src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\Core\Config;
  11 use Friendica\Core\Hook;
  12 use Friendica\Core\L10n;
  13 use Friendica\Core\Renderer;
  14 use Friendica\Core\Session;
  15 use Friendica\DI;
  16 use Friendica\Module\Register;
  17 use Friendica\Util\Strings;
  18
  19 /**
  20  * Login module
  21  *
  22  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  23  */
  24 class Login extends BaseModule
  25 {
  26         public static function content(array $parameters = [])
  27         {
  28                 if (local_user()) {
  29                         DI::baseUrl()->redirect();
  30                 }
  31
  32                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  33         }
  34
  35         public static function post(array $parameters = [])
  36         {
  37                 $return_path = Session::get('return_path');
  38                 Session::clear();
  39                 Session::set('return_path', $return_path);
  40
  41                 // OpenId Login
  42                 if (
  43                         empty($_POST['password'])
  44                         && (!empty($_POST['openid_url'])
  45                                 || !empty($_POST['username']))
  46                 ) {
  47                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  48
  49                         DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
  50                 }
  51
  52                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  53                         DI::auth()->withPassword(
  54                                 DI::app(),
  55                                 trim($_POST['username']),
  56                                 trim($_POST['password']),
  57                                 !empty($_POST['remember'])
  58                         );
  59                 }
  60         }
  61
  62         /**
  63          * @brief Wrapper for adding a login box.
  64          *
  65          * @param string $return_path  The path relative to the base the user should be sent
  66          *                             back to after login completes
  67          * @param bool   $register     If $register == true provide a registration link.
  68          *                             This will most always depend on the value of config.register_policy.
  69          * @param array  $hiddens      optional
  70          *
  71          * @return string Returns the complete html for inserting into the page
  72          *
  73          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  74          * @hooks 'login_hook' string $o
  75          */
  76         public static function form($return_path = null, $register = false, $hiddens = [])
  77         {
  78                 $a = DI::app();
  79                 $o = '';
  80
  81                 $noid = Config::get('system', 'no_openid');
  82
  83                 if ($noid) {
  84                         Session::remove('openid_identity');
  85                         Session::remove('openid_attributes');
  86                 }
  87
  88                 $reg = false;
  89                 if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
  90                         $reg = [
  91                                 'title' => L10n::t('Create a New Account'),
  92                                 'desc' => L10n::t('Register'),
  93                                 'url' => self::getRegisterURL()
  94                         ];
  95                 }
  96
  97                 if (is_null($return_path)) {
  98                         $return_path = $a->query_string;
  99                 }
 100
 101                 if (local_user()) {
 102                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 103                 } else {
 104                         $a->page['htmlhead'] .= Renderer::replaceMacros(
 105                                 Renderer::getMarkupTemplate('login_head.tpl'),
 106                                 [
 107                                         '$baseurl' => $a->getBaseURL(true)
 108                                 ]
 109                         );
 110
 111                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 112                         $_SESSION['return_path'] = $return_path;
 113                 }
 114
 115                 if (!empty(Session::get('openid_identity'))) {
 116                         $openid_title = L10n::t('Your OpenID: ');
 117                         $openid_readonly = true;
 118                         $identity = Session::get('openid_identity');
 119                         $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
 120                 } else {
 121                         $openid_title = L10n::t('Or login using OpenID: ');
 122                         $openid_readonly = false;
 123                         $identity = '';
 124                         $username_desc = '';
 125                 }
 126
 127                 $o .= Renderer::replaceMacros(
 128                         $tpl,
 129                         [
 130                                 '$dest_url'     => DI::app()->getBaseURL(true) . '/login',
 131                                 '$logout'       => L10n::t('Logout'),
 132                                 '$login'        => L10n::t('Login'),
 133
 134                                 '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
 135                                 '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
 136                                 '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
 137
 138                                 '$openid'       => !$noid,
 139                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 140
 141                                 '$hiddens'      => $hiddens,
 142
 143                                 '$register'     => $reg,
 144
 145                                 '$lostpass'     => L10n::t('Forgot your password?'),
 146                                 '$lostlink'     => L10n::t('Password Reset'),
 147
 148                                 '$tostitle'     => L10n::t('Website Terms of Service'),
 149                                 '$toslink'      => L10n::t('terms of service'),
 150
 151                                 '$privacytitle' => L10n::t('Website Privacy Policy'),
 152                                 '$privacylink'  => L10n::t('privacy policy'),
 153                         ]
 154                 );
 155
 156                 Hook::callAll('login_hook', $o);
 157
 158                 return $o;
 159         }
 160
 161         /**
 162          * Get the URL to the register page and add OpenID parameters to it
 163          */
 164         private static function getRegisterURL()
 165         {
 166                 if (empty(Session::get('openid_identity'))) {
 167                         return 'register';
 168                 }
 169
 170                 $args = [];
 171                 $attr = Session::get('openid_attributes', []);
 172
 173                 if (is_array($attr) && count($attr)) {
 174                         foreach ($attr as $k => $v) {
 175                                 if ($k === 'namePerson/friendly') {
 176                                         $nick = Strings::escapeTags(trim($v));
 177                                 }
 178                                 if ($k === 'namePerson/first') {
 179                                         $first = Strings::escapeTags(trim($v));
 180                                 }
 181                                 if ($k === 'namePerson') {
 182                                         $args['username'] = Strings::escapeTags(trim($v));
 183                                 }
 184                                 if ($k === 'contact/email') {
 185                                         $args['email'] = Strings::escapeTags(trim($v));
 186                                 }
 187                                 if ($k === 'media/image/aspect11') {
 188                                         $photosq = bin2hex(trim($v));
 189                                 }
 190                                 if ($k === 'media/image/default') {
 191                                         $photo = bin2hex(trim($v));
 192                                 }
 193                         }
 194                 }
 195
 196                 if (!empty($nick)) {
 197                         $args['nickname'] = $nick;
 198                 } elseif (!empty($first)) {
 199                         $args['nickname'] = $first;
 200                 }
 201
 202                 if (!empty($photosq)) {
 203                         $args['photo'] = $photosq;
 204                 } elseif (!empty($photo)) {
 205                         $args['photo'] = $photo;
 206                 }
 207
 208                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 209
 210                 return 'register?' . http_build_query($args);
 211         }
 212 }