blob: 991ca3f52c5547849440637e2bcea728da1f6590 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
<?php
/*
* $Id: OpenMediaVault.php 470 2012-10-24 21:43:25Z imooreyahoo@gmail.com $
*/
/*
* OMV Specific
*/
try {
// Must be made global or OMV breaks
global $xmlConfig, $OMV_DEFAULT_FILE;
require_once("openmediavault/globals.inc");
require_once("openmediavault/session.inc");
require_once("rpc/authentication.inc");
} catch(Exception $e) {
header("Content-Type: text/html");
die("Error #".$e->getCode().":<br/>". str_replace("\n", "<br/>",$e->__toString()));
}
class phpvbAuthOpenMediaVault implements phpvbAuth {
static $session = null;
var $capabilities = array(
'canChangePassword' => false,
'sessionStart' => 'sessionStart',
'canLogout' => true
);
var $config = array(
'allowNonAdmin' => false
);
function __construct($userConfig = null) {
if($userConfig) $this->config = array_merge($this->config,$userConfig);
}
function login($username, $password)
{
# Try / catch so that we don't expose
# usernames / passwords
require_once("rpc/authentication.inc");
$a = new AuthenticationRpc();
try {
$auth = $a->login(array('username'=>$username,'password'=>$password));
self::$session = &OMVSession::getInstance();
if(@$auth["authenticated"] &&
(self::$session->getRole() !== OMV_ROLE_USER || $this->config['allowNonAdmin'])) {
$_SESSION['admin'] = (self::$session->getRole() !== OMV_ROLE_USER);
$_SESSION['user'] = $_SESSION['username'];
$_SESSION['valid'] = ($_SESSION['admin'] || $this->config['allowNonAdmin']);
$_SESSION['authCheckHeartbeat'] = time();
}
if(!@$_SESSION['valid']) {
return false;
}
return true;
} catch (Exception $e) {
return false;
}
return false;
}
function sessionStart($keepopen) {
self::$session = &OMVSession::getInstance();
self::$session->start();
if (self::$session->isAuthenticated() && !self::$session->isTimeout()) {
self::$session->validate();
self::$session->updateLastAccess();
$_SESSION['admin'] = (self::$session->getRole() !== OMV_ROLE_USER);
$_SESSION['user'] = $_SESSION['username'];
$_SESSION['valid'] = (self::$session->getRole() !== OMV_ROLE_USER || $this->config['allowNonAdmin']);
} else {
$_SESSION['admin'] = $_SESSION['user'] = $_SESSION['valid'] = null;
}
if(!$keepopen)
session_write_close();
}
function logout(&$response)
{
require_once("rpc/authentication.inc");
$a = new AuthenticationRpc();
$a->logout();
$response['data']['result'] = 1;
}
/* Defined for compatibility with implemented interface */
function heartbeat($vbox){}
function changePassword($old, $new){}
function listUsers(){}
function updateUser($vboxRequest, $skipExistCheck){}
function deleteUser($user){}
}
|
