Context Navigation

owa_auth.php

Revision 551, 7.8 kB (checked in by padams, 4 days ago)
removing integration plugin specific auth modules for plugin configs. added check to owa_auth to only look up the user if something upstream has not already done the authentication to the current user.

Line
1	<?
2
3	//
4	// Open Web Analytics - An Open Source Web Analytics Framework
5	//
6	// Copyright 2006 Peter Adams. All rights reserved.
7	//
8	// Licensed under GPL v2.0 http://www.gnu.org/copyleft/gpl.html
9	//
10	// Unless required by applicable law or agreed to in writing, software
11	// distributed under the License is distributed on an "AS IS" BASIS,
12	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	// See the License for the specific language governing permissions and
14	// limitations under the License.
15	//
16	// $Id$
17	//
18	require_once(OWA_BASE_DIR.'/owa_base.php');
19	require_once(OWA_BASE_DIR.'/eventQueue.php');
20
21	/**
22	* User Authentication Object
23	*
24	* @author Peter Adams <peter@openwebanalytics.com>
25	* @copyright Copyright © 2006 Peter Adams <peter@openwebanalytics.com>
26	* @license http://www.gnu.org/copyleft/gpl.html GPL v2.0
27	* @category owa
28	* @package owa
29	* @version $Revision$
30	* @since owa 1.0.0
31	*/
32	class owa_auth extends owa_base {
33
34	/**
35	* User object
36	*
37	* @var unknown_type
38	*/
39	var $u;
40
41	/**
42	* Array of permission roles that users can have
43	*
44	* @var array
45	*/
46	var $roles;
47
48	/**
49	* Database Access Object
50	*
51	* @var unknown_type
52	*/
53	var $db;
54
55	var $status_msg;
56
57	/**
58	* Login credentials
59	*
60	* @var array
61	*/
62	var $credentials;
63
64	/**
65	* Status of Authentication
66	*
67	* @var boolean
68	*/
69	var $auth_status = false;
70
71	var $_is_user = false;
72
73	var $_priviledge_level;
74
75	var $_is_priviledged = false;
76
77	var $params;
78
79	var $check_for_credentials = false;
80
81	/**
82	* Abstract class Constructor
83	*
84	* @return owa_auth
85	*/
86	function owa_auth() {
87
88	return owa_auth::__construct();
89
90	}
91
92	function __construct() {
93
94	parent::__construct();
95	$this->eq = &eventQueue::get_instance();
96	$this->params = &owa_requestContainer::getInstance();
97	//sets credentials based on whatever is passed in on params
98	$this->_setCredentials($this->params['u'], $this->params['p'], $this->params['pk']);
99
100	}
101
102	/**
103	* Used by controllers to check if the user exists and if they are priviledged.
104	*
105	* @param string $necessary_role
106	*/
107	function authenticateUser() {
108
109	$data = array();
110
111	// carve out for url passkey authentication
112	if(!empty($this->credentials['passkey'])):
113	$status = $this->authenticateUserByUrlPasskey($this->credentials['user_name'], $this->credentials['passkey']);
114
115	if ($status == true):
116	$data['auth_status'] = true;
117	return $data;
118	else:
119	$data = $this->_setNotAuthenticatedView();
120	$data['auth_status'] = false;
121	return $data;
122	endif;
123	endif;
124
125	// if the user has no credentials then redirect them to the login page.
126	//if($this->check_for_credentails == true):
127	if ((empty($this->credentials['user_id'])) \|\| (empty($this->credentials['password']))):
128	// show login page
129	$data = $this->_setNotAuthenticatedView();
130	$data['auth_status'] = false;
131	return $data;
132	endif;
133	//endif;
134
135	// lookup user if not already done.
136	if ($this->_is_user == false):
137
138	// check to see if the current user has already been authenticated by something upstream
139	$cu = owa_coreAPI::getCurrentUser();
140	if (!$cu->isAuthenticated()):
141	// check to see if they are a user.
142	$this->isUser();
143	endif;
144
145	endif;
146
147	if ($this->_is_user == true):
148	$data['auth_status'] = true;
149
150	else:
151	// Show not a user page
152	// if they are not a user then redirect to login error page
153	$data = $this->_setNotUserView();
154	$data['auth_status'] = false;
155	endif;
156
157	$this->e->debug('Auth Status: '.$data['auth_status']);
158
159	return $data;
160
161	}
162
163	/**
164	* Creates the concrete auth class
165	*
166	* @return object
167	*/
168	function &get_instance($plugin = '') {
169
170	static $auth_modules;
171	$auth_mdules = array();
172
173	if (empty($auth_modules['plugin'])):
174
175	$c = &owa_coreAPI::configSingleton();
176	$plugin = $c->get('base', 'authentication');
177
178	endif;
179
180	// this needs to not be a singleton
181	$auth_modules[$plugin] = &owa_lib::singleton(OWA_PLUGIN_DIR.'auth'.DIRECTORY_SEPARATOR, 'owa_auth_', $plugin);
182
183	return $auth_modules[$plugin];
184	}
185
186	/**
187	* Looks up user by temporary Passkey Column in db
188	*
189	* @param unknown_type $key
190	* @return unknown
191	*/
192	function authenticateUserTempPasskey($key) {
193
194	$this->u = owa_coreAPI::entityFactory('base.user');
195	$this->u->getByColumn('temp_passkey', $key);
196
197	$id = $this->u->get('id');
198	if (!empty($id)):
199	return true;
200	else:
201	$this->showResetPasswordErrorPage();
202	endif;
203
204	}
205
206	/**
207	* Authenticates user by a passkey
208	*
209	* @param unknown_type $key
210	* @return unknown
211	*/
212	function authenticateUserByUrlPasskey($user_name, $passkey) {
213
214	$this->getUser();
215
216	$key =$this->generateUrlPasskey($this->u->get('user_id'), $this->u->get('password'));
217
218	if ($key == $passkey):
219	return true;
220	else:
221	return false;
222	endif;
223
224	}
225
226	/**
227	* abstract method for Checking to see if the user credentials match a real user object in the DB
228	*
229	* @return boolean
230	*/
231	function isUser() {
232
233	return false;
234	}
235
236	/**
237	* Sets a temporary Passkey for a user
238	*
239	* @param string $email_address
240	* @return boolean
241	*/
242	function setTempPasskey($email_address) {
243
244	$this->u = owa_coreAPI::entityFactory('base.user');
245	$this->u->getByColumn('email_address', $email_address);
246
247	$id = $u->get('id');
248
249	if (!empty($id)):
250
251	$this->eq->log(array('email_address' => $this->u->email_address), 'user.set_temp_passkey');
252	return true;
253	else:
254	return false;
255	endif;
256
257	}
258
259	function generateTempPasskey($seed) {
260
261	return md5($seed.time().rand());
262	}
263
264	function generateUrlPasskey($user_name, $password) {
265
266	return md5($user_name . $password);
267
268	}
269
270	/**
271	* Sets the initial Passkey for a new user
272	*
273	* @param string $user_id
274	* @return boolean
275	* @deprecated
276	*/
277	function setInitialPasskey($user_id) {
278
279	return $this->eq->log(array('user_id' => $user_id), 'user.set_initial_passkey');
280
281	}
282
283	function _setCredentials($user_id = '', $password = '', $passkey = '') {
284
285	$this->credentials['user_id'] = $user_id;
286	$this->credentials['password'] = $password;
287	$this->credentials['passkey'] = $passkey;
288
289	return;
290	}
291
292	/**
293	* Used to auth a new browser that has no credentials set
294	*
295	* @param string $user_id
296	* @param string $password
297	* @return boolean
298	*/
299	function authenticateNewBrowser($user_id, $password) {
300
301	$this->e->debug("Login attempt from ". $user_id);
302
303	$this->_setCredentials($user_id, $this->encryptPassword($password));
304
305	$is_user = $this->isUser();
306
307	$data = array();
308
309	if ($is_user == true):
310	$this->e->debug('setting user credential cookies');
311	$this->saveCredentials();
312	$data['auth_status'] = true;
313
314	else:
315	$data['auth_status'] = false;
316	endif;
317
318	return $data;
319	}
320
321	/**
322	* Saves login credentails to persistant browser cookies
323	*
324	*/
325	function saveCredentials() {
326
327	setcookie($this->config['ns'].'u', $this->u->get('user_id'), time()+360024365*30, '/', $this->config['cookie_domain']);
328	setcookie($this->config['ns'].'p', $this->u->get('password'), time()+360024365*30, '/', $this->config['cookie_domain']);
329
330	return;
331	}
332
333	/**
334	* Removes credentials
335	*
336	* @return boolean
337	*/
338	function deleteCredentials() {
339
340	return setcookie($this->config['ns'].'p', '', time()-360024365*30, '/', $this->config['cookie_domain']);
341
342	}
343
344	/**
345	* Simple Password Encryption Scheme
346	*
347	* @param string $password
348	* @return string
349	*/
350	function encryptPassword($password) {
351
352	return md5(strtolower($password).strlen($password));
353	}
354
355	}
356
357	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/owa_auth.php

Download in other formats: