/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
+
+ static $authUser = false;
+
function owner()
{
$sesPrefix = $this->sesPrefix();
+ self::$authUser = false;
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
return false;
$sesPrefix = $this->sesPrefix();
+ if (self::$authUser) {
+ return self::$authUser;
+ }
+
+
if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
// in session...
$a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-
$u = DB_DataObject::factory($this->tableName());
if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
-
- return $u->verifyAuth(); // got authentication...
-
-
+ if ($u->verifyAuth()) {
+ self::$authUser = $u;
+ return true;
+ }
}
-
unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
setcookie('Pman.timeout', -1, time() + (30*60), '/');
-
+ return false;
}
// http basic auth..
&&
$u->checkPassword($_SERVER['PHP_AUTH_PW'])
) {
+ // logged in via http auth
+
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
+ self::$authUser = $u;
return true;
}
//die("test init");
}
- // local auth -
- $default_admin = false;
- if (!empty($ff->Pman['local_autoauth']) &&
- ($ff->Pman['local_autoauth'] === true) &&
- (!empty($_SERVER['SERVER_ADDR'])) &&
- (
+ $auto_auth_allow = false;
+ if (!empty($ff->Pman['local_autoauth']) && $ff->Pman['local_autoauth'] === true) {
+ $auto_auth_allow = true;
+ }
+ if (
+ (!empty($_SERVER['SERVER_ADDR'])) &&
(
$_SERVER['SERVER_ADDR'] == '127.0.0.1' &&
$_SERVER['REMOTE_ADDR'] == '127.0.0.1'
$_SERVER['SERVER_ADDR'] == '::1' &&
$_SERVER['REMOTE_ADDR'] == '::1'
)
- )
- ) {
+
+ ){
+ $auto_auth_allow = true;
+ }
+
+
+ if (empty($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '/Login') {
+ $auto_auth_allow = false;
+ }
+ //var_dump($auto_auth_allow);
+ // local auth -
+ $default_admin = false;
+ if ($auto_auth_allow) {
$group = DB_DataObject::factory('core_group');
$group->get('name', 'Administrators');
$u = DB_DataObject::factory($this->tableName());
$ff = HTML_FlexyFramework::get();
- if (!empty($ff->Pman['local_autoauth']) &&
- (!empty($_SERVER['SERVER_ADDR'])) &&
- (
- (
- $_SERVER['SERVER_ADDR'] == '127.0.0.1' &&
- $_SERVER['REMOTE_ADDR'] == '127.0.0.1'
- )
- ||
- (
- $_SERVER['SERVER_ADDR'] == '::1' &&
- $_SERVER['REMOTE_ADDR'] == '::1'
- )
- ) &&
+ if ($auto_auth_allow &&
($default_admin || $u->get('email', $ff->Pman['local_autoauth']))
) {
$user = $default_admin ? $default_admin->toArray() : $u->toArray();
- $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
+ // if we request other URLS.. then we get auto logged in..
+ self::$authUser = $u;
+ //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
return true;
}
}
}
if (!$n){ // authenticated as there are no users in the system...
- return true;
+ return true;
}
-
- return false;
+ return false;
}
function checkTwoFactorAuthentication($val)
{
- // also used in login
- return true;
+ // also used in login
require_once 'System.php';
if(
return false;
}
- $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+ $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
$password = exec($cmd);
$aur['passwd'] = '';
$aur['dailykey'] = '';
$aur['oath_key'] = '';
- $aur['require_oath'] = 1;
+
+ $aur['oath_key_enable'] = !empty($this->oath_key);
+ $aur['require_oath'] = 1;
$s = DB_DataObject::Factory('core_setting');
$oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
- if(empty($oath_require) || $oath_require == 1) {
- $aur['oath_key_enable'] = !empty($this->oath_key);
- $aur['require_oath'] = 1;
- }
+ $aur['require_oath'] = $oath_require ? $oath_require->val : 0;
return $aur;
}