2 files changed, 24 insertions, 2 deletions

diff --git a/api/.htaccess b/api/.htaccess
index 8c48221..0db2254 100644
--- a/api/.htaccess
+++ b/api/.htaccess
@@ -7,4 +7,13 @@ RewriteRule ^posts/all posts_all.php
 RewriteRule ^posts/update posts_update.php
 RewriteRule ^posts/add posts_add.php
 RewriteRule ^posts/delete posts_delete.php
-RewriteRule ^tags/rename tags_rename.php
\ No newline at end of file
+RewriteRule ^tags/rename tags_rename.php
+
+
+# Allow PHP_AUTH_USER with CGI script
+# (Sinpired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh )
+
+<IfModule mod_rewrite.c>
+RewriteEngine on
+RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
+</IfModule>
diff --git a/api/httpauth.inc.php b/api/httpauth.inc.php
index e33116a..3e5d464 100644
--- a/api/httpauth.inc.php
+++ b/api/httpauth.inc.php
@@ -5,16 +5,29 @@
 function authenticate() {
     header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
     header('HTTP/1.0 401 Unauthorized');
+    
     die("Use of the API calls requires authentication.");
 }
 
+
+/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
+( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
+if((!$_SERVER['PHP_AUTH_USER'] || !$_SERVER['PHP_AUTH_USER'])
+&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
+list($name, $password) = explode(':', base64_decode($matches[1]));
+$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+}
+
+
+
 if (!isset($_SERVER['PHP_AUTH_USER'])) {
     authenticate();
 } else {
     require_once('../header.inc.php');
     $userservice =& ServiceFactory::getServiceInstance('UserService');
 
-    $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); 
+    $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
     if (!$login) {
         authenticate();
     }