4 * @file src/Module/Login.php
7 namespace Friendica\Module\Security;
9 use Friendica\BaseModule;
10 use Friendica\App\Authentication;
11 use Friendica\Core\Config;
12 use Friendica\Core\Hook;
13 use Friendica\Core\L10n;
14 use Friendica\Core\Renderer;
15 use Friendica\Core\Session;
16 use Friendica\Module\Register;
17 use Friendica\Util\Strings;
22 * @author Hypolite Petovan <hypolite@mrpetovan.com>
24 class Login extends BaseModule
26 public static function content(array $parameters = [])
31 $a->internalRedirect();
34 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
37 public static function post(array $parameters = [])
39 $return_path = Session::get('return_path');
41 Session::set('return_path', $return_path);
45 empty($_POST['password'])
46 && (!empty($_POST['openid_url'])
47 || !empty($_POST['username']))
49 $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
51 /** @var Authentication $authentication */
52 $authentication = self::getClass(Authentication::class);
53 $authentication->withOpenId($openid_url, !empty($_POST['remember']));
56 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
57 /** @var Authentication $authentication */
58 $authentication = self::getClass(Authentication::class);
59 $authentication->withPassword(
61 trim($_POST['username']),
62 trim($_POST['password']),
63 !empty($_POST['remember'])
69 * @brief Wrapper for adding a login box.
71 * @param string $return_path The path relative to the base the user should be sent
72 * back to after login completes
73 * @param bool $register If $register == true provide a registration link.
74 * This will most always depend on the value of config.register_policy.
75 * @param array $hiddens optional
77 * @return string Returns the complete html for inserting into the page
79 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
80 * @hooks 'login_hook' string $o
82 public static function form($return_path = null, $register = false, $hiddens = [])
87 $noid = Config::get('system', 'no_openid');
90 Session::remove('openid_identity');
91 Session::remove('openid_attributes');
95 if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
97 'title' => L10n::t('Create a New Account'),
98 'desc' => L10n::t('Register'),
99 'url' => self::getRegisterURL()
103 if (is_null($return_path)) {
104 $return_path = $a->query_string;
108 $tpl = Renderer::getMarkupTemplate('logout.tpl');
110 $a->page['htmlhead'] .= Renderer::replaceMacros(
111 Renderer::getMarkupTemplate('login_head.tpl'),
113 '$baseurl' => $a->getBaseURL(true)
117 $tpl = Renderer::getMarkupTemplate('login.tpl');
118 $_SESSION['return_path'] = $return_path;
121 if (!empty(Session::get('openid_identity'))) {
122 $openid_title = L10n::t('Your OpenID: ');
123 $openid_readonly = true;
124 $identity = Session::get('openid_identity');
125 $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
127 $openid_title = L10n::t('Or login using OpenID: ');
128 $openid_readonly = false;
133 $o .= Renderer::replaceMacros(
136 '$dest_url' => self::getApp()->getBaseURL(true) . '/login',
137 '$logout' => L10n::t('Logout'),
138 '$login' => L10n::t('Login'),
140 '$lname' => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
141 '$lpassword' => ['password', L10n::t('Password: '), '', ''],
142 '$lremember' => ['remember', L10n::t('Remember me'), 0, ''],
145 '$lopenid' => ['openid_url', $openid_title, $identity, '', $openid_readonly],
147 '$hiddens' => $hiddens,
151 '$lostpass' => L10n::t('Forgot your password?'),
152 '$lostlink' => L10n::t('Password Reset'),
154 '$tostitle' => L10n::t('Website Terms of Service'),
155 '$toslink' => L10n::t('terms of service'),
157 '$privacytitle' => L10n::t('Website Privacy Policy'),
158 '$privacylink' => L10n::t('privacy policy'),
162 Hook::callAll('login_hook', $o);
168 * Get the URL to the register page and add OpenID parameters to it
170 private static function getRegisterURL()
172 if (empty(Session::get('openid_identity'))) {
177 $attr = Session::get('openid_attributes', []);
179 if (is_array($attr) && count($attr)) {
180 foreach ($attr as $k => $v) {
181 if ($k === 'namePerson/friendly') {
182 $nick = Strings::escapeTags(trim($v));
184 if ($k === 'namePerson/first') {
185 $first = Strings::escapeTags(trim($v));
187 if ($k === 'namePerson') {
188 $args['username'] = Strings::escapeTags(trim($v));
190 if ($k === 'contact/email') {
191 $args['email'] = Strings::escapeTags(trim($v));
193 if ($k === 'media/image/aspect11') {
194 $photosq = bin2hex(trim($v));
196 if ($k === 'media/image/default') {
197 $photo = bin2hex(trim($v));
203 $args['nickname'] = $nick;
204 } elseif (!empty($first)) {
205 $args['nickname'] = $first;
208 if (!empty($photosq)) {
209 $args['photo'] = $photosq;
210 } elseif (!empty($photo)) {
211 $args['photo'] = $photo;
214 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
216 return 'register?' . http_build_query($args);