src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\Core\Config;
  11 use Friendica\Core\Hook;
  12 use Friendica\Core\Renderer;
  13 use Friendica\Core\Session;
  14 use Friendica\DI;
  15 use Friendica\Module\Register;
  16 use Friendica\Util\Strings;
  17
  18 /**
  19  * Login module
  20  *
  21  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  22  */
  23 class Login extends BaseModule
  24 {
  25         public static function content(array $parameters = [])
  26         {
  27                 if (local_user()) {
  28                         DI::baseUrl()->redirect();
  29                 }
  30
  31                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  32         }
  33
  34         public static function post(array $parameters = [])
  35         {
  36                 $return_path = Session::get('return_path');
  37                 Session::clear();
  38                 Session::set('return_path', $return_path);
  39
  40                 // OpenId Login
  41                 if (
  42                         empty($_POST['password'])
  43                         && (!empty($_POST['openid_url'])
  44                                 || !empty($_POST['username']))
  45                 ) {
  46                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  47
  48                         DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
  49                 }
  50
  51                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  52                         DI::auth()->withPassword(
  53                                 DI::app(),
  54                                 trim($_POST['username']),
  55                                 trim($_POST['password']),
  56                                 !empty($_POST['remember'])
  57                         );
  58                 }
  59         }
  60
  61         /**
  62          * Wrapper for adding a login box.
  63          *
  64          * @param string $return_path  The path relative to the base the user should be sent
  65          *                             back to after login completes
  66          * @param bool   $register     If $register == true provide a registration link.
  67          *                             This will most always depend on the value of config.register_policy.
  68          * @param array  $hiddens      optional
  69          *
  70          * @return string Returns the complete html for inserting into the page
  71          *
  72          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  73          * @hooks 'login_hook' string $o
  74          */
  75         public static function form($return_path = null, $register = false, $hiddens = [])
  76         {
  77                 $o = '';
  78
  79                 $noid = Config::get('system', 'no_openid');
  80
  81                 if ($noid) {
  82                         Session::remove('openid_identity');
  83                         Session::remove('openid_attributes');
  84                 }
  85
  86                 $reg = false;
  87                 if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
  88                         $reg = [
  89                                 'title' => DI::l10n()->t('Create a New Account'),
  90                                 'desc' => DI::l10n()->t('Register'),
  91                                 'url' => self::getRegisterURL()
  92                         ];
  93                 }
  94
  95                 if (is_null($return_path)) {
  96                         $return_path = DI::args()->getQueryString();
  97                 }
  98
  99                 if (local_user()) {
 100                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 101                 } else {
 102                         DI::page()['htmlhead'] .= Renderer::replaceMacros(
 103                                 Renderer::getMarkupTemplate('login_head.tpl'),
 104                                 [
 105                                         '$baseurl' => DI::baseUrl()->get(true)
 106                                 ]
 107                         );
 108
 109                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 110                         $_SESSION['return_path'] = $return_path;
 111                 }
 112
 113                 if (!empty(Session::get('openid_identity'))) {
 114                         $openid_title = DI::l10n()->t('Your OpenID: ');
 115                         $openid_readonly = true;
 116                         $identity = Session::get('openid_identity');
 117                         $username_desc = DI::l10n()->t('Please enter your username and password to add the OpenID to your existing account.');
 118                 } else {
 119                         $openid_title = DI::l10n()->t('Or login using OpenID: ');
 120                         $openid_readonly = false;
 121                         $identity = '';
 122                         $username_desc = '';
 123                 }
 124
 125                 $o .= Renderer::replaceMacros(
 126                         $tpl,
 127                         [
 128                                 '$dest_url'     => DI::baseUrl()->get(true) . '/login',
 129                                 '$logout'       => DI::l10n()->t('Logout'),
 130                                 '$login'        => DI::l10n()->t('Login'),
 131
 132                                 '$lname'        => ['username', DI::l10n()->t('Nickname or Email: '), '', $username_desc],
 133                                 '$lpassword'    => ['password', DI::l10n()->t('Password: '), '', ''],
 134                                 '$lremember'    => ['remember', DI::l10n()->t('Remember me'), 0,  ''],
 135
 136                                 '$openid'       => !$noid,
 137                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 138
 139                                 '$hiddens'      => $hiddens,
 140
 141                                 '$register'     => $reg,
 142
 143                                 '$lostpass'     => DI::l10n()->t('Forgot your password?'),
 144                                 '$lostlink'     => DI::l10n()->t('Password Reset'),
 145
 146                                 '$tostitle'     => DI::l10n()->t('Website Terms of Service'),
 147                                 '$toslink'      => DI::l10n()->t('terms of service'),
 148
 149                                 '$privacytitle' => DI::l10n()->t('Website Privacy Policy'),
 150                                 '$privacylink'  => DI::l10n()->t('privacy policy'),
 151                         ]
 152                 );
 153
 154                 Hook::callAll('login_hook', $o);
 155
 156                 return $o;
 157         }
 158
 159         /**
 160          * Get the URL to the register page and add OpenID parameters to it
 161          */
 162         private static function getRegisterURL()
 163         {
 164                 if (empty(Session::get('openid_identity'))) {
 165                         return 'register';
 166                 }
 167
 168                 $args = [];
 169                 $attr = Session::get('openid_attributes', []);
 170
 171                 if (is_array($attr) && count($attr)) {
 172                         foreach ($attr as $k => $v) {
 173                                 if ($k === 'namePerson/friendly') {
 174                                         $nick = Strings::escapeTags(trim($v));
 175                                 }
 176                                 if ($k === 'namePerson/first') {
 177                                         $first = Strings::escapeTags(trim($v));
 178                                 }
 179                                 if ($k === 'namePerson') {
 180                                         $args['username'] = Strings::escapeTags(trim($v));
 181                                 }
 182                                 if ($k === 'contact/email') {
 183                                         $args['email'] = Strings::escapeTags(trim($v));
 184                                 }
 185                                 if ($k === 'media/image/aspect11') {
 186                                         $photosq = bin2hex(trim($v));
 187                                 }
 188                                 if ($k === 'media/image/default') {
 189                                         $photo = bin2hex(trim($v));
 190                                 }
 191                         }
 192                 }
 193
 194                 if (!empty($nick)) {
 195                         $args['nickname'] = $nick;
 196                 } elseif (!empty($first)) {
 197                         $args['nickname'] = $first;
 198                 }
 199
 200                 if (!empty($photosq)) {
 201                         $args['photo'] = $photosq;
 202                 } elseif (!empty($photo)) {
 203                         $args['photo'] = $photo;
 204                 }
 205
 206                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 207
 208                 return 'register?' . http_build_query($args);
 209         }
 210 }