2012-06-03 14:19:28 -04:00
< ? php
2017-12-01 22:55:48 -05:00
use Friendica\Model\User ;
2012-06-03 14:19:28 -04:00
2017-12-01 22:55:48 -05:00
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic
{
2012-07-08 13:12:58 -04:00
/**
* @ var Sabre_DAV_Auth_Backend_Std | null
*/
2017-12-01 22:55:48 -05:00
private static $instance = null ;
2012-07-08 13:12:58 -04:00
/**
* @ static
* @ return Sabre_DAV_Auth_Backend_Std
*/
2017-12-01 22:55:48 -05:00
public static function getInstance ()
{
if ( is_null ( self :: $instance )) {
self :: $instance = new Sabre_DAV_Auth_Backend_Std ();
2012-07-08 13:12:58 -04:00
}
2017-12-01 22:55:48 -05:00
return self :: $instance ;
2012-07-08 13:12:58 -04:00
}
/**
* @ return array
*/
2017-12-01 22:55:48 -05:00
public function getUsers ()
{
return array ( $this -> currentUser );
}
2012-07-08 13:12:58 -04:00
/**
* @ return null | string
*/
2017-12-01 22:55:48 -05:00
public function getCurrentUser ()
{
return $this -> currentUser ;
}
2012-06-03 14:19:28 -04:00
/**
* Authenticates the user based on the current request .
*
* If authentication is successful , true must be returned .
* If authentication fails , an exception must be thrown .
*
* @ param Sabre_DAV_Server $server
* @ param string $realm
* @ throws Sabre_DAV_Exception_NotAuthenticated
* @ return bool
*/
2017-12-01 22:55:48 -05:00
public function authenticate ( Sabre_DAV_Server $server , $realm )
{
2012-07-08 13:12:58 -04:00
$a = get_app ();
if ( isset ( $a -> user [ " uid " ])) {
$this -> currentUser = strtolower ( $a -> user [ " nickname " ]);
return true ;
}
2012-06-03 14:19:28 -04:00
$auth = new Sabre_HTTP_BasicAuth ();
$auth -> setHTTPRequest ( $server -> httpRequest );
$auth -> setHTTPResponse ( $server -> httpResponse );
$auth -> setRealm ( $realm );
$userpass = $auth -> getUserPass ();
if ( ! $userpass ) {
$auth -> requireLogin ();
throw new Sabre_DAV_Exception_NotAuthenticated ( 'No basic authentication headers were found' );
}
// Authenticates the user
if ( ! $this -> validateUserPass ( $userpass [ 0 ], $userpass [ 1 ])) {
$auth -> requireLogin ();
throw new Sabre_DAV_Exception_NotAuthenticated ( 'Username or password does not match' );
}
$this -> currentUser = strtolower ( $userpass [ 0 ]);
return true ;
}
2012-07-08 13:12:58 -04:00
/**
* @ param string $username
* @ param string $password
* @ return bool
*/
2012-06-03 14:19:28 -04:00
protected function validateUserPass ( $username , $password ) {
2012-07-08 13:12:58 -04:00
$encrypted = hash ( 'whirlpool' , trim ( $password ));
$r = q ( " SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1 " ,
dbesc ( trim ( $username )),
dbesc ( $encrypted )
2012-06-03 14:19:28 -04:00
);
2012-07-08 13:12:58 -04:00
return ( $r [ 0 ][ " anz " ] == 1 );
2012-06-03 14:19:28 -04:00
}
}