src/Module/Security/Login.php

   1 <?php
   2
   3 /**
   4  * @file src/Module/Login.php
   5  */
   6
   7 namespace Friendica\Module\Security;
   8
   9 use Friendica\BaseModule;
  10 use Friendica\Core\Config;
  11 use Friendica\Core\Hook;
  12 use Friendica\Core\L10n;
  13 use Friendica\Core\Renderer;
  14 use Friendica\Core\Session;
  15 use Friendica\DI;
  16 use Friendica\Module\Register;
  17 use Friendica\Util\Strings;
  18
  19 /**
  20  * Login module
  21  *
  22  * @author Hypolite Petovan <hypolite@mrpetovan.com>
  23  */
  24 class Login extends BaseModule
  25 {
  26         public static function content(array $parameters = [])
  27         {
  28                 $a = DI::app();
  29
  30                 if (local_user()) {
  31                         $a->internalRedirect();
  32                 }
  33
  34                 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
  35         }
  36
  37         public static function post(array $parameters = [])
  38         {
  39                 $return_path = Session::get('return_path');
  40                 Session::clear();
  41                 Session::set('return_path', $return_path);
  42
  43                 // OpenId Login
  44                 if (
  45                         empty($_POST['password'])
  46                         && (!empty($_POST['openid_url'])
  47                                 || !empty($_POST['username']))
  48                 ) {
  49                         $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
  50
  51                         DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
  52                 }
  53
  54                 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
  55                         DI::auth()->withPassword(
  56                                 DI::app(),
  57                                 trim($_POST['username']),
  58                                 trim($_POST['password']),
  59                                 !empty($_POST['remember'])
  60                         );
  61                 }
  62         }
  63
  64         /**
  65          * @brief Wrapper for adding a login box.
  66          *
  67          * @param string $return_path  The path relative to the base the user should be sent
  68          *                             back to after login completes
  69          * @param bool   $register     If $register == true provide a registration link.
  70          *                             This will most always depend on the value of config.register_policy.
  71          * @param array  $hiddens      optional
  72          *
  73          * @return string Returns the complete html for inserting into the page
  74          *
  75          * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  76          * @hooks 'login_hook' string $o
  77          */
  78         public static function form($return_path = null, $register = false, $hiddens = [])
  79         {
  80                 $a = DI::app();
  81                 $o = '';
  82
  83                 $noid = Config::get('system', 'no_openid');
  84
  85                 if ($noid) {
  86                         Session::remove('openid_identity');
  87                         Session::remove('openid_attributes');
  88                 }
  89
  90                 $reg = false;
  91                 if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
  92                         $reg = [
  93                                 'title' => L10n::t('Create a New Account'),
  94                                 'desc' => L10n::t('Register'),
  95                                 'url' => self::getRegisterURL()
  96                         ];
  97                 }
  98
  99                 if (is_null($return_path)) {
 100                         $return_path = $a->query_string;
 101                 }
 102
 103                 if (local_user()) {
 104                         $tpl = Renderer::getMarkupTemplate('logout.tpl');
 105                 } else {
 106                         $a->page['htmlhead'] .= Renderer::replaceMacros(
 107                                 Renderer::getMarkupTemplate('login_head.tpl'),
 108                                 [
 109                                         '$baseurl' => $a->getBaseURL(true)
 110                                 ]
 111                         );
 112
 113                         $tpl = Renderer::getMarkupTemplate('login.tpl');
 114                         $_SESSION['return_path'] = $return_path;
 115                 }
 116
 117                 if (!empty(Session::get('openid_identity'))) {
 118                         $openid_title = L10n::t('Your OpenID: ');
 119                         $openid_readonly = true;
 120                         $identity = Session::get('openid_identity');
 121                         $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
 122                 } else {
 123                         $openid_title = L10n::t('Or login using OpenID: ');
 124                         $openid_readonly = false;
 125                         $identity = '';
 126                         $username_desc = '';
 127                 }
 128
 129                 $o .= Renderer::replaceMacros(
 130                         $tpl,
 131                         [
 132                                 '$dest_url'     => DI::app()->getBaseURL(true) . '/login',
 133                                 '$logout'       => L10n::t('Logout'),
 134                                 '$login'        => L10n::t('Login'),
 135
 136                                 '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
 137                                 '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
 138                                 '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
 139
 140                                 '$openid'       => !$noid,
 141                                 '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 142
 143                                 '$hiddens'      => $hiddens,
 144
 145                                 '$register'     => $reg,
 146
 147                                 '$lostpass'     => L10n::t('Forgot your password?'),
 148                                 '$lostlink'     => L10n::t('Password Reset'),
 149
 150                                 '$tostitle'     => L10n::t('Website Terms of Service'),
 151                                 '$toslink'      => L10n::t('terms of service'),
 152
 153                                 '$privacytitle' => L10n::t('Website Privacy Policy'),
 154                                 '$privacylink'  => L10n::t('privacy policy'),
 155                         ]
 156                 );
 157
 158                 Hook::callAll('login_hook', $o);
 159
 160                 return $o;
 161         }
 162
 163         /**
 164          * Get the URL to the register page and add OpenID parameters to it
 165          */
 166         private static function getRegisterURL()
 167         {
 168                 if (empty(Session::get('openid_identity'))) {
 169                         return 'register';
 170                 }
 171
 172                 $args = [];
 173                 $attr = Session::get('openid_attributes', []);
 174
 175                 if (is_array($attr) && count($attr)) {
 176                         foreach ($attr as $k => $v) {
 177                                 if ($k === 'namePerson/friendly') {
 178                                         $nick = Strings::escapeTags(trim($v));
 179                                 }
 180                                 if ($k === 'namePerson/first') {
 181                                         $first = Strings::escapeTags(trim($v));
 182                                 }
 183                                 if ($k === 'namePerson') {
 184                                         $args['username'] = Strings::escapeTags(trim($v));
 185                                 }
 186                                 if ($k === 'contact/email') {
 187                                         $args['email'] = Strings::escapeTags(trim($v));
 188                                 }
 189                                 if ($k === 'media/image/aspect11') {
 190                                         $photosq = bin2hex(trim($v));
 191                                 }
 192                                 if ($k === 'media/image/default') {
 193                                         $photo = bin2hex(trim($v));
 194                                 }
 195                         }
 196                 }
 197
 198                 if (!empty($nick)) {
 199                         $args['nickname'] = $nick;
 200                 } elseif (!empty($first)) {
 201                         $args['nickname'] = $first;
 202                 }
 203
 204                 if (!empty($photosq)) {
 205                         $args['photo'] = $photosq;
 206                 } elseif (!empty($photo)) {
 207                         $args['photo'] = $photo;
 208                 }
 209
 210                 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
 211
 212                 return 'register?' . http_build_query($args);
 213         }
 214 }