2016-09-11 06:21:08 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* authentication
|
|
|
|
|
*
|
|
|
|
|
* @method validate uses authentication plugins to check if a user is authorized to login
|
|
|
|
|
* @method get_domain used to get the domain name from the URL or username and then sets both domain_name and domain_uuid
|
|
|
|
|
*/
|
|
|
|
|
class authentication {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Define variables and their scope
|
|
|
|
|
*/
|
|
|
|
|
public $debug;
|
|
|
|
|
public $db;
|
|
|
|
|
public $domain_uuid;
|
|
|
|
|
public $domain_name;
|
|
|
|
|
public $username;
|
|
|
|
|
public $password;
|
|
|
|
|
public $plugins;
|
|
|
|
|
public $key;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Called when the object is created
|
|
|
|
|
*/
|
|
|
|
|
public function __construct() {
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Called when there are no references to a particular object
|
|
|
|
|
* unset the variables used in the class
|
|
|
|
|
*/
|
|
|
|
|
public function __destruct() {
|
|
|
|
|
foreach ($this as $key => $value) {
|
|
|
|
|
unset($this->$key);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* validate uses authentication plugins to check if a user is authorized to login
|
|
|
|
|
* @return array [plugin] => last plugin used to authenticate the user [authorized] => true or false
|
|
|
|
|
*/
|
|
|
|
|
public function validate() {
|
|
|
|
|
|
|
|
|
|
//set the default authentication method to the database
|
|
|
|
|
if (!is_array($_SESSION['authentication']['methods'])) {
|
|
|
|
|
$_SESSION['authentication']['methods'][] = 'database';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the domain_name and domain_uuid
|
|
|
|
|
if (!isset($this->domain_name) || !isset($this->domain_uuid)) {
|
|
|
|
|
$this->get_domain();
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-11 17:51:40 +02:00
|
|
|
//set the database as the default plugin
|
|
|
|
|
if (!isset($_SESSION['authentication']['methods'])) {
|
|
|
|
|
$_SESSION['authentication']['methods'][] = 'database';
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-11 06:21:08 +02:00
|
|
|
//use the authentication plugins
|
|
|
|
|
foreach ($_SESSION['authentication']['methods'] as $name) {
|
|
|
|
|
$class_name = "plugin_".$name;
|
|
|
|
|
$base = realpath(dirname(__FILE__)) . "/plugins";
|
|
|
|
|
$plugin = $base."/".$name.".php";
|
|
|
|
|
if (file_exists($plugin)) {
|
|
|
|
|
include_once $plugin;
|
2019-08-13 07:16:12 +02:00
|
|
|
$object = new $class_name();
|
|
|
|
|
$object->debug = $this->debug;
|
|
|
|
|
$object->domain_name = $this->domain_name;
|
|
|
|
|
$object->domain_uuid = $this->domain_uuid;
|
2016-09-11 06:21:08 +02:00
|
|
|
if (strlen($this->key) > 0) {
|
2019-08-13 07:16:12 +02:00
|
|
|
$object->key = $this->key;
|
2016-09-11 06:21:08 +02:00
|
|
|
}
|
|
|
|
|
if (strlen($this->username) > 0) {
|
2019-08-13 07:16:12 +02:00
|
|
|
$object->username = $this->username;
|
|
|
|
|
$object->password = $this->password;
|
2016-09-11 06:21:08 +02:00
|
|
|
}
|
2019-08-13 07:16:12 +02:00
|
|
|
$array = $object->$name();
|
2016-09-11 06:21:08 +02:00
|
|
|
$result['plugin'] = $array["plugin"];
|
|
|
|
|
$result['domain_name'] = $array["domain_name"];
|
|
|
|
|
$result['username'] = $array["username"];
|
|
|
|
|
if ($this->debug) {
|
|
|
|
|
$result["password"] = $this->password;
|
|
|
|
|
}
|
|
|
|
|
$result['user_uuid'] = $array["user_uuid"];
|
|
|
|
|
$result['contact_uuid'] = $array["contact_uuid"];
|
|
|
|
|
$result['domain_uuid'] = $array["domain_uuid"];
|
|
|
|
|
$result['authorized'] = $array["authorized"];
|
|
|
|
|
if (count($_SESSION['authentication']['methods']) > 1) {
|
|
|
|
|
$result['results'][] = $array;
|
|
|
|
|
}
|
2019-08-13 07:16:57 +02:00
|
|
|
|
2016-09-11 06:21:08 +02:00
|
|
|
if ($result["authorized"] == "true") {
|
2019-08-13 07:16:57 +02:00
|
|
|
//add the username to the session
|
2016-10-04 05:35:34 +02:00
|
|
|
$_SESSION['username'] = $result["username"];
|
2019-08-13 07:16:57 +02:00
|
|
|
|
|
|
|
|
//end the loop
|
2016-09-11 06:21:08 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-20 09:01:23 +01:00
|
|
|
//add user logs
|
|
|
|
|
if (file_exists($_SERVER["PROJECT_ROOT"]."/app/user_logs/app_config.php")) {
|
|
|
|
|
user_logs::add($result);
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-11 06:21:08 +02:00
|
|
|
//return the result
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* get_domain used to get the domain name from the URL or username and then sets both domain_name and domain_uuid
|
|
|
|
|
*/
|
|
|
|
|
function get_domain() {
|
|
|
|
|
|
2017-03-09 00:04:38 +01:00
|
|
|
//get the domain from the url
|
|
|
|
|
$this->domain_name = $_SERVER["HTTP_HOST"];
|
|
|
|
|
|
|
|
|
|
//get the domain name from the username
|
2019-08-15 09:56:42 +02:00
|
|
|
if ($_SESSION["users"]["unique"]["text"] != "global") {
|
|
|
|
|
$username_array = explode("@", $_REQUEST["username"]);
|
2017-03-09 00:04:38 +01:00
|
|
|
if (count($username_array) > 1) {
|
|
|
|
|
//get the domain name
|
|
|
|
|
$domain_name = $username_array[count($username_array) -1];
|
|
|
|
|
//check if the domain from the username exists then set the domain_uuid
|
|
|
|
|
$domain_exists = false;
|
|
|
|
|
foreach ($_SESSION['domains'] as $row) {
|
|
|
|
|
if (lower_case($row['domain_name']) == lower_case($domain_name)) {
|
|
|
|
|
$this->domain_uuid = $row['domain_uuid'];
|
|
|
|
|
$domain_exists = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2016-09-11 06:21:08 +02:00
|
|
|
}
|
2017-03-09 00:04:38 +01:00
|
|
|
//if the domain exists then set domain_name and update the username
|
|
|
|
|
if ($domain_exists) {
|
|
|
|
|
$this->domain_name = $domain_name;
|
2019-08-15 09:56:42 +02:00
|
|
|
$this->username = substr($_REQUEST["username"], 0, -(strlen($domain_name)+1));
|
2017-03-09 00:04:38 +01:00
|
|
|
$_SESSION['domain_uuid'] = $this->domain_uuid;
|
|
|
|
|
}
|
|
|
|
|
//unset the domain name variable
|
|
|
|
|
unset($domain_name);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the domain name from the http value
|
2019-08-15 09:56:42 +02:00
|
|
|
if (strlen($_REQUEST["domain_name"]) > 0) {
|
|
|
|
|
$this->domain_name = $_REQUEST["domain_name"];
|
2017-03-09 00:04:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//remote port number from the domain name
|
|
|
|
|
$domain_array = explode(":", $this->domain_name);
|
|
|
|
|
if (count($domain_array) > 1) {
|
|
|
|
|
$this->domain_name = $domain_array[0];
|
2016-09-11 06:21:08 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the domain uuid and domain settings
|
2016-09-11 20:51:54 +02:00
|
|
|
if (isset($this->domain_name) && !isset($this->domain_uuid)) {
|
2016-09-11 06:21:08 +02:00
|
|
|
foreach ($_SESSION['domains'] as $row) {
|
|
|
|
|
if (lower_case($row['domain_name']) == lower_case($this->domain_name)) {
|
|
|
|
|
$this->domain_uuid = $row['domain_uuid'];
|
|
|
|
|
$_SESSION['domain_uuid'] = $row['domain_uuid'];
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//set the setting arrays
|
|
|
|
|
$obj = new domains();
|
|
|
|
|
$obj->db = $db;
|
|
|
|
|
$obj->set();
|
|
|
|
|
|
2017-03-09 00:04:38 +01:00
|
|
|
//set the domain settings
|
|
|
|
|
$_SESSION['domain_name'] = $this->domain_name;
|
2016-09-11 06:21:08 +02:00
|
|
|
$_SESSION['domain_parent_uuid'] = $_SESSION["domain_uuid"];
|
2017-03-09 00:04:38 +01:00
|
|
|
|
|
|
|
|
//set the domain name
|
|
|
|
|
return $this->domain_name;
|
2016-09-11 06:21:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
$auth = new authentication;
|
|
|
|
|
$auth->username = "user";
|
|
|
|
|
$auth->password = "password";
|
|
|
|
|
$auth->domain_name = "sip.fusionpbx.com";
|
|
|
|
|
$auth->debug = false;
|
|
|
|
|
$response = $auth->validate();
|
|
|
|
|
print_r($response);
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
?>
|
