|
From: Joe S. <joe...@us...> - 2004-09-15 23:36:39
|
Update of /cvsroot/phpslash/phpslash-dev/include/modules/auth/authtypes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14210/phpslash-dev/include/modules/auth/authtypes Added Files: slashAuthCR.class slashAuthLDAP.class Log Message: removed classes that already had been moved to module directories. moved Infolog and slashAuth to module directories. --- NEW FILE: slashAuthCR.class --- <?php /* $Id: slashAuthCR.class,v 1.1 2004/09/15 23:36:30 joestewart Exp $ * * Quoting the phplib local.inc * * "A variation of Auth which uses a Challenge-Response * Authentication. The password never crosses the net in clear, * if the remote system supports JavaScript. Please read the * Documentation section about CR Authentication to understand * what is going on." */ class slashAuth extends slashAuth_base { // psl built in Challenge Response function psl_validate($username, $password, $response, $user_info) { global $challenge; // debug("response", $response); // debug("challenge", $challenge); $is_user = false; // generate the expected response $md5_pw = $user_info['password']; // this is the raw MD5ed user/pass combo $expected_response = md5("$md5_pw:$challenge"); // debug("expected_response", $expected_response); // True when JS is disabled if ($response == "") { $md5_pw_net = md5("$username:$password"); $response = md5("$md5_pw_net:$challenge"); } // Response is set, JS might be enabled... // compare the responses if ($expected_response == $response) { // success $is_user = true; } else { $this->auth["error"] = pslgetText("Either your username or password are invalid. Please try again."); } return $is_user; } // psl built in "Remember Me" function psl_preauth($username, $password, $user_info) { global $HTTP_COOKIE_VARS; $is_user = false; // decode the cookie data into an array $cookie_ary = unserialize(base64_decode($HTTP_COOKIE_VARS['user_info'])); // generate the challenge we expect $cookie_challenge = md5($this->magic .":". $this->psl['basedir']); $md5_pw = $password; // this is the raw MD5ed user/pass combo $expected_response = md5("$md5_pw:$cookie_challenge"); // compare the response given in the cookie to expected response if( $expected_response == $cookie_ary[0]) { $is_user = true; } return $is_user; } } ?> --- NEW FILE: slashAuthLDAP.class --- <?php /* $Id: slashAuthLDAP.class,v 1.1 2004/09/15 23:36:30 joestewart Exp $ * * Mostly taken from Back-End LDAP.class which was: * Written by Peter Starowicz <pe...@op...> for OpenConcept.ca * * This module unfinished and untested - remove this when completed * */ class slashAuth extends slashAuth_base { // LDAP validation function psl_validate($username, $password, $user_info) { global $challenge; $is_user = false; $md5_pw = $this->ldap_pass($username); // generate the expected response $expected_response = md5("$md5_pw:$challenge"); // True when JS is disabled if ($response == "") { $md5_pw_net = md5("$username:$password"); $response = md5("$md5_pw_net:$challenge"); } if ($expected_response != $response) { // failed - return with error message $this->auth["error"] = pslgetText("Either your username or password are invalid. Please try again."); $is_user = false; } else { // success $is_user = true; } return $is_user; } /** * * Find and return the MD5 encoded password for the specified user * * **/ function ldap_pass($username = "") { // debug('function LDAP_pass()', ""); $ldap_user = $this->ldap_search_user($username); if ($ldap_user) { $md5_pw = md5($username .":". $ldap_user[0]["password"][0]; // return $ldap_user[0]["password"][0]; } //debug('function ldap_pass() ', 'failed'); return false; } /** * * Find and return the specified LDAP user * * **/ function ldap_search_user($username = "") { //debug('function LDAP_search_user()', ""); $this->ds = @ldap_connect($this->Host, $this->Port); $ldap_search_result = @ldap_search($this->ds, $this->Base_dn, $this->Search_detail."=".$username); if ($ldap_search_result) { //debug("function LDAP_search() ldap_search_result",print_r($ldap_search_result)); $result = ldap_get_entries($this->ds, $ldap_search_result); //debug("function LDAP_search() result",print_r($result)); return $result; } //debug('function LDAP_search_user() ', ' failed'); return false; } } ?> |
