src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\Core\Hook;
  11 use Friendica\Core\Renderer;
  12 use Friendica\Core\Session;
  13 use Friendica\DI;
  14 use Friendica\Module\Register;
  15 use Friendica\Util\Strings;
  16
  17 /**
  18  * Login module
  19  *
  20  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  21  */
  22 class Login extends BaseModule
  23 {
  24         public static function content(array $parameters = [])
  25         {
  26                 if (local_user()) {
  27                         DI::baseUrl()->redirect();
  28                 }
  29
  30                 return self::form(Session::get('return_path'), intval(DI::config()->get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  31         }
  32
  33         public static function post(array $parameters = [])
  34         {
  35                 $return_path = Session::get('return_path');
  36                 Session::clear();
  37                 Session::set('return_path', $return_path);
  38
  39                 // OpenId Login
  40                 if (
  41                         empty($_POST['password'])
  42                         && (!empty($_POST['openid_url'])
  43                                 || !empty($_POST['username']))
  44                 ) {
  45                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  46
  47                         DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
  48                 }
  49
  50                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  51                         DI::auth()->withPassword(
  52                                 DI::app(),
  53                                 trim($_POST['username']),
  54                                 trim($_POST['password']),
  55                                 !empty($_POST['remember'])
  56                         );
  57                 }
  58         }
  59
  60         /**
  61          * Wrapper for adding a login box.
  62          *
  63          * @param string $return_path  The path relative to the base the user should be sent
  64          *                             back to after login completes
  65          * @param bool   $register     If $register == true provide a registration link.
  66          *                             This will most always depend on the value of config.register_policy.
  67          * @param array  $hiddens      optional
  68          *
  69          * @return string Returns the complete html for inserting into the page
  70          *
  71          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  72          * @hooks 'login_hook' string $o
  73          */
  74         public static function form($return_path = null, $register = false, $hiddens = [])
  75         {
  76                 $o = '';
  77
  78                 $noid = DI::config()->get('system', 'no_openid');
  79
  80                 if ($noid) {
  81                         Session::remove('openid_identity');
  82                         Session::remove('openid_attributes');
  83                 }
  84
  85                 $reg = false;
  86                 if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
  87                         $reg = [
  88                                 'title' => DI::l10n()->t('Create a New Account'),
  89                                 'desc' => DI::l10n()->t('Register'),
  90                                 'url' => self::getRegisterURL()
  91                         ];
  92                 }
  93
  94                 if (is_null($return_path)) {
  95                         $return_path = DI::args()->getQueryString();
  96                 }
  97
  98                 if (local_user()) {
  99                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 100                 } else {
 101                         DI::page()['htmlhead'] .= Renderer::replaceMacros(
 102                                 Renderer::getMarkupTemplate('login_head.tpl'),
 103                                 [
 104                                         '$baseurl' => DI::baseUrl()->get(true)
 105                                 ]
 106                         );
 107
 108                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 109                         $_SESSION['return_path'] = $return_path;
 110                 }
 111
 112                 if (!empty(Session::get('openid_identity'))) {
 113                         $openid_title = DI::l10n()->t('Your OpenID: ');
 114                         $openid_readonly = true;
 115                         $identity = Session::get('openid_identity');
 116                         $username_desc = DI::l10n()->t('Please enter your username and password to add the OpenID to your existing account.');
 117                 } else {
 118                         $openid_title = DI::l10n()->t('Or login using OpenID: ');
 119                         $openid_readonly = false;
 120                         $identity = '';
 121                         $username_desc = '';
 122                 }
 123
 124                 $o .= Renderer::replaceMacros(
 125                         $tpl,
 126                         [
 127                                 '$dest_url'     => DI::baseUrl()->get(true) . '/login',
 128                                 '$logout'       => DI::l10n()->t('Logout'),
 129                                 '$login'        => DI::l10n()->t('Login'),
 130
 131                                 '$lname'        => ['username', DI::l10n()->t('Nickname or Email: '), '', $username_desc],
 132                                 '$lpassword'    => ['password', DI::l10n()->t('Password: '), '', ''],
 133                                 '$lremember'    => ['remember', DI::l10n()->t('Remember me'), 0,  ''],
 134
 135                                 '$openid'       => !$noid,
 136                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 137
 138                                 '$hiddens'      => $hiddens,
 139
 140                                 '$register'     => $reg,
 141
 142                                 '$lostpass'     => DI::l10n()->t('Forgot your password?'),
 143                                 '$lostlink'     => DI::l10n()->t('Password Reset'),
 144
 145                                 '$tostitle'     => DI::l10n()->t('Website Terms of Service'),
 146                                 '$toslink'      => DI::l10n()->t('terms of service'),
 147
 148                                 '$privacytitle' => DI::l10n()->t('Website Privacy Policy'),
 149                                 '$privacylink'  => DI::l10n()->t('privacy policy'),
 150                         ]
 151                 );
 152
 153                 Hook::callAll('login_hook', $o);
 154
 155                 return $o;
 156         }
 157
 158         /**
 159          * Get the URL to the register page and add OpenID parameters to it
 160          */
 161         private static function getRegisterURL()
 162         {
 163                 if (empty(Session::get('openid_identity'))) {
 164                         return 'register';
 165                 }
 166
 167                 $args = [];
 168                 $attr = Session::get('openid_attributes', []);
 169
 170                 if (is_array($attr) && count($attr)) {
 171                         foreach ($attr as $k => $v) {
 172                                 if ($k === 'namePerson/friendly') {
 173                                         $nick = Strings::escapeTags(trim($v));
 174                                 }
 175                                 if ($k === 'namePerson/first') {
 176                                         $first = Strings::escapeTags(trim($v));
 177                                 }
 178                                 if ($k === 'namePerson') {
 179                                         $args['username'] = Strings::escapeTags(trim($v));
 180                                 }
 181                                 if ($k === 'contact/email') {
 182                                         $args['email'] = Strings::escapeTags(trim($v));
 183                                 }
 184                                 if ($k === 'media/image/aspect11') {
 185                                         $photosq = bin2hex(trim($v));
 186                                 }
 187                                 if ($k === 'media/image/default') {
 188                                         $photo = bin2hex(trim($v));
 189                                 }
 190                         }
 191                 }
 192
 193                 if (!empty($nick)) {
 194                         $args['nickname'] = $nick;
 195                 } elseif (!empty($first)) {
 196                         $args['nickname'] = $first;
 197                 }
 198
 199                 if (!empty($photosq)) {
 200                         $args['photo'] = $photosq;
 201                 } elseif (!empty($photo)) {
 202                         $args['photo'] = $photo;
 203                 }
 204
 205                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 206
 207                 return 'register?' . http_build_query($args);
 208         }
 209 }