Auth() for Sharedsecret is now working, Token Object too.
This commit is contained in:
Benjamin Sonntag
parent
3058ed4cbe
commit
924b36ee19
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
|
||||
/* Global variables (AlternC configuration) */
|
||||
require_once(__DIR__."/../../class/local.php");
|
||||
require_once("/usr/share/alternc/panel/class/local.php");
|
||||
|
||||
// Define constants from vars of /etc/alternc/local.sh
|
||||
// The you can't choose where is the AlternC Panel
|
||||
|
|
@ -23,7 +23,7 @@ require_once($root."class/db_mysql.php");
|
|||
require_once($root."class/functions.php");
|
||||
|
||||
|
||||
global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
|
||||
global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD,$db,$dbh;
|
||||
|
||||
class DB_system extends DB_Sql {
|
||||
var $Host,$Database,$User,$Password;
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ interface Alternc_Api_Auth_Interface {
|
|||
* contructor :
|
||||
* $service is an Alternc_Api_Service object having a getDb() method
|
||||
*/
|
||||
function __constructor($service);
|
||||
function __construct($service);
|
||||
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -12,8 +12,7 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
|
|||
const ERR_INVALID_ARGUMENT = 1111801;
|
||||
const ERR_INVALID_SECRET = 1111802;
|
||||
const ERR_INVALID_LOGIN = 1111803;
|
||||
const ERR_INVALID_LOGIN = 1111804;
|
||||
const ERR_DISABLED_ACCOUNT = 1111805;
|
||||
const ERR_DISABLED_ACCOUNT = 1111804;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -22,7 +21,7 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
|
|||
* @param $service an Alternc_Api_Service object
|
||||
* @return create the object
|
||||
*/
|
||||
function __constructor($service) {
|
||||
function __construct($service) {
|
||||
|
||||
if (!($service instanceof Alternc_Api_Service))
|
||||
throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT);
|
||||
|
|
@ -55,15 +54,16 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
|
|||
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login") );
|
||||
}
|
||||
|
||||
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;",array($options["login"],$options["secret"]),PDO::FETCH_CLASS);
|
||||
$me=$stmt->fetch();
|
||||
$stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
|
||||
$stmt->execute(array($options["login"],$options["secret"]) );
|
||||
$me=$stmt->fetch(PDO::FETCH_OBJ);
|
||||
if (!$me)
|
||||
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret") );
|
||||
if (!$me->enabled)
|
||||
return new Alternc_Api_Response( array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled") );
|
||||
|
||||
return Alternc_Api_Token::tokenGenerate(
|
||||
array("uid"=>$me->uid, "isAdmin"=>($me->su!=0) ),
|
||||
array("uid"=>(int)$me->uid, "isAdmin"=>($me->su!=0) ),
|
||||
$this->db
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -91,6 +91,7 @@ class Alternc_Api_Service {
|
|||
}
|
||||
|
||||
$adapterName = "Alternc_Api_Auth_".ucfirst(strtolower($auth["method"]));
|
||||
|
||||
$authAdapter = new $adapterName($this);
|
||||
|
||||
$token = $authAdapter->auth($auth["options"]);
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ class Alternc_Api_Token {
|
|||
*
|
||||
* @var int
|
||||
*/
|
||||
public static $tokenDuration = 2678400; // default is a month
|
||||
public $tokenDuration = 2678400; // default is a month
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -47,7 +47,7 @@ class Alternc_Api_Token {
|
|||
* @param options any of the public above
|
||||
* may contain a dbAdapter, in that case create() will be available
|
||||
*/
|
||||
public function __constructor($options=array()) {
|
||||
public function __construct($options=array()) {
|
||||
|
||||
if (isset($options["uid"]) && is_int($options["uid"]))
|
||||
$this->uid=$options["uid"];
|
||||
|
|
@ -89,9 +89,10 @@ class Alternc_Api_Token {
|
|||
|
||||
do {
|
||||
$token->token = $token->tokenRandom();
|
||||
$rows = $db->exec("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECONDS), data=?",
|
||||
array($token,$token->tokenDuration, $token->toJson())
|
||||
);
|
||||
$stmt=$db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
|
||||
$stmt->execute(array($token->token,$token->tokenDuration, $token->toJson()));
|
||||
$rows = $stmt->rowCount();
|
||||
|
||||
} while ($rows==0); // prevent collisions
|
||||
|
||||
return $token;
|
||||
|
|
|
|||
Loading…
Reference in New Issue