public $port = 443;
public $path = '';
public $takeOverLogin = false;
+ public $user_whitelist = null;
function checkPassword($username, $password)
{
$casSettings['port']=$this->port;
$casSettings['path']=$this->path;
$casSettings['takeOverLogin']=$this->takeOverLogin;
+ $casSettings['user_whitelist']=$this->user_whitelist;
}
function onPluginVersion(array &$versions)
takeOverLogin (false): Take over the main login action. If takeOverLogin is
set, anytime the standard username/password login form would be shown,
a CAS login will be done instead.
+user_whitelist (null): Only allow login via CAS for users listed in this
+ array. This is useful when both CAS and password authentication is enabled
+ and there is a mismatch between some GNU social account names and CAS user
+ names. This prevents CAS users from logging in as someone else on GNU
+ social. When set to null, no CAS logins are filtered by this feature.
* required
default values are in (parenthesis)
$this->serverError(_m('Incorrect username or password.'));
}
+ if ($casSettings['user_whitelist'] != null && !in_array($user->nickname, $casSettings['user_whitelist'])) {
+ // TRANS: Server error displayed when trying to log in with non-whitelisted user name (when whitelists are enabled.)
+ $this->serverError(_m('Incorrect username or password.'));
+ }
+
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when login fails in CAS authentication plugin.
projects / quix0rs-gnu-social.git / commitdiff