Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

PSR12

Browse Source
This commit is contained in:
Dominique Fournier
2022-11-25 21:21:30 +01:00
parent 2d6df0d5f0
commit 94deb06f52
132 changed files with 44887 additions and 41368 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
src/Authhtpasswd.php
View File

@@ -1,4 +1,5 @@
<?php
/** DomFramework
* @package domframework
* @author Dominique Fournier <dominique@fournier38.fr>
@@ -13,82 +14,103 @@ namespace Domframework;
*/
class Authhtpasswd extends Auth
{
/** The .htpasswd file to use for authentication */
public $htpasswdFile;
/** The .htpasswd file to use for authentication */
public $htpasswdFile;
/** The details to return if the user is authenticated */
private $details = null;
/** The details to return if the user is authenticated */
private $details = null;
/** There is no real connection to htpasswd */
public function connect ()
{
if (! file_exists ($this->htpasswdFile))
throw new \Exception (sprintf (dgettext ("domframework",
"The HTPasswd file '%s' is not found"),
$this->htpasswdFile), 500);
if (! is_readable ($this->htpasswdFile))
throw new \Exception (sprintf (dgettext ("domframework",
"The HTPasswd file '%s' is not readable"),
$this->htpasswdFile), 500);
}
/** Try to authenticate the email/password of the user
@param string $email Email to authenticate
@param string $password Password to authenticate */
public function authentication ($email, $password)
{
// Redo the checks of connect to not have a property to add
$this->connect ();
$file = file_get_contents ($this->htpasswdFile);
$lines = explode ("\n", $file);
foreach ($lines as $line)
/** There is no real connection to htpasswd */
public function connect()
{
// Comment line : skip it
if (isset ($line[0]) && $line[0] === "#")
continue;
$line = trim ($line);
$user = strstr ($line, ":", true);
$cryptedPassword = substr (strstr ($line, ':'), 1);
if ($user === $email)
{
if (substr ($cryptedPassword, 0, 6) === '$apr1$')
throw new \Exception (dgettext ("domframework",
"Invalid format of password"), 500);
if (crypt ($password, $cryptedPassword) !== $cryptedPassword)
throw new \Exception ("Bad password for '$email'", 401);
$this->details = array ("email"=>$email);
return TRUE;
}
if (! file_exists($this->htpasswdFile)) {
throw new \Exception(sprintf(
dgettext(
"domframework",
"The HTPasswd file '%s' is not found"
),
$this->htpasswdFile
), 500);
}
if (! is_readable($this->htpasswdFile)) {
throw new \Exception(sprintf(
dgettext(
"domframework",
"The HTPasswd file '%s' is not readable"
),
$this->htpasswdFile
), 500);
}
}
throw new \Exception ("Unable to find the user : '$email'", 401);
}
/** Return all the parameters recorded for the authenticate user */
public function getdetails ()
{
return $this->details;
}
/** Try to authenticate the email/password of the user
@param string $email Email to authenticate
@param string $password Password to authenticate */
public function authentication($email, $password)
{
// Redo the checks of connect to not have a property to add
$this->connect();
$file = file_get_contents($this->htpasswdFile);
$lines = explode("\n", $file);
foreach ($lines as $line) {
// Comment line : skip it
if (isset($line[0]) && $line[0] === "#") {
continue;
}
$line = trim($line);
$user = strstr($line, ":", true);
$cryptedPassword = substr(strstr($line, ':'), 1);
if ($user === $email) {
if (substr($cryptedPassword, 0, 6) === '$apr1$') {
throw new \Exception(dgettext(
"domframework",
"Invalid format of password"
), 500);
}
if (crypt($password, $cryptedPassword) !== $cryptedPassword) {
throw new \Exception("Bad password for '$email'", 401);
}
$this->details = array("email" => $email);
return true;
}
}
throw new \Exception("Unable to find the user : '$email'", 401);
}
/** Method to change the password
@param string $oldpassword The old password (to check if the user have the
rights to change the password)
@param string $newpassword The new password to be recorded */
public function changepassword ($oldpassword, $newpassword)
{
throw new \Exception (dgettext ("domframework",
"The password can't be change for HTPasswd users"),
405);
}
/** Return all the parameters recorded for the authenticate user */
public function getdetails()
{
return $this->details;
}
/** Method to change the password
@param string $oldpassword The old password (to check if the user have the
rights to change the password)
@param string $newpassword The new password to be recorded */
public function changepassword($oldpassword, $newpassword)
{
throw new \Exception(
dgettext(
"domframework",
"The password can't be change for HTPasswd users"
),
405
);
}
/** Method to overwrite the password (without oldpassword check)
Must be reserved to the administrators. For the users, use changepassword
method
@param string $email the user identifier to select
@param string $newpassword The new password to be recorded */
public function overwritepassword ($email, $newpassword)
{
throw new \Exception (dgettext ("domframework",
"The password can't be change for HTPasswd users"),
405);
}
public function overwritepassword($email, $newpassword)
{
throw new \Exception(
dgettext(
"domframework",
"The password can't be change for HTPasswd users"
),
405
);
}
}