This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".
The branch, master has been updated
via eca8d87d68606f72947819d78e793849626a473d (commit)
via 7e0055fed188a5ff80ac113634cedbc401f51e52 (commit)
from 532c61b23ca4a979aad9da542c4d310afae27541 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=eca8d87d68606f72947819d78e793849626a473d
commit eca8d87d68606f72947819d78e793849626a473d
Author: Franck Villaume <[email protected]>
Date: Sun Mar 5 15:20:59 2017 +0100
review session_valid_login function to extend support to other auth
mechanism such as authhttpd
diff --git a/src/common/include/session.php b/src/common/include/session.php
index c84781b..ef58373 100644
--- a/src/common/include/session.php
+++ b/src/common/include/session.php
@@ -198,16 +198,28 @@ function session_login_valid($loginname, $passwd,
$allowpending = 0) {
$hook_params = array();
$hook_params['loginname'] = $loginname;
$hook_params['passwd'] = $passwd;
- $result = plugin_hook("session_before_login", $hook_params);
+ $hook_params['results'] = array();
+ plugin_hook_by_reference("session_login_valid", $hook_params);
+ $plugin_session_login_valid = false;
// Refuse login if not all the plugins are ok.
- if (!$result) {
- if (!util_ifsetor($feedback)) {
- $warning_msg = _('Invalid Password Or User Name');
+ foreach ($params['results'] as $p => $r) {
+ $plugin_session_login_valid = true;
+ if ($r == FORGE_AUTH_AUTHORITATIVE_ACCEPT) {
+ $seen_yes = true;
+ } elseif ($r == FORGE_AUTH_AUTHORITATIVE_REJECT) {
+ $seen_no = true;
+ }
+ }
+ if ($plugin_session_login_valid) {
+ if ($seen_yes && !$seen_no) {
+ return true;
}
+ $warning_msg = _('Invalid Password Or User Name');
return false;
}
+ //fallback => rely on database.
return session_login_valid_dbonly($loginname, $passwd, $allowpending);
}
diff --git a/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
b/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
index bea45fe..21efdbd 100644
--- a/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
+++ b/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
@@ -40,6 +40,7 @@ FusionForge, for instance where Kerberos is used.");
$this->_addHook("check_auth_session");
$this->_addHook("fetch_authenticated_user");
$this->_addHook("close_auth_session");
+ $this->_addHook('session_valid_login');
$this->saved_login = '';
$this->saved_user = NULL;
@@ -74,6 +75,25 @@ FusionForge, for instance where Kerberos is used.");
$params['transparent_redirect_urls'][$this->name] =
util_make_url('/plugins/'.$this->name.'/post-login.php?return_to='.htmlspecialchars(stripslashes($return_to)));
}
+
+ function session_login_valid($params) {
+ $user = user_get_object_by_name($params['loginname']);
+ if ($user) {
+ if ($this->isSufficient()) {
+ $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
+ } else {
+ $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
+ }
+ } else {
+ if ($this->isRequired()) {
+ $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
+ } else {
+ $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
+ }
+ }
+ return true;
+ }
+
/**
* checkAuthSession - Is there a valid session?
* @param array $params
diff --git a/src/plugins/authldap/common/AuthLDAPPlugin.class.php
b/src/plugins/authldap/common/AuthLDAPPlugin.class.php
index f6c3f27..ab77333 100644
--- a/src/plugins/authldap/common/AuthLDAPPlugin.class.php
+++ b/src/plugins/authldap/common/AuthLDAPPlugin.class.php
@@ -49,6 +49,7 @@ into the FusionForge database.");
$this->_addHook("sync_account_info");
$this->_addHook("close_auth_session");
$this->_addHook("refresh_auth_session");
+ $this->_addHook('session_login_valid');
$this->ldap_conn = false;
$this->saved_login = '';
@@ -271,6 +272,11 @@ into the FusionForge database.");
return $data;
}
+ function session_login_valid($params) {
+ $params['results'][] =
$this->checkLDAPCredentials($params['loginname'], $params['passwd']);
+ return true;
+ }
+
function checkLDAPCredentials($loginname, $passwd) {
if (!$this->ConnectLdap()) {
// No connection to LDAP directory
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=7e0055fed188a5ff80ac113634cedbc401f51e52
commit 7e0055fed188a5ff80ac113634cedbc401f51e52
Author: Franck Villaume <[email protected]>
Date: Sun Mar 5 15:19:25 2017 +0100
use double-quote
diff --git a/src/www/include/login-form.php b/src/www/include/login-form.php
index 7f06aa4..17617d0 100644
--- a/src/www/include/login-form.php
+++ b/src/www/include/login-form.php
@@ -67,7 +67,7 @@ function display_login_form($return_to = '/', $triggered =
false, $full_page = f
}
if ($triggered) {
- echo $HTML->warning_msg(_('You\'ve been redirected to this
login page because you have tried accessing a page that was not available to
you as an anonymous user.'));
+ echo $HTML->warning_msg(_("You've been redirected to this login
page because you have tried accessing a page that was not available to you as
an anonymous user."));
}
if (count ($params['html_snippets']) > 1) {
-----------------------------------------------------------------------
Summary of changes:
src/common/include/session.php | 20 ++++++++++++++++----
.../authhttpd/common/AuthHTTPDPlugin.class.php | 20 ++++++++++++++++++++
src/plugins/authldap/common/AuthLDAPPlugin.class.php | 6 ++++++
src/www/include/login-form.php | 2 +-
4 files changed, 43 insertions(+), 5 deletions(-)
hooks/post-receive
--
FusionForge
_______________________________________________
Fusionforge-commits mailing list
[email protected]
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-commits
