dav/friendica/dav_friendica_auth.inc.php

   1 <?php
   2
   3 class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
   4
   5     public function __construct() {
   6     }
   7
   8
   9         /**
  10          * @var Sabre_DAV_Auth_Backend_Std|null
  11          */
  12         private static $intstance = null;
  13
  14         /**
  15          * @static
  16          * @return Sabre_DAV_Auth_Backend_Std
  17          */
  18         public static function &getInstance() {
  19                 if (is_null(self::$intstance)) {
  20                         self::$intstance = new Sabre_DAV_Auth_Backend_Std();
  21                 }
  22                 return self::$intstance;
  23         }
  24
  25
  26         /**
  27          * @return array
  28          */
  29         public function getUsers() {
  30         return array($this->currentUser);
  31     }
  32
  33         /**
  34          * @return null|string
  35          */
  36         public function getCurrentUser() {
  37         return $this->currentUser;
  38     }
  39
  40         /**
  41          * Authenticates the user based on the current request.
  42          *
  43          * If authentication is successful, true must be returned.
  44          * If authentication fails, an exception must be thrown.
  45          *
  46          * @param Sabre_DAV_Server $server
  47          * @param string $realm
  48          * @throws Sabre_DAV_Exception_NotAuthenticated
  49          * @return bool
  50          */
  51         public function authenticate(Sabre_DAV_Server $server, $realm) {
  52
  53                 $a = get_app();
  54                 if (isset($a->user["uid"])) {
  55                         $this->currentUser = strtolower($a->user["nickname"]);
  56                         return true;
  57                 }
  58
  59                 $auth = new Sabre_HTTP_BasicAuth();
  60                 $auth->setHTTPRequest($server->httpRequest);
  61                 $auth->setHTTPResponse($server->httpResponse);
  62                 $auth->setRealm($realm);
  63                 $userpass = $auth->getUserPass();
  64                 if (!$userpass) {
  65                         $auth->requireLogin();
  66                         throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
  67                 }
  68
  69                 // Authenticates the user
  70                 if (!$this->validateUserPass($userpass[0],$userpass[1])) {
  71                         $auth->requireLogin();
  72                         throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
  73                 }
  74                 $this->currentUser = strtolower($userpass[0]);
  75                 return true;
  76         }
  77
  78
  79         /**
  80          * @param string $username
  81          * @param string $password
  82          * @return bool
  83          */
  84         protected function validateUserPass($username, $password) {
  85                 $encrypted = hash('whirlpool',trim($password));
  86                 $r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
  87                         dbesc(trim($username)),
  88                         dbesc($encrypted)
  89                 );
  90                 return ($r[0]["anz"] == 1);
  91     }
  92
  93 }