mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-24 19:00:11 +01:00
added single sign-on support
This commit is contained in:
parent
02f1dac543
commit
9ef078c5f4
@ -14,3 +14,14 @@ RewriteRule ^login.php /index.php?route=login/login [L]
|
||||
RewriteRule ^logout.php /index.php?route=login/logout [L]
|
||||
RewriteRule ^google.php /index.php?route=login/google [QSA,L]
|
||||
|
||||
<IfModule auth_ntlm_winbind_module>
|
||||
<FilesMatch "sso\.php$">
|
||||
AuthName "piler NTLM authentication"
|
||||
NTLMAuth on
|
||||
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
|
||||
NTLMBasicAuthoritative on
|
||||
AuthType NTLM
|
||||
require valid-user
|
||||
</FilesMatch>
|
||||
</IfModule>
|
||||
|
||||
|
35
webui/controller/login/sso.php
Normal file
35
webui/controller/login/sso.php
Normal file
@ -0,0 +1,35 @@
|
||||
<?php
|
||||
|
||||
|
||||
class ControllerLoginSSO extends Controller {
|
||||
private $error = array();
|
||||
|
||||
public function index(){
|
||||
|
||||
$this->id = "content";
|
||||
$this->template = "login/login.tpl";
|
||||
$this->layout = "common/layout";
|
||||
|
||||
|
||||
$request = Registry::get('request');
|
||||
|
||||
$db = Registry::get('db');
|
||||
|
||||
$this->load->model('user/auth');
|
||||
$this->load->model('user/user');
|
||||
$this->load->model('user/prefs');
|
||||
$this->load->model('folder/folder');
|
||||
|
||||
$this->document->title = $this->data['text_login'];
|
||||
|
||||
if($this->model_user_auth->check_ntlm_auth() == 1) {
|
||||
header("Location: " . SITE_URL . "search.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
die("permission denied");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
@ -69,6 +69,34 @@ class ModelUserAuth extends Model {
|
||||
}
|
||||
|
||||
|
||||
public function check_ntlm_auth() {
|
||||
if(!isset($_SERVER['REMOTE_USER'])) { return 0; }
|
||||
|
||||
$u = explode("\\", $_SERVER['REMOTE_USER']);
|
||||
|
||||
if(!isset($u[1])) { return 0; }
|
||||
|
||||
$query = $this->db->query("SELECT " . TABLE_USER . ".username, " . TABLE_USER . ".uid, " . TABLE_USER . ".realname, " . TABLE_USER . ".dn, " . TABLE_USER . ".isadmin, " . TABLE_USER . ".domain FROM " . TABLE_USER . " WHERE " . TABLE_USER . ".samaccountname=?", array($u[1]));
|
||||
|
||||
if($query->num_rows == 1) {
|
||||
$_SESSION['username'] = $query->row['username'];
|
||||
$_SESSION['uid'] = $query->row['uid'];
|
||||
$_SESSION['admin_user'] = $query->row['isadmin'];
|
||||
$_SESSION['email'] = $username;
|
||||
$_SESSION['domain'] = $query->row['domain'];
|
||||
$_SESSION['realname'] = $query->row['realname'];
|
||||
|
||||
$_SESSION['emails'] = $this->model_user_user->get_users_all_email_addresses($query->row['uid']);
|
||||
$_SESSION['folders'] = $this->model_folder_folder->get_all_folder_ids($query->row['uid']);
|
||||
$_SESSION['extra_folders'] = $this->model_folder_folder->get_all_extra_folder_ids($query->row['uid']);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
public function change_password($username = '', $password = '') {
|
||||
if($username == "" || $password == ""){ return 0; }
|
||||
|
||||
|
47
webui/sso.php
Normal file
47
webui/sso.php
Normal file
@ -0,0 +1,47 @@
|
||||
<?php
|
||||
|
||||
function go_to_setup() {
|
||||
Header("Location: setup/setup.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
$stat = stat("config.php") or go_to_setup();
|
||||
if($stat[7] < 15){ go_to_setup(); }
|
||||
|
||||
|
||||
require_once("config.php");
|
||||
|
||||
require(DIR_SYSTEM . "/startup.php");
|
||||
|
||||
|
||||
$request = new Request();
|
||||
Registry::set("request", $request);
|
||||
|
||||
|
||||
session_start();
|
||||
|
||||
Registry::set('document', new Document());
|
||||
|
||||
|
||||
$loader = new Loader();
|
||||
Registry::set('load', $loader);
|
||||
|
||||
|
||||
$language = new Language();
|
||||
Registry::set('language', $language);
|
||||
|
||||
|
||||
$db = new DB(DB_DRIVER, DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE, DB_PREFIX);
|
||||
Registry::set('DB_DATABASE', DB_DATABASE);
|
||||
|
||||
Registry::set('db', $db);
|
||||
|
||||
Registry::set('DB_DRIVER', DB_DRIVER);
|
||||
|
||||
$action = new Router('login/sso');
|
||||
|
||||
$controller = new Front();
|
||||
$controller->dispatch($action, new Router('common/not_found'));
|
||||
|
||||
|
||||
?>
|
Loading…
Reference in New Issue
Block a user