https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1429: Refactoring Authentication::_clearCookies() to be clearCookies()
[bugdar.git] / includes / auth / auth.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./includes/api_user.php');
23
24 /**
25 * Abstract Authentication
26 *
27 * This is an abstract class that is used to provide authentication for
28 * Bugdar.
29 *
30 * @author Blue Static
31 * @copyright Copyright (c)2002 - [#]year[#], Blue Static
32 * @version $Revision$
33 * @package Bugdar
34 *
35 */
36 class Authentication
37 {
38 /**
39 * The database connection to AUTHENTICATE against; can be to a separate database
40 * @var object
41 */
42 var $authDb;
43
44 /**
45 * The database connection to the BUGDAR database
46 * @var object
47 */
48 var $db;
49
50 /**
51 * The Bugdar registry
52 * @var object
53 */
54 var $registry;
55
56 /**
57 * Array of user data from the AUTHENTICATION database
58 * @var array
59 */
60 var $authUser;
61
62 /**
63 * Array of user data from the BUGDAR database
64 * @var array
65 */
66 var $bugdarUser;
67
68 /**
69 * Mapping of Bugdar fields to authentication database fields; these will be synced between databases upon login
70 * @var array
71 */
72 var $fieldMap = array(
73 'authid' => null,
74 'displayname' => null,
75 'email' => null,
76 'password' => null,
77 );
78
79 // ###################################################################
80 /**
81 * Constructor
82 */
83 function __construct()
84 {
85 global $bugsys;
86
87 $this->registry =& $bugsys;
88 $this->db =& $bugsys->db;
89
90 $this->registry->debug('authentication system: ' . get_class($this));
91
92 $this->_setupDatabase();
93 }
94
95 // ###################################################################
96 /**
97 * Returns the information array for the Bugdar user. This must be
98 * called after an authentication method.
99 */
100 function fetchBugdarUser()
101 {
102 return $this->bugdarUser;
103 }
104
105 // ###################################################################
106 /**
107 * Sets up the database to authenticate against. You can create a new
108 * database object here. Whatever you choose, you need to reference
109 * Authentication->authDb to the object
110 */
111 function _setupDatabase() {}
112
113 // ###################################################################
114 /**
115 * Returns the sanitized value of the user ID or unique identifier
116 * found in the cookie of an already-authenticated user.
117 */
118 function _fetchCookieUniqueId() {}
119
120 // ###################################################################
121 /**
122 * Returns the sanitized value of the authentication key or cookie-safe
123 * password found in the cookies of an already-authenticated user.
124 */
125 function _fetchCookiePassword() {}
126
127 // ###################################################################
128 /**
129 * Returns an array of user data fetched using the user information
130 * values found in cookies. It should NOT be responsible for verifying
131 * the authentication information, but only fetching it.
132 */
133 function _fetchUserUsingCookies() {}
134
135 // ###################################################################
136 /**
137 * Returns TRUE if the cookie data values are valid in the data array
138 * returned from _fetchUserUsingCookies(), and FALSE if they are not.
139 */
140 function _verifyCookieData() {}
141
142 // ###################################################################
143 /**
144 * Authenticates the user using cookie data. You shouldn't need to
145 * customize this method if you implement all the helpers correctly.
146 * Returns TRUE if the cookies are valid and the user is logged in.
147 */
148 function authenticateCookies()
149 {
150 if (!$this->_fetchCookieUniqueId() OR !$this->_fetchCookiePassword())
151 {
152 $this->clearCookies();
153 return false;
154 }
155
156 $this->authUser = $this->_fetchUserUsingCookies();
157
158 if (!$this->authUser)
159 {
160 $this->authUser = null;
161 $this->clearCookies();
162 return false;
163 }
164
165 if ($this->_verifyCookieData())
166 {
167 $this->_setCookies(true);
168 $this->_syncBugdarUser();
169 $this->bugdarUser = $this->_fetchBugdarUserFromAuthUser();
170 return true;
171 }
172 else
173 {
174 $this->authUser = null;
175 $this->clearCookies();
176 return false;
177 }
178 }
179
180 // ###################################################################
181 /**
182 * Returns an array with the authentication user information, found
183 * by the unique login identifier passed to the function.
184 */
185 function _fetchUserWithIdentifier($string) {}
186
187 // ###################################################################
188 /**
189 * Verifies that the authUser's password matches the plain-text password
190 * passed to this function. This is basically the transformation of
191 * the plaintext to the hashed password and the result of the comparison.
192 */
193 function _verifyLoginUser($password) {}
194
195 // ###################################################################
196 /**
197 * Authenticates a user at login from two keys: an identifier and
198 * a password. In Bugdar, the identifier is an email, but it can be
199 * any unique string found in the authentication database. Returns
200 * TRUE if the authentication is successful, and FALSE if not. Also
201 * determines if the cookies are sticky ("rememember me" login)
202 */
203 function authenticateLogin($string, $password, $sticky = false)
204 {
205 $this->authUser = $this->_fetchUserWithIdentifier($string);
206
207 if (!$this->authUser)
208 {
209 $this->authUser = null;
210 return false;
211 }
212
213 if ($this->_verifyLoginUser($password))
214 {
215 $this->_setCookies($sticky);
216 $this->_syncBugdarUser();
217 $this->bugdarUser = $this->_fetchBugdarUserFromAuthUser();
218 return true;
219 }
220 else
221 {
222 $this->authUser = null;
223 return false;
224 }
225 }
226
227 // ###################################################################
228 /**
229 * Returns the BUGDAR user array from the data in the AUTHENTICATION user
230 * array. If the Bugdar user does not exist, call _createBugdarUser()
231 * to add the user into the Bugdar database. This is necessary so Bugdar options
232 * can be saved in the Bugdar database (and not in the auth one), however
233 * authentication details will NOT be stored in the Bugdar database.
234 */
235 function _fetchBugdarUserFromAuthUser() {}
236
237 // ###################################################################
238 /**
239 * Creates a Bugdar user with the authentication details specified in
240 * the auth array and returns it. You need to call this in
241 * _fetchBugdarUserFromAuthUser() and use the UserAPI to create the user.
242 * This will create a new user in Bugdar with the data from the authentication DB
243 * with the fields specified in fieldMap.
244 */
245 function _createBugdarUser()
246 {
247 $user = new UserAPI($this->registry);
248
249 // if the email already exists in the DB, it must be the same person so just hook up the authid
250 if ($check = $this->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->db->escape_string($this->authUser[ $this->fieldMap['email'] ]) . "'"))
251 {
252 $user->set('userid', $check['userid']);
253 $user->set_condition();
254 $user->set('authid', $this->authUser[ $this->fieldMap['authid'] ]);
255 $user->update();
256 $user->fetch();
257
258 return $user->objdata;
259 }
260 else
261 {
262 $user = new UserAPI($this->registry);
263 foreach ($this->fieldMap AS $bugdar => $authdb)
264 {
265 $user->set($bugdar, $this->authUser["$authDb"]);
266 }
267 $user->set('usergroupid', 2);
268 $user->insert();
269
270 return $user->values;
271 }
272 }
273
274 // ###################################################################
275 /**
276 * Syncs a Bugdar user's fieldMap'ed values to the authentication DB's
277 * values. This allows the users to stay mostly-in-sync for the most
278 * basic of information (like email, timezone, etc.). Passwords are
279 * NOT synced.
280 */
281 function _syncBugdarUser()
282 {
283 $fields = $this->fieldMap;
284 unset($fields['authid']);
285 unset($fields['password']);
286
287 $change = false;
288
289 $user = new UserAPI($this->registry);
290 $user->set('userid', $this->authUser[ $this->fieldMap['authid'] ]);
291 $user->set_condition();
292 foreach ($fields AS $bugdar => $authdb)
293 {
294 if ($this->bugdarUser["$bugdar"] != $this->authUser["$authDb"])
295 {
296 $user->set($bugdar, $this->authUser["$authdb"]);
297 $change = true;
298 }
299 }
300 if ($change)
301 {
302 $user->update();
303 }
304 }
305
306 // ###################################################################
307 /**
308 * Responsible for unsetting all authentication cookies because they
309 * are invalid
310 */
311 function clearCookies() {}
312
313 // ###################################################################
314 /**
315 * Sets the authentication cookies; this is done both at login and
316 * for renewing the cookies upon successful cookie validation. The
317 * option it takes determines whether the cookies are sticky or not.
318 */
319 function _setCookies($permanent = false) {}
320 }
321
322 /*=====================================================================*\
323 || ###################################################################
324 || # $HeadURL$
325 || # $Id$
326 || ###################################################################
327 \*=====================================================================*/
328 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.