Context Navigation

Authenticator.php @ 759

Visit:

Revision 759, 6.9 KB (checked in by fproulx, 8 years ago)

2005-09-17 Francois Proulx <francois.proulx@…>

Fixed RADIUS bug #1287000

Property svn:eol-style set to native
Property svn:executable set to *
Property svn:keywords set to Author Date Id Revision

Line
1	<?php
2	/********************************************************************\
3	* This program is free software; you can redistribute it and/or *
4	* modify it under the terms of the GNU General Public License as *
5	* published by the Free Software Foundation; either version 2 of *
6	* the License, or (at your option) any later version. *
7	* *
8	* This program is distributed in the hope that it will be useful, *
9	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
10	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
11	* GNU General Public License for more details. *
12	* *
13	* You should have received a copy of the GNU General Public License*
14	* along with this program; if not, contact: *
15	* *
16	* Free Software Foundation Voice: +1-617-542-5942 *
17	* 59 Temple Place - Suite 330 Fax: +1-617-542-2652 *
18	* Boston, MA 02111-1307, USA gnu@gnu.org *
19	* *
20	\********************************************************************/
21	/**@file Authenticator.php
22	* @author Copyright (C) 2005 Benoit Grégoire <bock@step.polymtl.ca>,
23	* Technologies Coeus inc.
24	*/
25
26	require_once BASEPATH.'classes/Network.php';
27
28	/** Abstract class to represent an authentication source */
29	abstract class Authenticator
30	{
31	private $mNetwork;
32
33	function __construct($network_id)
34	{
35	$this->mNetwork = Network::getObject($network_id);
36	}
37
38	public function getNetwork()
39	{
40	return $this->mNetwork;
41	}
42
43	/** Attempts to login a user against the authentication source. If successfull, returns a User object */
44	function login()
45	{
46	}
47
48	/** Logs out the user
49	* $conn_id: The connection id for the connection to work on. Optionnal.
50	* If it is not present, the behaviour depends if the network supports
51	* multiple logins. If it does not, all connections associated with the
52	* current user will be destroyed. If it does, only the connections
53	* tied to the current node will be destroyed */
54	function logout($conn_id = null)
55	{
56	global $db;
57	$conn_id = $db->escapeString($conn_id);
58	if (!empty ($conn_id))
59	{
60	$db->ExecSqlUniqueRes("SELECT NOW(), *, CASE WHEN ((NOW() - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.conn_id='$conn_id'", $info, false);
61
62	$user = User :: getObject($info['user_id']);
63	$network = $user->getNetwork();
64	$splash_user_id = $network->getSplashOnlyUser()->getId();
65	$this->acctStop($conn_id);
66	}
67	else
68	{
69	$user = User :: getCurrentUser();
70	$network = $user->getNetwork();
71	$splash_user_id = $network->getSplashOnlyUser()->getId();
72	if ($splash_user_id != $user->getId() && $node = Node :: getCurrentNode())
73	{
74	//Try to destroy all connections tied to the current node
75	$sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND node_id='{$node->getId()}' AND token_status='".TOKEN_INUSE."';\n";
76	$conn_rows = null;
77	$db->ExecSql($sql, $conn_rows, false);
78	if ($conn_rows)
79	{
80	foreach ($conn_rows as $conn_row)
81	{
82	$this->acctStop($conn_row['conn_id']);
83	}
84	}
85	}
86	}
87
88	if ($splash_user_id != $user->getId() && $network->getMultipleLoginAllowed() == false)
89	{
90	/* The user isn't the splash_only user and the network config does not allow multiple logins.
91	* Logging in with a new token implies that all other active tokens should expire */
92	$sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND token_status='".TOKEN_INUSE."';\n";
93	$conn_rows = null;
94	$db->ExecSql($sql, $conn_rows, false);
95	if ($conn_rows)
96	{
97	foreach ($conn_rows as $conn_row)
98	{
99	$this->acctStop($conn_row['conn_id']);
100	}
101	}
102	}
103	global $session;
104	$session->destroy();
105
106	}
107
108	/** Start accounting traffic for the user
109	* $conn_id: The connection id for the connection to work on */
110	function acctStart($conn_id)
111	{
112	//$info['conn_id']
113	global $db;
114	$conn_id = $db->escapeString($conn_id);
115	$db->ExecSqlUniqueRes("SELECT NOW(), *, CASE WHEN ((NOW() - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.conn_id='$conn_id'", $info, false);
116	$network = Network :: getObject($info['network_id']);
117	$splash_user_id = $network->getSplashOnlyUser()->getId();
118	$auth_response = $info['account_status'];
119	/* Login the user */
120	$mac = $db->EscapeString($_REQUEST['mac']);
121	$ip = $db->EscapeString($_REQUEST['ip']);
122	$sql = "UPDATE connections SET "."token_status='".TOKEN_INUSE."',"."user_mac='$mac',"."user_ip='$ip',"."last_updated=NOW()"."WHERE conn_id='{$conn_id}';\n";
123	$db->ExecSqlUpdate($sql, false);
124	if ($splash_user_id != $info['user_id'] && $network->getMultipleLoginAllowed() == false)
125	{
126	/* The user isn't the splash_only user and the network config does not allow multiple logins.
127	* Logging in with a new token implies that all other active tokens should expire */
128	$token = $db->EscapeString($_REQUEST['token']);
129	$sql = "SELECT * FROM connections WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token!='$token';\n";
130	$conn_rows = array ();
131	$db->ExecSql($sql, $conn_rows, true);
132	if (isset ($conn_rows))
133	{
134	foreach ($conn_rows as $conn_row)
135	{
136	$this->acctStop($conn_row['conn_id']);
137	}
138	}
139	}
140
141	/* Delete all unused tokens for this user, so we don't fill the database with them */
142	$sql = "DELETE FROM connections "."WHERE token_status='".TOKEN_UNUSED."' AND user_id = '{$info['user_id']}';\n";
143	$db->ExecSqlUpdate($sql, false);
144	}
145
146	/** Update traffic counters
147	* $conn_id: The connection id for the connection to work on */
148	function acctUpdate($conn_id, $incoming, $outgoing)
149	{
150	// Write traffic counters to database
151	global $db;
152	$conn_id = $db->escapeString($conn_id);
153	$db->ExecSqlUpdate("UPDATE connections SET "."incoming='$incoming',"."outgoing='$outgoing',"."last_updated=NOW() "."WHERE conn_id='{$conn_id}'");
154	}
155
156	/** Final update and stop accounting
157	* $conn_id: The connection id (the token id) for the connection to work on
158	* */
159	function acctStop($conn_id)
160	{
161	// Stop traffic counters update
162	global $db;
163	$conn_id = $db->escapeString($conn_id);
164	$db->ExecSqlUpdate("UPDATE connections SET "."timestamp_out=NOW(),"."token_status='".TOKEN_USED."' "."WHERE conn_id='{$conn_id}';\n", false);
165	}
166
167	/**
168	* Property method that tells if the class allows registration
169	*/
170	function isRegistrationPermitted()
171	{
172	return false;
173	}
174
175	} // End class
176	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/wifidog-auth/wifidog/classes/Authenticator.php @ 759

Download in other formats: