aboutsummaryrefslogtreecommitdiffstats
path: root/mayor-orig/www/include/modules/auth
diff options
context:
space:
mode:
authorM.Gergo2018-07-06 11:14:41 +0200
committerM.Gergo2018-07-06 11:14:41 +0200
commit43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch)
tree54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/www/include/modules/auth
parent50310b0e4513ee3fcce67351ae61e8fff851130e (diff)
downloadmayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz
mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/www/include/modules/auth')
-rw-r--r--mayor-orig/www/include/modules/auth/base/forgotten.php53
-rw-r--r--mayor-orig/www/include/modules/auth/base/login.php37
2 files changed, 90 insertions, 0 deletions
diff --git a/mayor-orig/www/include/modules/auth/base/forgotten.php b/mayor-orig/www/include/modules/auth/base/forgotten.php
new file mode 100644
index 00000000..16571855
--- /dev/null
+++ b/mayor-orig/www/include/modules/auth/base/forgotten.php
@@ -0,0 +1,53 @@
+<?php
+
+ function generatePasswordRecoveryRequest($accountData) {
+
+ $URL = 'https://'.$_SERVER['SERVER_NAME'].'/index.php?page=password&f=resetPassword&';
+
+ if (version_compare(PHP_VERSION,'5.3.0')>=0) {
+ $selector = bin2hex(openssl_random_pseudo_bytes(8));
+ $token = openssl_random_pseudo_bytes(32);
+ } elseif (version_compare(PHP_VERSION,'7.0.0')>=0) {
+ $selector = bin2hex(random_bytes(8));
+ $token = random_bytes(32);
+ } else {
+ return false; // nem támogatjuk
+ }
+ $urlToEmail = href($URL.http_build_query(array(
+ 'selector' => $selector,
+ 'validator' => bin2hex($token)
+ ),'','&'));
+
+ $expires = new DateTime('NOW');
+ $expires->add(new DateInterval('PT01H')); // 1 hour
+
+ // rate limiting és karbantartás
+ $lr = db_connect('login');
+ db_start_trans($lr);
+
+ $q = "DELETE FROM accountRecovery WHERE expires <= NOW() - INTERVAL 10 DAY";
+ db_query($q, array('debug'=>false,'fv' => 'generatePasswordRecoveryRequest', 'modul'=>'login', 'result'=>'delete'),$lr);
+
+ $q = "SELECT count(*) as db FROM accountRecovery WHERE policy='%s' AND userAccount='%s'";
+ $v = array($accountData['policy'], $accountData['userAccount']);
+ $recoveryRequestDb = db_query($q, array('debug'=>false,'fv' => 'generatePasswordRecoveryRequest', 'modul'=>'login', 'result'=>'value', 'values'=>$v),$lr);
+
+ if ($recoveryRequestDb<5) {
+ $q = "INSERT INTO accountRecovery (policy, userAccount, selector, token, expires) VALUES ('%s', '%s', '%s', '%s', '%s');";
+ $v = array($accountData['policy'], $accountData['userAccount'],
+ $selector,
+ hash('sha256', $token),
+ $expires->format('Y-m-d\TH:i:s'));
+ $recoveryId = db_query($q, array('debug'=>false,'fv' => 'generatePasswordRecoveryRequest', 'modul'=>'login', 'result'=>'insert', 'values'=>$v),$lr);
+ } else {
+ return false;
+ }
+ db_commit($lr);
+ db_close($lr);
+
+ if ($recoveryId !== false) return $urlToEmail;
+ else return false;
+
+ }
+
+?> \ No newline at end of file
diff --git a/mayor-orig/www/include/modules/auth/base/login.php b/mayor-orig/www/include/modules/auth/base/login.php
new file mode 100644
index 00000000..f9cb3a2d
--- /dev/null
+++ b/mayor-orig/www/include/modules/auth/base/login.php
@@ -0,0 +1,37 @@
+<?php
+
+ function userAuthentication($userAccount, $userPassword, &$accountInformation, $toPolicy) {
+ global $AUTH;
+ require_once('include/share/auth/base.php');
+
+ if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) {
+ require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php');
+ } else {
+ throw new Exception('Fatal Error');
+ }
+
+ //$x = call_user_func( str_replace('-','_',$AUTH[$toPolicy]['backend'])."UserAuthentication",$userAccount, $userPassword, $accountInformation, $toPolicy);
+ switch ($AUTH[$toPolicy]['backend']) {
+ case 'mysql':
+ $r = mysqlUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ case 'ldap':
+ $r = ldapUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ case 'ldap-ng':
+ $r = ldap_ngUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ case 'ldapng':
+ $r = ldapngUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ case 'ads':
+ $r = adsUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ case 'file':
+ $r = fileUserAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy);
+ break;
+ }
+ return $r;
+ }
+
+?> \ No newline at end of file