diff options
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/sessions.php | 37 |
1 files changed, 29 insertions, 8 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index 66758084b..57a2e8743 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -52,17 +52,35 @@ */
function authenticate($username, $password) {
-
- $dbpassword = md5($password);
-
- if ($user = get_user_by_username($username)) {
- if ($user->password == $dbpassword) {
- return $user;
- }
- }
+ + if (pam_authenticate(array('username' => $username, 'password' => $password))) + return get_user_by_username($username);
return false;
+ } + + /** + * Hook into the PAM system which accepts a username and password and attempts to authenticate + * it against a known user. + * + * @param array $credentials Associated array of credentials passed to pam_authenticate. This function expects + * 'username' and 'password' (cleartext). + */ + function pam_auth_userpass($credentials = NULL) + { + if (is_array($credentials) && ($credentials['username']) && ($credentials['password'])) + { + $dbpassword = md5($credentials['password']); + + if ($user = get_user_by_username($credentials['username'])) { + if ($user->password == $dbpassword) { + return true; + } + } + } + + return false; }
/**
@@ -190,6 +208,9 @@ register_action("login",true);
register_action("logout");
+ + // Register a default PAM handler + register_pam_handler('pam_auth_userpass'); return true;
|