diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-10-27 07:43:02 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-10-27 07:43:02 +0000 |
| commit | e0fa17f8cc0138a166b08168a54632cd8c806a1a (patch) | |
| tree | 035b7c7e6a1d6d661e70e2100a26ff16057ca2ab /modules | |
| parent | d6e50fd701008d2b8cfa5ecb827ae0880c91b500 (diff) | |
| download | ampache-e0fa17f8cc0138a166b08168a54632cd8c806a1a.tar.gz ampache-e0fa17f8cc0138a166b08168a54632cd8c806a1a.tar.bz2 ampache-e0fa17f8cc0138a166b08168a54632cd8c806a1a.zip | |
new http auth method
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/vauth/auth.lib.php | 36 | ||||
| -rw-r--r-- | modules/vauth/session.lib.php | 5 |
2 files changed, 38 insertions, 3 deletions
diff --git a/modules/vauth/auth.lib.php b/modules/vauth/auth.lib.php index aff9ee49..cf8cfe1c 100644 --- a/modules/vauth/auth.lib.php +++ b/modules/vauth/auth.lib.php @@ -172,4 +172,40 @@ function vauth_ldap_auth($username, $password) { } // vauth_ldap_auth + +/** + * vauth_http_auth + * This auth method relies on HTTP auth from Apache + * This is not a very secure method of authentication + * defaulted to off. Because if they can load the page they + * are considered to be authenticated we need to look and + * see if their user exists and if not, by golly we just + * go ahead and created it. NOT SECURE!!!!! + */ +function vauth_http_auth($username) { + + /* Check if the user exists */ + if ($user = new User($username)) { + $results['success'] = true; + $results['type'] = 'mysql'; + $results['username'] = $username; + $results['name'] = $user->fullname; + $results['email'] = $user->email; + return $results; + } + + + /* If not then we auto-create the entry as a user.. :S */ + $user->create($username,$username,'',md5(rand()),'25'); + $user = new User($username); + + $results['success'] = true; + $results['type'] = 'mysql'; + $results['username'] = $username; + $results['name'] = $user->fullname; + $results['email'] = $user->email; + return $results; + +} // vauth_http_auth + ?> diff --git a/modules/vauth/session.lib.php b/modules/vauth/session.lib.php index 9139c3b9..6a7727c2 100644 --- a/modules/vauth/session.lib.php +++ b/modules/vauth/session.lib.php @@ -206,10 +206,10 @@ function vauth_session_create($data) { $username = sql_escape($data['username']); $type = sql_escape($data['type']); $value = sql_escape($data['value']); - $expire = sql_escape(vauth_conf('session_length')); + $expire = sql_escape(time() + vauth_conf('session_length')); /* We can't have null things here people */ - if (strlen($value) == 2) { $value = ' '; } + if (!strlen($value)) { $value = ' '; } /* Insert the row */ $sql = "INSERT INTO session (`id`,`username`,`type`,`value`,`expire`) " . @@ -234,7 +234,6 @@ function vauth_check_session() { $session_name = vauth_conf('session_name'); $key = scrub_in($_COOKIE[$session_name]); - $results = vauth_get_session($key); if (!is_array($results)) { |