Context Navigation

Authenticator.php @ 1127

Visit:

Revision 1127, 10.6 KB (checked in by benoitg, 7 years ago)

Make the MainUI, SmartyWifidog? and Session and AbstractDb? classes singletons
Implement two pass content display. All Content can now implement a prepareGetUserUI(), allowing them to interact with MainUI and other Content before display. Allow creating content such as stylesheets, feed accumulators, etc.
SmartyWifidog?.php Turn on security, begin preparing for standardisation of Smarty variables
New Content type: Stylesheet. Allows specific nodes, or even specific content groups to have custom stylesheets.
Langstring.php: Make getAdminUI calling conventions coherent with other content types.

Property svn:eol-style set to native
Property svn:executable set to *
Property svn:keywords set to Author Date Id Revision

Line
1	<?php
2
3	/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
4
5	// +-------------------------------------------------------------------+
6	// \| WiFiDog Authentication Server \|
7	// \| ============================= \|
8	// \| \|
9	// \| The WiFiDog Authentication Server is part of the WiFiDog captive \|
10	// \| portal suite. \|
11	// +-------------------------------------------------------------------+
12	// \| PHP version 5 required. \|
13	// +-------------------------------------------------------------------+
14	// \| Homepage: http://www.wifidog.org/ \|
15	// \| Source Forge: http://sourceforge.net/projects/wifidog/ \|
16	// +-------------------------------------------------------------------+
17	// \| This program is free software; you can redistribute it and/or \|
18	// \| modify it under the terms of the GNU General Public License as \|
19	// \| published by the Free Software Foundation; either version 2 of \|
20	// \| the License, or (at your option) any later version. \|
21	// \| \|
22	// \| This program is distributed in the hope that it will be useful, \|
23	// \| but WITHOUT ANY WARRANTY; without even the implied warranty of \|
24	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \|
25	// \| GNU General Public License for more details. \|
26	// \| \|
27	// \| You should have received a copy of the GNU General Public License \|
28	// \| along with this program; if not, contact: \|
29	// \| \|
30	// \| Free Software Foundation Voice: +1-617-542-5942 \|
31	// \| 59 Temple Place - Suite 330 Fax: +1-617-542-2652 \|
32	// \| Boston, MA 02111-1307, USA gnu@gnu.org \|
33	// \| \|
34	// +-------------------------------------------------------------------+
35
36	/**
37	* @package WiFiDogAuthServer
38	* @subpackage Authenticators
39	* @author Benoit Grégoire <bock@step.polymtl.ca>
40	* @author Max Horvath <max.horvath@maxspot.de>
41	* @copyright 2005-2006 Benoit Grégoire, Technologies Coeus inc.
42	* @copyright 2006 Max Horvath, maxspot GmbH
43	* @version Subversion $Id$
44	* @link http://www.wifidog.org/
45	*/
46
47	/**
48	* Load Network class
49	*/
50	require_once('classes/Network.php');
51	require_once('classes/Node.php');
52	require_once('classes/Session.php');
53	require_once('classes/User.php');
54
55	/**
56	* Abstract class to represent an authentication source
57	*
58	* @package WiFiDogAuthServer
59	* @subpackage Authenticators
60	* @author Benoit Grégoire <bock@step.polymtl.ca>
61	* @author Max Horvath <max.horvath@maxspot.de>
62	* @copyright 2005-2006 Benoit Grégoire, Technologies Coeus inc.
63	* @copyright 2006 Max Horvath, maxspot GmbH
64	*/
65	abstract class Authenticator
66	{
67	/**
68	* Object of current network
69	*
70	* @var object
71
72	*/
73	private $mNetwork;
74
75	/**
76	* Constructor
77	*
78	* @param string $network_id Id of network
79	*
80	* @return void
81	*/
82	public function __construct($network_id)
83	{
84	$this->mNetwork = Network::getObject($network_id);
85	}
86
87	/**
88	* Returns object of current network
89	*
90	* @return object Object of current network
91	*/
92	public function getNetwork()
93	{
94	return $this->mNetwork;
95	}
96
97	/**
98	* Attempts to login a user against the authentication source
99	*
100	* If successfull, returns a User object.
101	*/
102	public function login()
103	{
104	// Must be defined in child class
105	}
106
107	/**
108	* Logs out the user
109	*
110	* @param string $conn_id The connection id for the connection to work on.
111	* If it is not present, the behaviour depends if
112	* the network supports multiple logins. If it does
113	* not, all connections associated with the current
114	* user will be destroyed. If it does, only the
115	* connections tied to the current node will be
116	* destroyed.
117	*
118	* @return void
119	*/
120	public function logout($conn_id = null)
121	{
122
123	$db = AbstractDb::getObject();
124	$session = Session::getObject();
125
126	$conn_id = $db->escapeString($conn_id);
127
128	if (!empty ($conn_id)) {
129	$db->execSqlUniqueRes("SELECT CURRENT_TIMESTAMP, *, CASE WHEN ((CURRENT_TIMESTAMP - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.conn_id='$conn_id'", $info, false);
130
131	$user = User::getObject($info['user_id']);
132	$network = $user->getNetwork();
133	$splash_user_id = $network->getSplashOnlyUser()->getId();
134	$this->acctStop($conn_id);
135	} else {
136	$user = User::getCurrentUser();
137	$network = $user->getNetwork();
138	$splash_user_id = $network->getSplashOnlyUser()->getId();
139
140	if ($splash_user_id != $user->getId() && $node = Node::getCurrentNode()) {
141	// Try to destroy all connections tied to the current node
142	$sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND node_id='{$node->getId()}' AND token_status='".TOKEN_INUSE."';";
143	$conn_rows = null;
144	$db->execSql($sql, $conn_rows, false);
145
146	if ($conn_rows) {
147	foreach ($conn_rows as $conn_row) {
148	$this->acctStop($conn_row['conn_id']);
149	}
150	}
151	}
152	}
153
154	if ($splash_user_id != $user->getId() && $network->getMultipleLoginAllowed() === false) {
155	/*
156	* The user isn't the splash_only user and the network config does
157	* not allow multiple logins. Logging in with a new token implies
158	* that all other active tokens should expire
159	*/
160	$sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND token_status='".TOKEN_INUSE."';";
161	$conn_rows = null;
162	$db->execSql($sql, $conn_rows, false);
163
164	if ($conn_rows) {
165	foreach ($conn_rows as $conn_row) {
166	$this->acctStop($conn_row['conn_id']);
167	}
168	}
169	}
170
171	// Try to destroy current session
172	if (method_exists($session, "destroy")) {
173	$session->destroy();
174	}
175	}
176
177	/**
178	* Start accounting traffic for the user
179	*
180	* @param string $conn_id The connection id for the connection to work on
181	*
182	* @return void
183	*/
184	public function acctStart($conn_id)
185	{
186
187	$db = AbstractDb::getObject();
188
189	$conn_id = $db->escapeString($conn_id);
190	$db->execSqlUniqueRes("SELECT CURRENT_TIMESTAMP, *, CASE WHEN ((CURRENT_TIMESTAMP - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.conn_id='$conn_id'", $info, false);
191	$network = Network::getObject($info['network_id']);
192	$splash_user_id = $network->getSplashOnlyUser()->getId();
193	$auth_response = $info['account_status'];
194
195	// Login the user
196	$mac = $db->escapeString($_REQUEST['mac']);
197	$ip = $db->escapeString($_REQUEST['ip']);
198	$sql = "UPDATE connections SET token_status='".TOKEN_INUSE."',user_mac='$mac',user_ip='$ip',last_updated=CURRENT_TIMESTAMP WHERE conn_id='{$conn_id}';";
199	$db->execSqlUpdate($sql, false);
200
201	if ($splash_user_id != $info['user_id'] && $network->getMultipleLoginAllowed() === false) {
202	/*
203	* The user isn't the splash_only user and the network config does
204	* not allow multiple logins. Logging in with a new token implies
205	* that all other active tokens should expire
206	*/
207	$token = $db->escapeString($_REQUEST['token']);
208	$sql = "SELECT * FROM connections WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token!='$token';";
209	$conn_rows = array ();
210	$db->execSql($sql, $conn_rows, false);
211
212	if (isset ($conn_rows)) {
213	foreach ($conn_rows as $conn_row) {
214	$this->acctStop($conn_row['conn_id']);
215	}
216	}
217	}
218
219	/*
220	* Delete all unused tokens for this user, so we don't fill the database
221	* with them
222	*/
223	$sql = "DELETE FROM connections "."WHERE token_status='".TOKEN_UNUSED."' AND user_id = '{$info['user_id']}';";
224	$db->execSqlUpdate($sql, false);
225	}
226
227	/**
228	* Update traffic counters
229	*
230	* @param string $conn_id The connection id for the connection to work on
231	* @param int $incoming Incoming traffic in bytes
232	* @param int $outgoing Outgoing traffic in bytes
233	*
234	* @return void
235	*/
236	public function acctUpdate($conn_id, $incoming, $outgoing)
237	{
238
239	$db = AbstractDb::getObject();
240
241	// Write traffic counters to database
242	$conn_id = $db->escapeString($conn_id);
243	$db->execSqlUpdate("UPDATE connections SET "."incoming='$incoming',"."outgoing='$outgoing',"."last_updated=CURRENT_TIMESTAMP "."WHERE conn_id='{$conn_id}'");
244	}
245
246	/**
247	* Final update and stop accounting
248	*
249	* @param string $conn_id The connection id (the token id) for the
250	* connection to work on
251	*
252	* @return void
253	* */
254	public function acctStop($conn_id)
255	{
256
257	$db = AbstractDb::getObject();
258
259	// Stop traffic counters update
260	$conn_id = $db->escapeString($conn_id);
261	$db->execSqlUpdate("UPDATE connections SET "."timestamp_out=CURRENT_TIMESTAMP,"."token_status='".TOKEN_USED."' "."WHERE conn_id='{$conn_id}';\n", false);
262	}
263
264	/**
265	* Property method that tells if the class allows registration
266	*
267	* @return bool Returns if the class allows registration
268	*/
269	public function isRegistrationPermitted()
270	{
271	return false;
272	}
273
274	}
275
276	/*
277	* Local variables:
278	* tab-width: 4
279	* c-basic-offset: 4
280	* c-hanging-comment-ender-p: nil
281	* End:
282	*/
283

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/wifidog-auth/wifidog/classes/Authenticator.php @ 1127

Download in other formats: