From: Janusz Dobrowolski Date: Tue, 14 Jun 2011 09:09:04 +0000 (+0200) Subject: Added hook for authentication from external sources like LDAP. X-Git-Tag: 2.3-final~621 X-Git-Url: https://delta.frontaccounting.com/gitweb/?p=fa-stable.git;a=commitdiff_plain;h=f8f29c33f36dda542da9ad33fdfcf6849fcd9a1d Added hook for authentication from external sources like LDAP. --- diff --git a/admin/db/users_db.inc b/admin/db/users_db.inc index cd502ef3..7ca310d1 100644 --- a/admin/db/users_db.inc +++ b/admin/db/users_db.inc @@ -89,8 +89,7 @@ function get_user($id) } //----------------------------------------------------------------------------------------------- -// This function is necessary for admin prefs update after upgrade from 2.1 -// + function get_user_by_login($user_id) { $sql = "SELECT * FROM ".TB_PREF."users WHERE user_id=".db_escape($user_id); @@ -110,7 +109,10 @@ function delete_user($id) } //----------------------------------------------------------------------------------------------- - +// +// Obsolete, to be removed in 2.4. This function as been spleet into get_user_auth/get_user_by_login +// in FA 2.3.6 +// function get_user_for_login($user_id, $password) { set_global_connection(); @@ -125,6 +127,18 @@ function get_user_for_login($user_id, $password) //----------------------------------------------------------------------------------------------- +function get_user_auth($user_id, $password) +{ + set_global_connection(); + + $sql = "SELECT * FROM ".TB_PREF."users WHERE user_id = ".db_escape($user_id)." AND" + ." password=".db_escape($password); + + return db_num_rows(db_query($sql, "could not get validate user login for $user_id")) != 0; +} + +//----------------------------------------------------------------------------------------------- + function update_user_visitdate($user_id) { $sql = "UPDATE ".TB_PREF."users SET last_visit_date='". date("Y-m-d H:i:s") ."' diff --git a/includes/current_user.inc b/includes/current_user.inc index 27d69e3d..7c99f233 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -63,11 +63,19 @@ class current_user $this->set_company($company); $this->logged = false; - $Auth_Result = get_user_for_login($loginname, $password); + set_global_connection(); - if (db_num_rows($Auth_Result) > 0) + // Use external authentication source if any. + // Keep in mind you need to have user data set for $loginname + // in FA users table anyway to successfully log in. + $Auth_Result = hook_authenticate($loginname, $password); + + if (!isset($Auth_Result)) // if not used: standard method + $Auth_Result = get_user_auth($loginname, md5($password)); + + if ($Auth_Result) { - $myrow = db_fetch($Auth_Result); + $myrow = get_user_by_login($loginname); $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { if ($this->old_db) { diff --git a/includes/hooks.inc b/includes/hooks.inc index f5cfe2a0..fedbc4c2 100644 --- a/includes/hooks.inc +++ b/includes/hooks.inc @@ -100,11 +100,9 @@ class hooks { // // Returns: amount in words as string. -/* commented out in base class to enable use with hook_invoke_last function price_in_words($amount, $doc_type) { } -*/ // // Exchange rate currency $curr as on date $date. // Keep in mind FA has internally implemented 3 exrate providers @@ -112,14 +110,19 @@ class hooks { // with apprioprate provider set, otherwise implement your own. // Returns: $curr value in home currency units as a real number. -/* commented out in base class to enable use with hook_invoke_last function retrieve_exrate($curr, $date) { // $provider = 'ECB'; // 'ECB', 'YAHOO' or 'GOOGLE' // return get_extern_rate($curr, $provider, $date); return null; } -*/ + + // External authentication + // If used should return true after successfull athentication, false otherwise. + function authenticate($login, $password) + { + return null; + } // Generic function called at the end of Tax Report (report 709) // Can be used e.g. for special database updates on every report printing // or to print special tax report footer @@ -283,28 +286,26 @@ function hook_invoke_first($method, &$data, $opts=null) return $result; } /* - Returns result of last hook installed. Helps implement hooks overriding by + Returns last non-null result returned from modules method. Helps implement hooks overriding by extensions installed later. - */ function hook_invoke_last($method, &$data, $opts=null) { global $Hooks; - $found = false; - foreach($Hooks as $ext => $hook) { + $result = null; + $Reverse = array_reverse($Hooks); + foreach($Reverse as $ext => $hook) { if (method_exists($hook, $method)) { - $found = $ext; + set_ext_domain('modules/'.$ext); + $result = $hook->$method($data, $opts); + if (isset($result)) + break; } } - $ret = null; - if ($found) { - set_ext_domain('modules/'.$found); - $ret = $Hooks[$found]->$method($data, $opts); - set_ext_domain(); - } - return $ret; + set_ext_domain(); + return $result; } //------------------------------------------------------------------------------------------ // Database transaction hooks. @@ -390,3 +391,11 @@ function hook_session_start($company) } return false; } +// +// Third party authentication modules. +// Returns true after successfull authentication, false otherwise, null if no login hook is defined. +// +function hook_authenticate($login, $password) +{ + return hook_invoke_last('authenticate', $login, $password); +} diff --git a/includes/session.inc b/includes/session.inc index 261f8914..ae77e1ba 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -259,6 +259,8 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ login_timeout(); + install_hooks(); + if (!$_SESSION["wa_current_user"]->logged_in()) { // Show login screen @@ -277,7 +279,7 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ $succeed = isset($db_connections[$_POST["company_login_name"]]) && $_SESSION["wa_current_user"]->login($_POST["company_login_name"], - $_POST["user_name_entry_field"], md5($_POST["password"])); + $_POST["user_name_entry_field"], $_POST["password"]); // select full vs fallback ui mode on login $_SESSION["wa_current_user"]->ui_mode = $_POST['ui_mode']; if (!$succeed) @@ -294,8 +296,6 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ if (!$_SESSION["wa_current_user"]->old_db) include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php'); - install_hooks(); - if (!isset($_SESSION["App"])) { $_SESSION["App"] = new front_accounting(); $_SESSION["App"]->init();