function owner()
{
- $p = DB_DataObject::Factory($this->tableName());
+ // this might be a Person in some old code?
+ $p = DB_DataObject::Factory('core_person');
$p->get($this->owner_id);
return $p;
}
$u->checkPassword($_SERVER['PHP_AUTH_PW'])
) {
// logged in via http auth
-
- $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
+ // http auth will not need session...
+ //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
self::$authUser = $u;
return true;
}
if (!empty($ff->Pman['local_autoauth']) && $ff->Pman['local_autoauth'] === true) {
$auto_auth_allow = true;
}
- if (
- (!empty($_SERVER['SERVER_ADDR'])) &&
- (
- $_SERVER['SERVER_ADDR'] == '127.0.0.1' &&
- $_SERVER['REMOTE_ADDR'] == '127.0.0.1'
- )
- ||
+ if ( !empty($ff->Pman['local_autoauth'])
+ &&
+ !empty($_SERVER['SERVER_ADDR']) &&
+ !empty($_SERVER['REMOTE_ADDR']) &&
(
- $_SERVER['SERVER_ADDR'] == '::1' &&
- $_SERVER['REMOTE_ADDR'] == '::1'
+ (
+ $_SERVER['SERVER_ADDR'] == '127.0.0.1' &&
+ $_SERVER['REMOTE_ADDR'] == '127.0.0.1'
+ )
+ ||
+ (
+ $_SERVER['SERVER_ADDR'] == '::1' &&
+ $_SERVER['REMOTE_ADDR'] == '::1'
+ )
)
){
}
- if (empty($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '/Login') {
+ if (empty($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '/Login') {
$auto_auth_allow = false;
}
//var_dump($auto_auth_allow);
");
if($member->find(true)){
$default_admin = DB_DataObject::factory($this->tableName());
+ $default_admin->autoJoin();
if(!$default_admin->get($member->user_id)){
$default_admin = false;
}
//var_dump($ff->Pman['local_autoauth']); var_dump($_SERVER); exit;
$u = DB_DataObject::factory($this->tableName());
+ $u->autoJoin();
$ff = HTML_FlexyFramework::get();
- if ($auto_auth_allow &&
+ if ($auto_auth_allow &&
($default_admin || $u->get('email', $ff->Pman['local_autoauth']))
) {
$user = $default_admin ? $default_admin->toArray() : $u->toArray();
// if we request other URLS.. then we get auto logged in..
- self::$authUser = $u;
+ self::$authUser = $default_admin ? $default_admin : $u;;
//$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
return true;
}
$_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes
setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
}
-
+ // not really sure why it's cloned..
return clone (self::$authUser);
if (!func_num_args()) {
return $this->lang;
}
- $val = array_shift(func_get_args());
+ $ar = func_get_args();
+ $val = array_shift($ar);
if ($val == $this->lang) {
return;
}
function authUserArray()
{
-
$aur = $this->toArray();
if ($this->id < 1) {
return $aur;
}
-
//DB_DataObject::debugLevel(1);
$c = DB_Dataobject::factory('core_company');
$im = DB_Dataobject::factory('Images');
$aur['require_oath'] = 1;
$s = DB_DataObject::Factory('core_setting');
- $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+ $oath_require = $s->lookup('core', 'two_factor_auth_required');
$aur['require_oath'] = $oath_require ? $oath_require->val : 0;
+ $aur['core_person_settings'] = array();
+
+ $core_person_settings = DB_DataObject::factory('core_person_settings');
+ $core_person_settings->setFrom(array(
+ 'person_id' => $this->id
+ ));
+
+ $aur['core_person_settings'] = $core_person_settings->fetchAll('scope', 'data');
+
return $aur;
}
$roo->jerr('Fail to generate QR Code');
}
- $roo->jok($qrcode);
+ $roo->jdata(array(
+ 'secret' => $hash,
+ 'image' => $qrcode,
+ 'issuer' => $person->qrCodeIssuer()
+ ));
}
if(!empty($q['two_factor_auth_code'])) {
LENGTH({$this->tableName()}.oath_key) AS length_oath_key
");
}
+ if (isset($q['_with_group_membership'])) {
+ $this->selectAddGroupMemberships();
+ }
-
+ }
+
+ function selectAddGroupMemberships()
+ {
+ $this->selectAdd("
+
+ COALESCE((
+ SELECT
+ GROUP_CONCAT( core_group.name separator '\n')
+ FROM
+ core_group_member
+ LEFT JOIN
+ core_group
+ ON
+ core_group.id = core_group_member.group_id
+ WHERE
+ core_group_member.user_id = core_person.id
+ ), '') as member_of");
}
function setFromRoo($ar, $roo)
return false;
}
- $issuer = (empty($this->name)) ?
- rawurlencode('ROOJS') : rawurlencode($this->name);
+ $issuer = rawurlencode($this->qrCodeIssuer());
$uri = "otpauth://totp/{$issuer}:{$this->email}?secret={$hash}&issuer={$issuer}&algorithm=SHA1&digits=6&period=30";
return "data:image/png;base64,{$base64}";
}
+ function qrCodeIssuer()
+ {
+ $pg= HTML_FlexyFramework::get()->page;
+
+ $issuer = (empty($pg->company->name)) ? 'ROOJS' : "{$pg->company->name}";
+
+ return $issuer;
+ }
+
+ static function test_ADMIN_PASSWORD_RESET($pg, $to)
+ {
+ $ff = HTML_FlexyFramework::get();
+ $person = DB_DataObject::Factory('core_person');
+ $person->id = -1;
+
+ return array(
+ 'HTTP_HOST' => $_SERVER['SERVER_NAME'],
+ 'person' => $person,
+ 'authFrom' => 'FAKE_LINK',
+ 'authKey' => 'FAKE_KEY',
+
+ 'rcpts' => $to->email,
+ );
+
+ return $content;
+ }
+
+
}