mirror of
https://github.com/tuxis-ie/nsedit.git
synced 2025-04-19 20:09:14 +03:00
Allow authentication via Wefact
This commit is contained in:
Mark Schouten
parent
6b0a4d8595
commit
bc5a4964ec
4 changed files with 76 additions and 18 deletions
|
|
@ -6,6 +6,13 @@ $apiip = ''; # The IP of the PowerDNS API
|
|||
$apiport = '8081'; # The port of the PowerDNS API
|
||||
$apisid = ''; # PowerDNS's :server_id
|
||||
|
||||
|
||||
# If you configure this, nsedit will try to authenticate via WeFact too.
|
||||
# Debtors will be added to the sqlitedatabase with their crypted password.
|
||||
|
||||
#$wefactapiurl = 'https://yourdomain/Pro/apiv2/api.php';
|
||||
#$wefactapikey = 'xyz';
|
||||
|
||||
$authdb = "../etc/pdns.users.sqlite3";
|
||||
|
||||
$templates = array();
|
||||
|
|
|
|||
|
|
@ -28,6 +28,31 @@ function get_all_users() {
|
|||
return $ret;
|
||||
}
|
||||
|
||||
function get_user_info($u) {
|
||||
$db = get_db();
|
||||
$q = $db->prepare('SELECT * FROM users WHERE emailaddress = ?');
|
||||
$q->bindValue(1, $u);
|
||||
$result = $q->execute();
|
||||
$userinfo = $result->fetchArray(SQLITE3_ASSOC);
|
||||
$db->close();
|
||||
|
||||
return $userinfo;
|
||||
}
|
||||
|
||||
function do_db_auth($u, $p) {
|
||||
$db = get_db();
|
||||
$q = $db->prepare('SELECT * FROM users WHERE emailaddress = ?');
|
||||
$q->bindValue(1, $u);
|
||||
$result = $q->execute();
|
||||
$userinfo = $result->fetchArray(SQLITE3_ASSOC);
|
||||
$db->close();
|
||||
if (isset($userinfo['password']) and (crypt($p, $userinfo['password']) == $userinfo['password'])) {
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
function get_pw($username) {
|
||||
$db = get_db();
|
||||
$q = $db->prepare('SELECT password FROM users WHERE emailaddress = ? LIMIT 1');
|
||||
|
|
|
|||
|
|
@ -43,20 +43,32 @@ function try_login() {
|
|||
if (valid_user($_POST['username']) === FALSE) {
|
||||
return FALSE;
|
||||
}
|
||||
$db = get_db();
|
||||
$q = $db->prepare('SELECT * FROM users WHERE emailaddress = ?');
|
||||
$q->bindValue(1, $_POST['username']);
|
||||
$result = $q->execute();
|
||||
$userinfo = $result->fetchArray(SQLITE3_ASSOC);
|
||||
if (isset($userinfo['password']) and (crypt($_POST['password'], $userinfo['password']) == $userinfo['password'])) {
|
||||
$do_local_auth = 1;
|
||||
|
||||
if (isset($wefactapiurl) && isset($wefactapikey)) {
|
||||
$wefact = do_wefact_auth($_POST['username'], $_POST['password']);
|
||||
if ($wefact === FALSE) {
|
||||
return FALSE;
|
||||
}
|
||||
if ($wefact != -1) {
|
||||
$do_local_auth = 0;
|
||||
}
|
||||
}
|
||||
|
||||
if ($do_local_auth == 1) {
|
||||
if (do_db_auth($_POST['username'], $_POST['password']) === FALSE) {
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
$userinfo = get_user_info($_POST['username']);
|
||||
|
||||
set_logged_in($_POST['username']);
|
||||
if (isset($userinfo['isadmin']) && $userinfo['isadmin'] == 1) {
|
||||
set_is_adminuser();
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
$db->close();
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,10 @@
|
|||
<?php
|
||||
|
||||
include_once('config.inc.php');
|
||||
include_once('misc.inc.php');
|
||||
|
||||
/* This class is written by Wefact. See https://www.wefact.nl/wefact-hosting/apiv2/
|
||||
*/
|
||||
|
||||
class WeFactAPI
|
||||
{
|
||||
|
|
@ -52,16 +56,26 @@ class WeFactAPI
|
|||
|
||||
function do_wefact_auth($u, $p) {
|
||||
$wefact = new WeFactApi();
|
||||
$r = $wefact->sendRequest('debtor', 'show', array(
|
||||
'DebtorCode' => $u));
|
||||
|
||||
if (isset($r['status']) && $r['status'] == 'success') {
|
||||
$r = $wefact->sendRequest('debtor', 'checklogin', array(
|
||||
'Username' => $u,
|
||||
'Password' => $p
|
||||
));
|
||||
|
||||
if (isset($r['status']) && $r['status'] == 'success') {
|
||||
if (get_user_info($u) == FALSE) {
|
||||
add_user($u);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
} else {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue