]> git.mxchange.org Git - friendica.git/commitdiff
Add new Module classes
authorHypolite Petovan <mrpetovan@gmail.com>
Sun, 17 Dec 2017 16:34:43 +0000 (11:34 -0500)
committerHypolite Petovan <mrpetovan@gmail.com>
Sat, 30 Dec 2017 02:55:13 +0000 (21:55 -0500)
- Add BaseModule
- Add Login module
- Add Logout module

src/BaseObject.php
src/Module/Login.php [new file with mode: 0644]
src/Module/Logout.php [new file with mode: 0644]

index 01957164c10bd664fbd536b2f6c0680b5af8e9c9..5adfe096d7dac1df67b1c1b481e1cb90e8071533 100644 (file)
@@ -20,7 +20,7 @@ class BaseObject
         *
         * Same as get_app from boot.php
         *
-        * @return object
+        * @return App
         */
        public static function getApp()
        {
diff --git a/src/Module/Login.php b/src/Module/Login.php
new file mode 100644 (file)
index 0000000..5183898
--- /dev/null
@@ -0,0 +1,311 @@
+<?php\r
+\r
+namespace Friendica\Module;\r
+\r
+use Friendica\BaseModule;\r
+use Friendica\Core\Config;\r
+use Friendica\Database\DBM;\r
+use Friendica\Model\User;\r
+use dba;\r
+\r
+require_once 'boot.php';\r
+require_once 'include/datetime.php';\r
+require_once 'include/pgettext.php';\r
+require_once 'include/security.php';\r
+require_once 'include/text.php';\r
+\r
+/**\r
+ * Login module\r
+ *\r
+ * @author Hypolite Petovan mrpetovan@gmail.com\r
+ */\r
+class Login extends BaseModule\r
+{\r
+       public static function content()\r
+       {\r
+               $a = self::getApp();\r
+\r
+               if (x($_SESSION, 'theme')) {\r
+                       unset($_SESSION['theme']);\r
+               }\r
+\r
+               if (x($_SESSION, 'mobile-theme')) {\r
+                       unset($_SESSION['mobile-theme']);\r
+               }\r
+\r
+               if (local_user()) {\r
+                       goaway(self::getApp()->get_baseurl());\r
+               }\r
+\r
+               return self::form(self::getApp()->get_baseurl(), $a->config['register_policy'] != REGISTER_CLOSED);\r
+       }\r
+\r
+       public static function post()\r
+       {\r
+               session_unset();\r
+               // OpenId Login\r
+               if (\r
+                       !x($_POST, 'password')\r
+                       && (\r
+                               x($_POST, 'openid_url')\r
+                               || x($_POST, 'username')\r
+                       )\r
+               ) {\r
+                       $noid = Config::get('system', 'no_openid');\r
+\r
+                       $openid_url = trim($_POST['openid_url'] ? : $_POST['username']);\r
+\r
+                       // if it's an email address or doesn't resolve to a URL, fail.\r
+                       if ($noid || strpos($openid_url, '@') || !validate_url($openid_url)) {\r
+                               notice(t('Login failed.') . EOL);\r
+                               goaway(self::getApp()->get_baseurl());\r
+                               // NOTREACHED\r
+                       }\r
+\r
+                       // Otherwise it's probably an openid.\r
+                       try {\r
+                               require_once 'library/openid.php';\r
+                               $openid = new LightOpenID;\r
+                               $openid->identity = $openid_url;\r
+                               $_SESSION['openid'] = $openid_url;\r
+                               $_SESSION['remember'] = $_POST['remember'];\r
+                               $openid->returnUrl = self::getApp()->get_baseurl(true) . '/openid';\r
+                               goaway($openid->authUrl());\r
+                       } catch (Exception $e) {\r
+                               notice(t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . t('The error message was:') . ' ' . $e->getMessage());\r
+                       }\r
+                       // NOTREACHED\r
+               }\r
+\r
+               if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {\r
+                       $record = null;\r
+\r
+                       $addon_auth = array(\r
+                               'username' => trim($_POST['username']),\r
+                               'password' => trim($_POST['password']),\r
+                               'authenticated' => 0,\r
+                               'user_record' => null\r
+                       );\r
+\r
+                       /*\r
+                        * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record\r
+                        * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained\r
+                        * and later plugins should not interfere with an earlier one that succeeded.\r
+                        */\r
+                       call_hooks('authenticate', $addon_auth);\r
+\r
+                       if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {\r
+                               $record = $addon_auth['user_record'];\r
+                       } else {\r
+                               $user_id = User::authenticate(trim($_POST['username']), trim($_POST['password']));\r
+                               if ($user_id) {\r
+                                       $record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]);\r
+                               }\r
+                       }\r
+\r
+                       if (!$record || !count($record)) {\r
+                               logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);\r
+                               notice(t('Login failed.') . EOL);\r
+                               goaway(self::getApp()->get_baseurl());\r
+                       }\r
+\r
+                       if (!$_POST['remember']) {\r
+                               new_cookie(0); // 0 means delete on browser exit\r
+                       }\r
+\r
+                       // if we haven't failed up this point, log them in.\r
+                       $_SESSION['remember'] = $_POST['remember'];\r
+                       $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');\r
+                       authenticate_success($record, true, true);\r
+\r
+                       if (x($_SESSION, 'return_url')) {\r
+                               $return_url = $_SESSION['return_url'];\r
+                               unset($_SESSION['return_url']);\r
+                       } else {\r
+                               $return_url = '';\r
+                       }\r
+\r
+                       goaway($return_url);\r
+               }\r
+       }\r
+\r
+       /**\r
+        * @brief Tries to auth the user from the cookie or session\r
+        *\r
+        * @todo Should be moved to Friendica\Core\Session when it's created\r
+        */\r
+       public static function sessionAuth()\r
+       {\r
+               // When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.\r
+               if (isset($_COOKIE["Friendica"])) {\r
+                       $data = json_decode($_COOKIE["Friendica"]);\r
+                       if (isset($data->uid)) {\r
+\r
+                               $user = dba::select('user',\r
+                                       [],\r
+                                       [\r
+                                               'uid'             => $data->uid,\r
+                                               'blocked'         => false,\r
+                                               'account_expired' => false,\r
+                                               'account_removed' => false,\r
+                                               'verified'        => true,\r
+                                       ],\r
+                                       ['limit' => 1]\r
+                               );\r
+\r
+                               if (DBM::is_result($user)) {\r
+                                       if ($data->hash != cookie_hash($user)) {\r
+                                               logger("Hash for user " . $data->uid . " doesn't fit.");\r
+                                               nuke_session();\r
+                                               goaway(self::getApp()->get_baseurl());\r
+                                       }\r
+\r
+                                       // Renew the cookie\r
+                                       // Expires after 7 days by default,\r
+                                       // can be set via system.auth_cookie_lifetime\r
+                                       $authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);\r
+                                       new_cookie($authcookiedays * 24 * 60 * 60, $user);\r
+\r
+                                       // Do the authentification if not done by now\r
+                                       if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {\r
+                                               authenticate_success($user);\r
+\r
+                                               if (Config::get('system', 'paranoia')) {\r
+                                                       $_SESSION['addr'] = $data->ip;\r
+                                               }\r
+                                       }\r
+                               }\r
+                       }\r
+               }\r
+\r
+               if (isset($_SESSION) && x($_SESSION, 'authenticated')) {\r
+                       if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {\r
+                               $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",\r
+                                       intval($_SESSION['visitor_id'])\r
+                               );\r
+                               if (DBM::is_result($r)) {\r
+                                       $a->contact = $r[0];\r
+                               }\r
+                       }\r
+\r
+                       if (x($_SESSION, 'uid')) {\r
+                               // already logged in user returning\r
+                               $check = Config::get('system', 'paranoia');\r
+                               // extra paranoia - if the IP changed, log them out\r
+                               if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {\r
+                                       logger('Session address changed. Paranoid setting in effect, blocking session. ' .\r
+                                               $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);\r
+                                       nuke_session();\r
+                                       goaway(self::getApp()->get_baseurl());\r
+                               }\r
+\r
+                               $user = dba::select('user',\r
+                                       [],\r
+                                       [\r
+                                               'uid'             => $_SESSION['uid'],\r
+                                               'blocked'         => false,\r
+                                               'account_expired' => false,\r
+                                               'account_removed' => false,\r
+                                               'verified'        => true,\r
+                                       ],\r
+                                       ['limit' => 1]\r
+                               );\r
+                               if (!DBM::is_result($user)) {\r
+                                       nuke_session();\r
+                                       goaway(self::getApp()->get_baseurl());\r
+                               }\r
+\r
+                               // Make sure to refresh the last login time for the user if the user\r
+                               // stays logged in for a long time, e.g. with "Remember Me"\r
+                               $login_refresh = false;\r
+                               if (!x($_SESSION['last_login_date'])) {\r
+                                       $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');\r
+                               }\r
+                               if (strcmp(datetime_convert('UTC', 'UTC', 'now - 12 hours'), $_SESSION['last_login_date']) > 0) {\r
+                                       $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');\r
+                                       $login_refresh = true;\r
+                               }\r
+                               authenticate_success($user, false, false, $login_refresh);\r
+                       }\r
+               }\r
+       }\r
+\r
+       /**\r
+        * @brief Wrapper for adding a login box.\r
+        *\r
+        * @param string $return_url The url relative to the base the user should be sent\r
+        *                                                       back to after login completes\r
+        * @param bool $register If $register == true provide a registration link.\r
+        *                                               This will most always depend on the value of $a->config['register_policy'].\r
+        * @param array $hiddens  optional\r
+        *\r
+        * @return string Returns the complete html for inserting into the page\r
+        *\r
+        * @hooks 'login_hook' string $o\r
+        */\r
+       public static function form($return_url = null, $register = false, $hiddens = [])\r
+       {\r
+               $a = self::getApp();\r
+               $o = '';\r
+               $reg = false;\r
+               if ($register) {\r
+                       $reg = array(\r
+                               'title' => t('Create a New Account'),\r
+                               'desc' => t('Register')\r
+                       );\r
+               }\r
+\r
+               $noid = Config::get('system', 'no_openid');\r
+\r
+               if (is_null($return_url)) {\r
+                       $return_url = $a->query_string;\r
+               }\r
+\r
+               if (local_user()) {\r
+                       $tpl = get_markup_template('logout.tpl');\r
+               } else {\r
+                       $a->page['htmlhead'] .= replace_macros(\r
+                               get_markup_template('login_head.tpl'),\r
+                               [\r
+                                       '$baseurl' => $a->get_baseurl(true)\r
+                               ]\r
+                       );\r
+\r
+                       $tpl = get_markup_template('login.tpl');\r
+                       $_SESSION['return_url'] = $return_url;\r
+               }\r
+\r
+               $o .= replace_macros(\r
+                       $tpl,\r
+                       [\r
+                               '$dest_url'     => self::getApp()->get_baseurl(true) . '/login',\r
+                               '$logout'       => t('Logout'),\r
+                               '$login'        => t('Login'),\r
+\r
+                               '$lname'        => array('username', t('Nickname or Email: ') , '', ''),\r
+                               '$lpassword'    => array('password', t('Password: '), '', ''),\r
+                               '$lremember'    => array('remember', t('Remember me'), 0,  ''),\r
+\r
+                               '$openid'       => !$noid,\r
+                               '$lopenid'      => array('openid_url', t('Or login using OpenID: '),'',''),\r
+\r
+                               '$hiddens'      => $hiddens,\r
+\r
+                               '$register'     => $reg,\r
+\r
+                               '$lostpass'     => t('Forgot your password?'),\r
+                               '$lostlink'     => t('Password Reset'),\r
+\r
+                               '$tostitle'     => t('Website Terms of Service'),\r
+                               '$toslink'      => t('terms of service'),\r
+\r
+                               '$privacytitle' => t('Website Privacy Policy'),\r
+                               '$privacylink'  => t('privacy policy'),\r
+                       ]\r
+               );\r
+\r
+               call_hooks('login_hook', $o);\r
+\r
+               return $o;\r
+       }\r
+}
\ No newline at end of file
diff --git a/src/Module/Logout.php b/src/Module/Logout.php
new file mode 100644 (file)
index 0000000..5c3035e
--- /dev/null
@@ -0,0 +1,29 @@
+<?php\r
+\r
+namespace Friendica\Module;\r
+\r
+use Friendica\BaseModule;\r
+\r
+require_once 'boot.php';\r
+require_once 'include/pgettext.php';\r
+require_once 'include/plugin.php';\r
+require_once 'include/security.php';\r
+\r
+/**\r
+ * Logout module\r
+ *\r
+ * @author Hypolite Petovan mrpetovan@gmail.com\r
+ */\r
+class Logout extends BaseModule\r
+{\r
+       /**\r
+        * @brief Process logout requests\r
+        */\r
+       public static function init()\r
+       {\r
+               call_hooks("logging_out");\r
+               nuke_session();\r
+               info(t('Logged out.') . EOL);\r
+               goaway(self::getApp()->get_baseurl());\r
+       }\r
+}
\ No newline at end of file