X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fapiauth.php;h=0d1613d381ed17de89be5410b47e1b7df2f04637;hb=fae0f36b4d1e43e42637bced0b655ee6a25d6226;hp=f0b4b6bf7f44f0fec8e2b1dee8167da559221668;hpb=e307adfbfc44e653ee2b5b94dcf7eabdc8ffe0df;p=quix0rs-gnu-social.git diff --git a/lib/apiauth.php b/lib/apiauth.php index f0b4b6bf7f..0d1613d381 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -21,7 +21,14 @@ * * @category API * @package StatusNet - * @author Zach Copley + * @author Adrian Lang + * @author Brenda Wallace + * @author Craig Andrews + * @author Dan Moore + * @author Evan Prodromou + * @author mEDI + * @author Sarven Capadisli + * @author Zach Copley * @copyright 2009 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ @@ -31,7 +38,7 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/twitterapi.php'; +require_once INSTALLDIR . '/lib/api.php'; /** * Actions extending this class will require auth @@ -43,11 +50,31 @@ require_once INSTALLDIR.'/lib/twitterapi.php'; * @link http://status.net/ */ -class ApiAuthAction extends TwitterapiAction +class ApiAuthAction extends ApiAction { var $auth_user = null; + /** + * Take arguments for running, and output basic auth header if needed + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + $this->checkBasicAuthUser(); + } + + return true; + } + /** * Does this API resource require authentication? * @@ -70,18 +97,24 @@ class ApiAuthAction extends TwitterapiAction { $this->basicAuthProcessHeader(); + $realm = common_config('site', 'name') . ' API'; + if (!isset($this->auth_user)) { - header('WWW-Authenticate: Basic realm="StatusNet API"'); + header('WWW-Authenticate: Basic realm="' . $realm . '"'); // show error if the user clicks 'cancel' $this->showBasicAuthError(); - return false; + exit; } else { $nickname = $this->auth_user; $password = $this->auth_pw; - $this->auth_user = common_check_user($nickname, $password); + $user = common_check_user($nickname, $password); + if (Event::handle('StartSetApiUser', array(&$user))) { + $this->auth_user = $user; + Event::handle('EndSetApiUser', array($user)); + } if (empty($this->auth_user)) { @@ -94,7 +127,7 @@ class ApiAuthAction extends TwitterapiAction "$nickname, proxy = $proxy, ip = $ip." ); $this->showBasicAuthError(); - return false; + exit; } } return true; @@ -152,7 +185,7 @@ class ApiAuthAction extends TwitterapiAction header('HTTP/1.1 401 Unauthorized'); $msg = 'Could not authenticate you.'; - if ($this->arg('format') == 'xml') { + if ($this->format == 'xml') { header('Content-Type: application/xml; charset=utf-8'); $this->startXML(); $this->elementStart('hash'); @@ -160,7 +193,7 @@ class ApiAuthAction extends TwitterapiAction $this->element('request', null, $_SERVER['REQUEST_URI']); $this->elementEnd('hash'); $this->endXML(); - } elseif ($this->arg('format') == 'json') { + } elseif ($this->format == 'json') { header('Content-Type: application/json; charset=utf-8'); $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);