src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\Core\Config;
  11 use Friendica\Core\Hook;
  12 use Friendica\Core\L10n;
  13 use Friendica\Core\Renderer;
  14 use Friendica\Core\Session;
  15 use Friendica\DI;
  16 use Friendica\Module\Register;
  17 use Friendica\Util\Strings;
  18
  19 /**
  20  * Login module
  21  *
  22  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  23  */
  24 class Login extends BaseModule
  25 {
  26         public static function content(array $parameters = [])
  27         {
  28                 if (local_user()) {
  29                         DI::baseUrl()->redirect();
  30                 }
  31
  32                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  33         }
  34
  35         public static function post(array $parameters = [])
  36         {
  37                 $return_path = Session::get('return_path');
  38                 Session::clear();
  39                 Session::set('return_path', $return_path);
  40
  41                 // OpenId Login
  42                 if (
  43                         empty($_POST['password'])
  44                         && (!empty($_POST['openid_url'])
  45                                 || !empty($_POST['username']))
  46                 ) {
  47                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  48
  49                         DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
  50                 }
  51
  52                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  53                         DI::auth()->withPassword(
  54                                 DI::app(),
  55                                 trim($_POST['username']),
  56                                 trim($_POST['password']),
  57                                 !empty($_POST['remember'])
  58                         );
  59                 }
  60         }
  61
  62         /**
  63          * Wrapper for adding a login box.
  64          *
  65          * @param string $return_path  The path relative to the base the user should be sent
  66          *                             back to after login completes
  67          * @param bool   $register     If $register == true provide a registration link.
  68          *                             This will most always depend on the value of config.register_policy.
  69          * @param array  $hiddens      optional
  70          *
  71          * @return string Returns the complete html for inserting into the page
  72          *
  73          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  74          * @hooks 'login_hook' string $o
  75          */
  76         public static function form($return_path = null, $register = false, $hiddens = [])
  77         {
  78                 $o = '';
  79
  80                 $noid = Config::get('system', 'no_openid');
  81
  82                 if ($noid) {
  83                         Session::remove('openid_identity');
  84                         Session::remove('openid_attributes');
  85                 }
  86
  87                 $reg = false;
  88                 if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
  89                         $reg = [
  90                                 'title' => L10n::t('Create a New Account'),
  91                                 'desc' => L10n::t('Register'),
  92                                 'url' => self::getRegisterURL()
  93                         ];
  94                 }
  95
  96                 if (is_null($return_path)) {
  97                         $return_path = DI::args()->getQueryString();
  98                 }
  99
 100                 if (local_user()) {
 101                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 102                 } else {
 103                         DI::page()['htmlhead'] .= Renderer::replaceMacros(
 104                                 Renderer::getMarkupTemplate('login_head.tpl'),
 105                                 [
 106                                         '$baseurl' => DI::baseUrl()->get(true)
 107                                 ]
 108                         );
 109
 110                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 111                         $_SESSION['return_path'] = $return_path;
 112                 }
 113
 114                 if (!empty(Session::get('openid_identity'))) {
 115                         $openid_title = L10n::t('Your OpenID: ');
 116                         $openid_readonly = true;
 117                         $identity = Session::get('openid_identity');
 118                         $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
 119                 } else {
 120                         $openid_title = L10n::t('Or login using OpenID: ');
 121                         $openid_readonly = false;
 122                         $identity = '';
 123                         $username_desc = '';
 124                 }
 125
 126                 $o .= Renderer::replaceMacros(
 127                         $tpl,
 128                         [
 129                                 '$dest_url'     => DI::baseUrl()->get(true) . '/login',
 130                                 '$logout'       => L10n::t('Logout'),
 131                                 '$login'        => L10n::t('Login'),
 132
 133                                 '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
 134                                 '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
 135                                 '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
 136
 137                                 '$openid'       => !$noid,
 138                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 139
 140                                 '$hiddens'      => $hiddens,
 141
 142                                 '$register'     => $reg,
 143
 144                                 '$lostpass'     => L10n::t('Forgot your password?'),
 145                                 '$lostlink'     => L10n::t('Password Reset'),
 146
 147                                 '$tostitle'     => L10n::t('Website Terms of Service'),
 148                                 '$toslink'      => L10n::t('terms of service'),
 149
 150                                 '$privacytitle' => L10n::t('Website Privacy Policy'),
 151                                 '$privacylink'  => L10n::t('privacy policy'),
 152                         ]
 153                 );
 154
 155                 Hook::callAll('login_hook', $o);
 156
 157                 return $o;
 158         }
 159
 160         /**
 161          * Get the URL to the register page and add OpenID parameters to it
 162          */
 163         private static function getRegisterURL()
 164         {
 165                 if (empty(Session::get('openid_identity'))) {
 166                         return 'register';
 167                 }
 168
 169                 $args = [];
 170                 $attr = Session::get('openid_attributes', []);
 171
 172                 if (is_array($attr) && count($attr)) {
 173                         foreach ($attr as $k => $v) {
 174                                 if ($k === 'namePerson/friendly') {
 175                                         $nick = Strings::escapeTags(trim($v));
 176                                 }
 177                                 if ($k === 'namePerson/first') {
 178                                         $first = Strings::escapeTags(trim($v));
 179                                 }
 180                                 if ($k === 'namePerson') {
 181                                         $args['username'] = Strings::escapeTags(trim($v));
 182                                 }
 183                                 if ($k === 'contact/email') {
 184                                         $args['email'] = Strings::escapeTags(trim($v));
 185                                 }
 186                                 if ($k === 'media/image/aspect11') {
 187                                         $photosq = bin2hex(trim($v));
 188                                 }
 189                                 if ($k === 'media/image/default') {
 190                                         $photo = bin2hex(trim($v));
 191                                 }
 192                         }
 193                 }
 194
 195                 if (!empty($nick)) {
 196                         $args['nickname'] = $nick;
 197                 } elseif (!empty($first)) {
 198                         $args['nickname'] = $first;
 199                 }
 200
 201                 if (!empty($photosq)) {
 202                         $args['photo'] = $photosq;
 203                 } elseif (!empty($photo)) {
 204                         $args['photo'] = $photo;
 205                 }
 206
 207                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 208
 209                 return 'register?' . http_build_query($args);
 210         }
 211 }