2018-01-10 19:06:00 -05:00
|
|
|
<?php
|
2019-10-10 19:21:41 -04:00
|
|
|
|
2018-01-21 13:33:59 -05:00
|
|
|
/**
|
|
|
|
* @file src/Module/Login.php
|
|
|
|
*/
|
2019-10-10 19:21:41 -04:00
|
|
|
|
2019-12-27 16:19:28 -05:00
|
|
|
namespace Friendica\Module\Security;
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
use Friendica\BaseModule;
|
|
|
|
use Friendica\Core\Config;
|
2018-12-26 01:06:24 -05:00
|
|
|
use Friendica\Core\Hook;
|
2018-01-21 13:33:59 -05:00
|
|
|
use Friendica\Core\L10n;
|
2018-10-31 10:35:50 -04:00
|
|
|
use Friendica\Core\Renderer;
|
2019-05-13 00:55:26 -04:00
|
|
|
use Friendica\Core\Session;
|
2019-12-15 16:34:11 -05:00
|
|
|
use Friendica\DI;
|
2019-12-27 16:19:28 -05:00
|
|
|
use Friendica\Module\Register;
|
2018-11-08 10:14:37 -05:00
|
|
|
use Friendica\Util\Strings;
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Login module
|
|
|
|
*
|
2018-09-15 19:28:38 -04:00
|
|
|
* @author Hypolite Petovan <hypolite@mrpetovan.com>
|
2018-01-10 19:06:00 -05:00
|
|
|
*/
|
|
|
|
class Login extends BaseModule
|
|
|
|
{
|
2019-11-05 16:48:54 -05:00
|
|
|
public static function content(array $parameters = [])
|
2018-01-10 19:06:00 -05:00
|
|
|
{
|
|
|
|
if (local_user()) {
|
2019-12-15 18:28:31 -05:00
|
|
|
DI::baseUrl()->redirect();
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|
|
|
|
|
2019-05-26 16:15:38 -04:00
|
|
|
return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|
|
|
|
|
2019-11-05 16:48:54 -05:00
|
|
|
public static function post(array $parameters = [])
|
2018-01-10 19:06:00 -05:00
|
|
|
{
|
2019-05-26 16:15:38 -04:00
|
|
|
$return_path = Session::get('return_path');
|
2019-12-03 16:29:37 -05:00
|
|
|
Session::clear();
|
2019-05-26 16:15:38 -04:00
|
|
|
Session::set('return_path', $return_path);
|
2019-01-13 13:03:13 -05:00
|
|
|
|
2018-01-10 19:06:00 -05:00
|
|
|
// OpenId Login
|
|
|
|
if (
|
2018-02-09 00:08:01 -05:00
|
|
|
empty($_POST['password'])
|
2019-10-10 19:21:41 -04:00
|
|
|
&& (!empty($_POST['openid_url'])
|
|
|
|
|| !empty($_POST['username']))
|
2018-01-10 19:06:00 -05:00
|
|
|
) {
|
2019-10-15 09:20:32 -04:00
|
|
|
$openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
|
2018-01-10 19:06:00 -05:00
|
|
|
|
2019-12-15 17:28:01 -05:00
|
|
|
DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
|
2018-02-09 00:08:01 -05:00
|
|
|
}
|
2018-01-10 19:06:00 -05:00
|
|
|
|
2018-11-30 09:06:22 -05:00
|
|
|
if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
|
2019-12-15 17:28:01 -05:00
|
|
|
DI::auth()->withPassword(
|
2019-12-15 16:34:11 -05:00
|
|
|
DI::app(),
|
2018-02-09 00:08:01 -05:00
|
|
|
trim($_POST['username']),
|
|
|
|
trim($_POST['password']),
|
2019-12-03 16:29:37 -05:00
|
|
|
!empty($_POST['remember'])
|
2018-02-09 00:08:01 -05:00
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Wrapper for adding a login box.
|
|
|
|
*
|
2019-01-06 16:06:53 -05:00
|
|
|
* @param string $return_path The path relative to the base the user should be sent
|
|
|
|
* back to after login completes
|
|
|
|
* @param bool $register If $register == true provide a registration link.
|
|
|
|
* This will most always depend on the value of config.register_policy.
|
|
|
|
* @param array $hiddens optional
|
2018-01-10 19:06:00 -05:00
|
|
|
*
|
|
|
|
* @return string Returns the complete html for inserting into the page
|
|
|
|
*
|
2019-01-06 16:06:53 -05:00
|
|
|
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
|
2018-01-10 19:06:00 -05:00
|
|
|
* @hooks 'login_hook' string $o
|
|
|
|
*/
|
2018-10-19 17:55:11 -04:00
|
|
|
public static function form($return_path = null, $register = false, $hiddens = [])
|
2018-01-10 19:06:00 -05:00
|
|
|
{
|
2019-12-15 16:34:11 -05:00
|
|
|
$a = DI::app();
|
2018-01-10 19:06:00 -05:00
|
|
|
$o = '';
|
2019-10-24 16:23:26 -04:00
|
|
|
|
|
|
|
$noid = Config::get('system', 'no_openid');
|
|
|
|
|
|
|
|
if ($noid) {
|
|
|
|
Session::remove('openid_identity');
|
|
|
|
Session::remove('openid_attributes');
|
|
|
|
}
|
|
|
|
|
2018-01-10 19:06:00 -05:00
|
|
|
$reg = false;
|
2019-12-15 17:44:33 -05:00
|
|
|
if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
|
2018-01-15 08:05:12 -05:00
|
|
|
$reg = [
|
2018-01-22 09:54:13 -05:00
|
|
|
'title' => L10n::t('Create a New Account'),
|
2019-10-24 16:23:26 -04:00
|
|
|
'desc' => L10n::t('Register'),
|
|
|
|
'url' => self::getRegisterURL()
|
2018-01-15 08:05:12 -05:00
|
|
|
];
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|
|
|
|
|
2018-10-19 17:55:11 -04:00
|
|
|
if (is_null($return_path)) {
|
|
|
|
$return_path = $a->query_string;
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if (local_user()) {
|
2018-10-31 10:44:06 -04:00
|
|
|
$tpl = Renderer::getMarkupTemplate('logout.tpl');
|
2018-01-10 19:06:00 -05:00
|
|
|
} else {
|
2018-10-31 10:35:50 -04:00
|
|
|
$a->page['htmlhead'] .= Renderer::replaceMacros(
|
2018-10-31 10:44:06 -04:00
|
|
|
Renderer::getMarkupTemplate('login_head.tpl'),
|
2018-01-10 19:06:00 -05:00
|
|
|
[
|
2018-10-09 13:58:58 -04:00
|
|
|
'$baseurl' => $a->getBaseURL(true)
|
2018-01-10 19:06:00 -05:00
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2018-10-31 10:44:06 -04:00
|
|
|
$tpl = Renderer::getMarkupTemplate('login.tpl');
|
2018-10-19 17:55:11 -04:00
|
|
|
$_SESSION['return_path'] = $return_path;
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|
|
|
|
|
2019-10-24 16:23:26 -04:00
|
|
|
if (!empty(Session::get('openid_identity'))) {
|
|
|
|
$openid_title = L10n::t('Your OpenID: ');
|
|
|
|
$openid_readonly = true;
|
|
|
|
$identity = Session::get('openid_identity');
|
|
|
|
$username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
|
|
|
|
} else {
|
|
|
|
$openid_title = L10n::t('Or login using OpenID: ');
|
|
|
|
$openid_readonly = false;
|
|
|
|
$identity = '';
|
|
|
|
$username_desc = '';
|
|
|
|
}
|
|
|
|
|
2018-10-31 10:35:50 -04:00
|
|
|
$o .= Renderer::replaceMacros(
|
2018-01-10 19:06:00 -05:00
|
|
|
$tpl,
|
|
|
|
[
|
2019-12-15 16:34:11 -05:00
|
|
|
'$dest_url' => DI::app()->getBaseURL(true) . '/login',
|
2018-01-22 09:54:13 -05:00
|
|
|
'$logout' => L10n::t('Logout'),
|
|
|
|
'$login' => L10n::t('Login'),
|
2018-01-10 19:06:00 -05:00
|
|
|
|
2019-10-24 16:23:26 -04:00
|
|
|
'$lname' => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
|
2018-01-22 09:54:13 -05:00
|
|
|
'$lpassword' => ['password', L10n::t('Password: '), '', ''],
|
|
|
|
'$lremember' => ['remember', L10n::t('Remember me'), 0, ''],
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
'$openid' => !$noid,
|
2019-10-24 16:23:26 -04:00
|
|
|
'$lopenid' => ['openid_url', $openid_title, $identity, '', $openid_readonly],
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
'$hiddens' => $hiddens,
|
|
|
|
|
|
|
|
'$register' => $reg,
|
|
|
|
|
2018-01-22 09:54:13 -05:00
|
|
|
'$lostpass' => L10n::t('Forgot your password?'),
|
|
|
|
'$lostlink' => L10n::t('Password Reset'),
|
2018-01-10 19:06:00 -05:00
|
|
|
|
2018-01-22 09:54:13 -05:00
|
|
|
'$tostitle' => L10n::t('Website Terms of Service'),
|
|
|
|
'$toslink' => L10n::t('terms of service'),
|
2018-01-10 19:06:00 -05:00
|
|
|
|
2018-01-22 09:54:13 -05:00
|
|
|
'$privacytitle' => L10n::t('Website Privacy Policy'),
|
|
|
|
'$privacylink' => L10n::t('privacy policy'),
|
2018-01-10 19:06:00 -05:00
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2018-12-26 01:06:24 -05:00
|
|
|
Hook::callAll('login_hook', $o);
|
2018-01-10 19:06:00 -05:00
|
|
|
|
|
|
|
return $o;
|
|
|
|
}
|
2019-10-24 16:23:26 -04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the URL to the register page and add OpenID parameters to it
|
|
|
|
*/
|
|
|
|
private static function getRegisterURL()
|
|
|
|
{
|
|
|
|
if (empty(Session::get('openid_identity'))) {
|
|
|
|
return 'register';
|
|
|
|
}
|
|
|
|
|
2019-10-28 16:38:53 -04:00
|
|
|
$args = [];
|
2019-10-29 09:26:54 -04:00
|
|
|
$attr = Session::get('openid_attributes', []);
|
2019-10-24 16:23:26 -04:00
|
|
|
|
|
|
|
if (is_array($attr) && count($attr)) {
|
|
|
|
foreach ($attr as $k => $v) {
|
|
|
|
if ($k === 'namePerson/friendly') {
|
|
|
|
$nick = Strings::escapeTags(trim($v));
|
|
|
|
}
|
|
|
|
if ($k === 'namePerson/first') {
|
|
|
|
$first = Strings::escapeTags(trim($v));
|
|
|
|
}
|
|
|
|
if ($k === 'namePerson') {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['username'] = Strings::escapeTags(trim($v));
|
2019-10-24 16:23:26 -04:00
|
|
|
}
|
|
|
|
if ($k === 'contact/email') {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['email'] = Strings::escapeTags(trim($v));
|
2019-10-24 16:23:26 -04:00
|
|
|
}
|
|
|
|
if ($k === 'media/image/aspect11') {
|
|
|
|
$photosq = bin2hex(trim($v));
|
|
|
|
}
|
|
|
|
if ($k === 'media/image/default') {
|
|
|
|
$photo = bin2hex(trim($v));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!empty($nick)) {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['nickname'] = $nick;
|
2019-10-24 16:23:26 -04:00
|
|
|
} elseif (!empty($first)) {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['nickname'] = $first;
|
2019-10-24 16:23:26 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!empty($photosq)) {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['photo'] = $photosq;
|
2019-10-24 16:23:26 -04:00
|
|
|
} elseif (!empty($photo)) {
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['photo'] = $photo;
|
2019-10-24 16:23:26 -04:00
|
|
|
}
|
|
|
|
|
2019-10-28 16:38:53 -04:00
|
|
|
$args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
|
2019-10-24 16:23:26 -04:00
|
|
|
|
2019-10-28 16:38:53 -04:00
|
|
|
return 'register?' . http_build_query($args);
|
2019-10-24 16:23:26 -04:00
|
|
|
}
|
2018-01-10 19:06:00 -05:00
|
|
|
}
|