[bug fix] get the domain from the username (#6691)
* [bug fix] get the domain from the username When the URL domain doesn't match the user's domain Authentication can use domain from the username. username: user@domain
This commit is contained in:
FusionPBX
GitHub
parent
733b206664
commit
ffd9a2c4b5
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* authentication
|
||||
* authentication
|
||||
*
|
||||
* @method validate uses authentication plugins to check if a user is authorized to login
|
||||
* @method get_domain used to get the domain name from the URL or username and then sets both domain_name and domain_uuid
|
||||
|
|
@ -409,14 +409,35 @@ class authentication {
|
|||
/**
|
||||
* get_domain used to get the domain name from the URL or username and then sets both domain_name and domain_uuid
|
||||
*/
|
||||
function get_domain() {
|
||||
public static function get_domain() {
|
||||
|
||||
//get the domain from the url
|
||||
$this->domain_name = $_SERVER["HTTP_HOST"];
|
||||
$domain_name = $_SERVER["HTTP_HOST"];
|
||||
|
||||
//get the domain name from the http value
|
||||
if (!empty($_REQUEST["domain_name"])) {
|
||||
$domain_name = $_REQUEST["domain_name"];
|
||||
}
|
||||
|
||||
//remote port number from the domain name
|
||||
$domain_array = explode(":", $domain_name);
|
||||
if (count($domain_array) > 1) {
|
||||
$domain_name = $domain_array[0];
|
||||
}
|
||||
|
||||
//if the username
|
||||
if (!empty($_REQUEST["username"])) {
|
||||
$_SESSION['username'] = $_REQUEST["username"];
|
||||
}
|
||||
|
||||
//set a default value for unqiue
|
||||
if (empty($_SESSION["users"]["unique"]["text"])) {
|
||||
$_SESSION["users"]["unique"]["text"] = 'false';
|
||||
}
|
||||
|
||||
//get the domain name from the username
|
||||
if (isset($_SESSION["users"]["unique"]) && $_SESSION["users"]["unique"]["text"] != "global") {
|
||||
$username_array = explode("@", $_REQUEST["username"] ?? '');
|
||||
if (!empty($_SESSION['username']) && $_SESSION["users"]["unique"]["text"] != "global") {
|
||||
$username_array = explode("@", $_SESSION['username']);
|
||||
if (count($username_array) > 1) {
|
||||
//get the domain name
|
||||
$domain_name = $username_array[count($username_array) -1];
|
||||
|
|
@ -425,7 +446,7 @@ class authentication {
|
|||
$domain_exists = false;
|
||||
foreach ($_SESSION['domains'] as $row) {
|
||||
if (lower_case($row['domain_name']) == lower_case($domain_name)) {
|
||||
$this->domain_uuid = $row['domain_uuid'];
|
||||
$domain_uuid = $row['domain_uuid'];
|
||||
$domain_exists = true;
|
||||
break;
|
||||
}
|
||||
|
|
@ -433,10 +454,10 @@ class authentication {
|
|||
|
||||
//if the domain exists then set domain_name and update the username
|
||||
if ($domain_exists) {
|
||||
$this->domain_name = $domain_name;
|
||||
$this->username = substr($_REQUEST["username"], 0, -(strlen($domain_name)+1));
|
||||
$_SESSION['username'] = $this->username;
|
||||
$_SESSION['domain_uuid'] = $this->domain_uuid;
|
||||
$username = substr($_SESSION['username'], 0, -(strlen($domain_name)+1));
|
||||
$_SESSION['domain_name'] = $domain_name;
|
||||
$_SESSION['username'] = $username;
|
||||
$_SESSION['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
|
||||
//unset the domain name variable
|
||||
|
|
@ -444,22 +465,11 @@ class authentication {
|
|||
}
|
||||
}
|
||||
|
||||
//get the domain name from the http value
|
||||
if (!empty($_REQUEST["domain_name"] ?? '')) {
|
||||
$this->domain_name = $_REQUEST["domain_name"];
|
||||
}
|
||||
|
||||
//remote port number from the domain name
|
||||
$domain_array = explode(":", $this->domain_name);
|
||||
if (count($domain_array) > 1) {
|
||||
$this->domain_name = $domain_array[0];
|
||||
}
|
||||
|
||||
//get the domain uuid and domain settings
|
||||
if (isset($this->domain_name) && !isset($this->domain_uuid)) {
|
||||
if (isset($domain_name) && !isset($domain_uuid)) {
|
||||
foreach ($_SESSION['domains'] as $row) {
|
||||
if (lower_case($row['domain_name']) == lower_case($this->domain_name)) {
|
||||
$this->domain_uuid = $row['domain_uuid'];
|
||||
if (lower_case($row['domain_name']) == lower_case($domain_name)) {
|
||||
$domain_uuid = $row['domain_uuid'];
|
||||
$_SESSION['domain_uuid'] = $row['domain_uuid'];
|
||||
break;
|
||||
}
|
||||
|
|
@ -471,11 +481,11 @@ class authentication {
|
|||
$obj->set();
|
||||
|
||||
//set the domain settings
|
||||
$_SESSION['domain_name'] = $this->domain_name;
|
||||
$_SESSION['domain_name'] = $domain_name;
|
||||
$_SESSION['domain_parent_uuid'] = $_SESSION["domain_uuid"];
|
||||
|
||||
//set the domain name
|
||||
return $this->domain_name;
|
||||
return $domain_name;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,8 +3,7 @@
|
|||
/**
|
||||
* plugin_database
|
||||
*
|
||||
* @method validate uses authentication plugins to check if a user is authorized to login
|
||||
* @method get_domain used to get the domain name from the URL or username and then sets both domain_name and domain_uuid
|
||||
* @method plugin_database validates the authentication using information from the database
|
||||
*/
|
||||
class plugin_database {
|
||||
|
||||
|
|
@ -138,6 +137,13 @@ class plugin_database {
|
|||
$this->key = $_REQUEST["key"];
|
||||
}
|
||||
|
||||
//get the domain name
|
||||
$auth = new authentication;
|
||||
$auth->get_domain();
|
||||
$this->domain_uuid = $_SESSION['domain_uuid'];
|
||||
$this->domain_name = $_SESSION['domain_name'];
|
||||
$this->username = $_SESSION['username'];
|
||||
|
||||
//set the default status
|
||||
$user_authorized = false;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue