|
From: Luis M <le...@us...> - 2004-10-29 18:45:05
|
Update of /cvsroot/phpslash/phpslash-dev/include/modules/auth/authtypes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18233 Modified Files: slashAuthLDAP.class Log Message: preauth doesn't work correctly for ldap-only users yet. but, $this->auth is setup the "right" way now... still double-login issue for all accounts Index: slashAuthLDAP.class =================================================================== RCS file: /cvsroot/phpslash/phpslash-dev/include/modules/auth/authtypes/slashAuthLDAP.class,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** slashAuthLDAP.class 29 Oct 2004 06:39:24 -0000 1.8 --- slashAuthLDAP.class 29 Oct 2004 18:44:53 -0000 1.9 *************** *** 22,43 **** var $found = ""; /** search results found */ - /** - * PSL password - * - * Arranges password in std PSL format - * - */ - function psl_passwd ($username,$password,$my_challenge="") - { - global $challenge; - if ( empty($my_challenge) ) - { - $my_challenge = $challenge; - } - $md5_pw = md5("$username:$password"); - $pw = md5("$md5_pw:$my_challenge"); - return $pw; - } - /** * PSL LDAP's pre-validation --- 22,25 ---- *************** *** 70,76 **** // generate the expected response $md5_pw = $user_info['password']; // this is the raw MD5ed user/pass combo $expected_response = md5("$md5_pw:$challenge"); ! ! $response = $this->psl_passwd($username,$password); // compare the responses --- 52,59 ---- // generate the expected response $md5_pw = $user_info['password']; // this is the raw MD5ed user/pass combo + + /** FIXME at this point i could simply match: md5_pw with md5(username:password)... */ $expected_response = md5("$md5_pw:$challenge"); ! $response = $this->psl_passwd($username,$password,$challenge); // compare the responses *************** *** 202,220 **** $ary = array (); $ary['author_name'] = $username; ! $ary['username'] = $username; /** NOT NEEDED ? */ ! $ary['uname'] = $username; /** NOT NEEDED ? */ ! $ary['uid'] = $username; /** NOT NEEDED ? */ $ary['password'] = $this->psl_passwd($username,$password); /** permissions TODO ask if this is right way? */ $perms = array('nobody'=>20,'user'=>21); $ary['permission'] = $perms; ! if ( $this->psl_register_authed($ary) == false ) { debug("user","Could not register authenticated user in SQL db"); $this->auth["error"] = pslgetText("Could not register authenticated user in SQL db"); } ! $this->auth['uid'] = $username; ! $this->auth['perms'] = $this->get_userperms($username); ! return true; } else { --- 185,203 ---- $ary = array (); $ary['author_name'] = $username; ! $ary['author_realname'] = $username; /* TODO get cn from LDAP */ $ary['password'] = $this->psl_passwd($username,$password); /** permissions TODO ask if this is right way? */ $perms = array('nobody'=>20,'user'=>21); $ary['permission'] = $perms; ! if ( $this->psl_register_authed($ary) != false ) { + /** loads $this->ary with whatever is needed to allow + propper authentication @see slashAuth::load_user_info() */ + $this->load_user_info($ary); + } else { debug("user","Could not register authenticated user in SQL db"); $this->auth["error"] = pslgetText("Could not register authenticated user in SQL db"); } ! /*$this->auth['perms'] = $this->get_userperms($username);*/ return true; } else { |
