                 '$logout'       => L10n::t('Logout'),
138                                 '$login'        => L10n::t('Login'),
139
140                                 '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
141                                 '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
142                                 '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
143
144                                 '$openid'       => !$noid,
145                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
146
147                                 '$hiddens'      => $hiddens,
148
149                                 '$register'     => $reg,
150
151                                 '$lostpass'     => L10n::t('Forgot your password?'),
152                                 '$lostlink'     => L10n::t('Password Reset'),
153
154                                 '$tostitle'     => L10n::t('Website Terms of Service'),
155                                 '$toslink'      => L10n::t('terms of service'),
156
157                                 '$privacytitle' => L10n::t('Website Privacy Policy'),
158                                 '$privacylink'  => L10n::t('privacy policy'),
159                         ]
160                 );
161
162                 Hook::callAll('login_hook', $o);
163
164                 return $o;
165         }
166
167         /**
168          * Get the URL to the register page and add OpenID parameters to it
169          */
170         private static function getRegisterURL()
171         {
172                 if (empty(Session::get('openid_identity'))) {
173                         return 'register';
174                 }
175
176                 $args = [];
177                 $attr = Session::get('openid_attributes', []);
178
179                 if (is_array($attr) && count($attr)) {
180                         foreach ($attr as $k => $v) {
181                                 if ($k === 'namePerson/friendly') {
182                                         $nick = Strings::escapeTags(trim($v));
183                                 }
184                                 if ($k === 'namePerson/first') {
185                                         $first = Strings::escapeTags(trim($v));
186                                 }
187                                 if ($k === 'namePerson') {
188                                         $args['username'] = Strings::escapeTags(trim($v));
189                                 }
190                                 if ($k === 'contact/email') {
191                                         $args['email'] = Strings::escapeTags(trim($v));
192                                 }
193                                 if ($k === 'media/image/aspect11') {
194                                         $photosq = bin2hex(trim($v));
195                                 }
196                                 if ($k === 'media/image/default') {
197                                         $photo = bin2hex(trim($v));
198                                 }
199                         }
200                 }
201
202                 if (!empty($nick)) {
203                         $args['nickname'] = $nick;
204                 } elseif (!empty($first)) {
205                         $args['nickname'] = $first;
206                 }
207
208                 if (!empty($photosq)) {
209                         $args['photo'] = $photosq;
210                 } elseif (!empty($photo)) {
211                         $args['photo'] = $photo;
212                 }
213
214                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
215
216                 return 'register?' . http_build_query($args);
217         }
218 }
Unnamed repository; edit this file 'description' to name the repository.