src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\App\Authentication;
  11 use Friendica\Core\Config;
  12 use Friendica\Core\Hook;
  13 use Friendica\Core\L10n;
  14 use Friendica\Core\Renderer;
  15 use Friendica\Core\Session;
  16 use Friendica\DI;
  17 use Friendica\Module\Register;
  18 use Friendica\Util\Strings;
  19
  20 /**
  21  * Login module
  22  *
  23  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  24  */
  25 class Login extends BaseModule
  26 {
  27         public static function content(array $parameters = [])
  28         {
  29                 $a = DI::app();
  30
  31                 if (local_user()) {
  32                         $a->internalRedirect();
  33                 }
  34
  35                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  36         }
  37
  38         public static function post(array $parameters = [])
  39         {
  40                 $return_path = Session::get('return_path');
  41                 Session::clear();
  42                 Session::set('return_path', $return_path);
  43
  44                 // OpenId Login
  45                 if (
  46                         empty($_POST['password'])
  47                         && (!empty($_POST['openid_url'])
  48                                 || !empty($_POST['username']))
  49                 ) {
  50                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  51
  52                         /** @var Authentication $authentication */
  53                         $authentication = self::getClass(Authentication::class);
  54                         $authentication->withOpenId($openid_url, !empty($_POST['remember']));
  55                 }
  56
  57                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  58                         /** @var Authentication $authentication */
  59                         $authentication = self::getClass(Authentication::class);
  60                         $authentication->withPassword(
  61                                 DI::app(),
  62                                 trim($_POST['username']),
  63                                 trim($_POST['password']),
  64                                 !empty($_POST['remember'])
  65                         );
  66                 }
  67         }
  68
  69         /**
  70          * @brief Wrapper for adding a login box.
  71          *
  72          * @param string $return_path  The path relative to the base the user should be sent
  73          *                             back to after login completes
  74          * @param bool   $register     If $register == true provide a registration link.
  75          *                             This will most always depend on the value of config.register_policy.
  76          * @param array  $hiddens      optional
  77          *
  78          * @return string Returns the complete html for inserting into the page
  79          *
  80          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  81          * @hooks 'login_hook' string $o
  82          */
  83         public static function form($return_path = null, $register = false, $hiddens = [])
  84         {
  85                 $a = DI::app();
  86                 $o = '';
  87
  88                 $noid = Config::get('system', 'no_openid');
  89
  90                 if ($noid) {
  91                         Session::remove('openid_identity');
  92                         Session::remove('openid_attributes');
  93                 }
  94
  95                 $reg = false;
  96                 if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
  97                         $reg = [
  98                                 'title' => L10n::t('Create a New Account'),
  99                                 'desc' => L10n::t('Register'),
 100                                 'url' => self::getRegisterURL()
 101                         ];
 102                 }
 103
 104                 if (is_null($return_path)) {
 105                         $return_path = $a->query_string;
 106                 }
 107
 108                 if (local_user()) {
 109                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 110                 } else {
 111                         $a->page['htmlhead'] .= Renderer::replaceMacros(
 112                                 Renderer::getMarkupTemplate('login_head.tpl'),
 113                                 [
 114                                         '$baseurl' => $a->getBaseURL(true)
 115                                 ]
 116                         );
 117
 118                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 119                         $_SESSION['return_path'] = $return_path;
 120                 }
 121
 122                 if (!empty(Session::get('openid_identity'))) {
 123                         $openid_title = L10n::t('Your OpenID: ');
 124                         $openid_readonly = true;
 125                         $identity = Session::get('openid_identity');
 126                         $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
 127                 } else {
 128                         $openid_title = L10n::t('Or login using OpenID: ');
 129                         $openid_readonly = false;
 130                         $identity = '';
 131                         $username_desc = '';
 132                 }
 133
 134                 $o .= Renderer::replaceMacros(
 135                         $tpl,
 136                         [
 137                                 '$dest_url'     => DI::app()->getBaseURL(true) . '/login',
 138                                 '$logout'       => L10n::t('Logout'),
 139                                 '$login'        => L10n::t('Login'),
 140
 141                                 '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
 142                                 '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
 143                                 '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
 144
 145                                 '$openid'       => !$noid,
 146                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 147
 148                                 '$hiddens'      => $hiddens,
 149
 150                                 '$register'     => $reg,
 151
 152                                 '$lostpass'     => L10n::t('Forgot your password?'),
 153                                 '$lostlink'     => L10n::t('Password Reset'),
 154
 155                                 '$tostitle'     => L10n::t('Website Terms of Service'),
 156                                 '$toslink'      => L10n::t('terms of service'),
 157
 158                                 '$privacytitle' => L10n::t('Website Privacy Policy'),
 159                                 '$privacylink'  => L10n::t('privacy policy'),
 160                         ]
 161                 );
 162
 163                 Hook::callAll('login_hook', $o);
 164
 165                 return $o;
 166         }
 167
 168         /**
 169          * Get the URL to the register page and add OpenID parameters to it
 170          */
 171         private static function getRegisterURL()
 172         {
 173                 if (empty(Session::get('openid_identity'))) {
 174                         return 'register';
 175                 }
 176
 177                 $args = [];
 178                 $attr = Session::get('openid_attributes', []);
 179
 180                 if (is_array($attr) && count($attr)) {
 181                         foreach ($attr as $k => $v) {
 182                                 if ($k === 'namePerson/friendly') {
 183                                         $nick = Strings::escapeTags(trim($v));
 184                                 }
 185                                 if ($k === 'namePerson/first') {
 186                                         $first = Strings::escapeTags(trim($v));
 187                                 }
 188                                 if ($k === 'namePerson') {
 189                                         $args['username'] = Strings::escapeTags(trim($v));
 190                                 }
 191                                 if ($k === 'contact/email') {
 192                                         $args['email'] = Strings::escapeTags(trim($v));
 193                                 }
 194                                 if ($k === 'media/image/aspect11') {
 195                                         $photosq = bin2hex(trim($v));
 196                                 }
 197                                 if ($k === 'media/image/default') {
 198                                         $photo = bin2hex(trim($v));
 199                                 }
 200                         }
 201                 }
 202
 203                 if (!empty($nick)) {
 204                         $args['nickname'] = $nick;
 205                 } elseif (!empty($first)) {
 206                         $args['nickname'] = $first;
 207                 }
 208
 209                 if (!empty($photosq)) {
 210                         $args['photo'] = $photosq;
 211                 } elseif (!empty($photo)) {
 212                         $args['photo'] = $photo;
 213                 }
 214
 215                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 216
 217                 return 'register?' . http_build_query($args);
 218         }
 219 }