diff options
author | cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2009-10-03 14:00:33 +0000 |
---|---|---|
committer | cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2009-10-03 14:00:33 +0000 |
commit | 29422fa55379aa61a61019b832c83dab6d450264 (patch) | |
tree | e5884ce6fed2cf1d02165a1b5667b99cd80262e5 /www/api/httpauth.inc.php | |
parent | b8b1d06b2d899658fae64d0de506439ca0ea067c (diff) | |
download | semanticscuttle-29422fa55379aa61a61019b832c83dab6d450264.tar.gz semanticscuttle-29422fa55379aa61a61019b832c83dab6d450264.tar.bz2 |
move files to new locations
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@386 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'www/api/httpauth.inc.php')
-rw-r--r-- | www/api/httpauth.inc.php | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/www/api/httpauth.inc.php b/www/api/httpauth.inc.php new file mode 100644 index 0000000..5dd7444 --- /dev/null +++ b/www/api/httpauth.inc.php @@ -0,0 +1,33 @@ +<?php +require_once('../header.inc.php'); + +// Provides HTTP Basic authentication of a user, and sets two variables, sId and username, +// with the user's info. + +function authenticate() { + header('WWW-Authenticate: Basic realm="SemanticScuttle API"'); + header('HTTP/1.0 401 Unauthorized'); + + die(T_("Use of the API calls requires authentication.")); +} + +if(!$userservice->isLoggedOn()) { + /* Maybe we have caught authentication data in $_SERVER['REMOTE_USER'] + ( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */ + if((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) + && preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1])); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + } + + if (!isset($_SERVER['PHP_AUTH_USER'])) { + authenticate(); + } else { + $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + if (!$login) { + authenticate(); + } + } +} +?> |