<?php /** * SemanticScuttle - your social bookmark manager. * * PHP version 5. * * @category Bookmarking * @package SemanticScuttle * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> * @author Christian Weiske <cweiske@cweiske.de> * @author Eric Dane <ericdane@users.sourceforge.net> * @license GPL http://www.gnu.org/licenses/gpl.html * @link http://sourceforge.net/projects/semanticscuttle */ require_once 'Auth.php'; require_once 'SemanticScuttle/Service/User.php'; /** * SemanticScuttle extendet user management service utilizing * the PEAR Auth package to enable authentication against * different services, i.e. LDAP or other databases. * * Requires the Log packages for debugging purposes. * * @category Bookmarking * @package SemanticScuttle * @author Christian Weiske <cweiske@cweiske.de> * @license GPL http://www.gnu.org/licenses/gpl.html * @link http://sourceforge.net/projects/semanticscuttle */ class SemanticScuttle_Service_AuthUser extends SemanticScuttle_Service_User { /** * PEAR Auth instance * * @var Auth */ protected $auth = null; /** * If we want to debug authentication process * * @var boolean */ protected $authdebug = false; /** * Authentication type (i.e. LDAP) * * @var string * * @link http://pear.php.net/manual/en/package.authentication.auth.intro-storage.php */ var $authtype = null; /** * Authentication options * * @var array * * @link http://pear.php.net/manual/en/package.authentication.auth.intro.php */ var $authoptions = null; /** * Returns the single service instance * * @param sql_db $db Database object * * @return SemanticScuttle_Service_AuthUser */ public static function getInstance($db) { static $instance; if (!isset($instance)) { $instance = new self($db); } return $instance; } /** * Create new instance * * @var sql_db $db Database object */ protected function __construct($db) { parent::__construct($db); $this->authtype = $GLOBALS['authType']; $this->authoptions = $GLOBALS['authOptions']; $this->authdebug = $GLOBALS['authDebug']; //FIXME: throw error when no authtype set? if (!$this->authtype) { return; } require_once 'Auth.php'; $this->auth = new Auth($this->authtype, $this->authoptions); //FIXME: check if it worked (i.e. db connection) if ($this->authdebug) { require_once 'Log.php'; $this->auth->logger = Log::singleton( 'display', '', '', array(), PEAR_LOG_DEBUG ); $this->auth->enableLogging = true; } $this->auth->setShowLogin(false); } /** * Return current user id based on session or cookie * * @return mixed Integer user id or boolean false when user * could not be found or is not logged on. */ public function getCurrentUserId() { if (!$this->auth) { return parent::getCurrentUserId(); } //FIXME: caching? $name = $this->auth->getUsername(); if (!$name) { return parent::getCurrentUserId(); } return $this->getIdFromUser($name); } /** * Try to authenticate and login a user with * username and password. * * @param string $username Name of user * @param string $password Password * @param boolean $remember If a long-time cookie shall be set * * @return boolean True if the user could be authenticated, * false if not. */ public function login($username, $password, $remember = false) { if (!$this->auth) { return parent::login($username, $password, $remember); } $ok = $this->loginAuth($username, $password); if (!$ok) { return false; } //utilize real login method to get longtime cookie support etc. $ok = parent::login($username, $password, $remember); if ($ok) { return $ok; } //user must have changed password in external auth. //we need to update the local database. $user = $this->getUserByUsername($username); $this->_updateuser( $user['uId'], $this->getFieldName('password'), $this->sanitisePassword($password) ); return parent::login($username, $password, $remember); } /** * Uses PEAR's Auth class to authenticate the user against a container. * This allows us to use LDAP, a different database or some other * external system. * * @param string $username Username to check * @param string $password Password to check * * @return boolean If the user has been successfully authenticated or not */ public function loginAuth($username, $password) { $this->auth->post = array( 'username' => $username, 'password' => $password, ); $this->auth->start(); if (!$this->auth->checkAuth()) { return false; } //put user in database if (!$this->getUserByUsername($username)) { $this->addUser( $username, $password, $username . $GLOBALS['authEmailSuffix'] ); } return true; } /** * Logs the current user out of the system. * * @return void */ public function logout() { parent::logout(); if ($this->auth) { $this->auth->logout(); $this->auth = null; } } } ?>