X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FSecurity%2FBasicAuth.php;h=51da7a98ad472429d7f21b0d106b2129b8eb16f9;hb=cab469621d173015ade7846344f5051b600d640d;hp=b76073e8b328f1dbccf2388d6e16fe8e01958551;hpb=fa2c8cad9d4419182d3c72115d4f67cb1971ca13;p=friendica.git

diff --git a/src/Security/BasicAuth.php b/src/Security/BasicAuth.php
index b76073e8b3..51da7a98ad 100644
--- a/src/Security/BasicAuth.php
+++ b/src/Security/BasicAuth.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -24,7 +24,6 @@ namespace Friendica\Security;
 use Exception;
 use Friendica\Core\Hook;
 use Friendica\Core\Logger;
-use Friendica\Core\Session;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\User;
@@ -32,7 +31,7 @@ use Friendica\Network\HTTPException\UnauthorizedException;
 use Friendica\Util\DateTimeFormat;
 
 /**
- * Authentification via the basic auth method
+ * Authentication via the basic auth method
  */
 class BasicAuth
 {
@@ -62,6 +61,11 @@ class BasicAuth
 		return (int)self::$current_user_id;
 	}
 
+	public static function setCurrentUserID(int $uid = null)
+	{
+		self::$current_user_id = $uid;
+	}
+
 	/**
 	 * Fetch a dummy application token
 	 *
@@ -73,9 +77,9 @@ class BasicAuth
 			return [];
 		}
 
-		if (!empty(self::$current_token)) {
-			return self::$current_token;
-		}
+		//if (!empty(self::$current_token)) {
+		//	return self::$current_token;
+		//}
 
 		$source = $_REQUEST['source'] ?? '';
 
@@ -118,13 +122,12 @@ class BasicAuth
 	private static function getUserIdByAuth(bool $do_login = true):int
 	{
 		$a = DI::app();
-		Session::set('allow_api', false);
 		self::$current_user_id = 0;
 
 		// workaround for HTTP-auth in CGI mode
 		if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
 			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
-			if (strlen($userpass)) {
+			if (!empty($userpass) && strpos($userpass, ':')) {
 				list($name, $password) = explode(':', $userpass);
 				$_SERVER['PHP_AUTH_USER'] = $name;
 				$_SERVER['PHP_AUTH_PW'] = $password;
@@ -173,7 +176,10 @@ class BasicAuth
 				return 0;
 			}
 			Logger::debug('Access denied', ['parameters' => $_SERVER]);
-			header('WWW-Authenticate: Basic realm="Friendica"');
+			// Checking for commandline for the tests, we have to avoid to send a header
+			if (DI::config()->get('system', 'basicauth') && (php_sapi_name() !== 'cli')) {
+				header('WWW-Authenticate: Basic realm="Friendica"');
+			}
 			throw new UnauthorizedException("This API requires login");
 		}
 
@@ -182,15 +188,10 @@ class BasicAuth
 
 		DI::auth()->setForUser($a, $record, false, false, $login_refresh);
 
-		Session::set('allow_api', true);
+		Hook::callAll('logged_in', $record);
 
-		Hook::callAll('logged_in', $a->user);
+		self::$current_user_id = DI::userSession()->getLocalUserId();
 
-		if (Session::get('allow_api')) {
-			self::$current_user_id = local_user();
-		} else {
-			self::$current_user_id = 0;
-		}
 		return self::$current_user_id;
 	}
 }