commit 854eb47966f770dd736e270453f23a27f28bd807
parent 5338129e364fd6c81ed914ebee83980c0f8040fb
Author: Felicitus <felicitus@felicitus.org>
Date: Sun, 25 Mar 2012 05:05:09 +0200
Added HTTP auth feature
Diffstat:
4 files changed, 62 insertions(+), 15 deletions(-)
diff --git a/config.php.template b/config.php.template
@@ -125,6 +125,15 @@ Configuration::setOption("partkeepr.frontend.allow_password_change", true);
/**
* Specifies the separator for category paths. If you change this, you need to rebuild the category paths by
* executing the script scripts/UpdateCategoryPathCache.php
- *
*/
Configuration::setOption("partkeepr.category.path_separator", " ➤ ");
+
+/**
+ * Set to true if authentication via HTTP is wanted.
+ *
+ * Authentication is then completely handled by your web server. Non-existant users are created automatically.
+ * Make sure you have admin rights transferred prior switching to HTTP auth.
+ *
+ * As soon as you set HTTP auth, you can no longer login and logout in PartKeepr, as this is handled by your web server.
+ */
+Configuration::setOption("partkeepr.auth.http", false);+
\ No newline at end of file
diff --git a/src/frontend/index.php b/src/frontend/index.php
@@ -1,9 +1,11 @@
<?php
namespace de\RaumZeitLabor\PartKeepr\Frontend;
-use de\RaumZeitLabor\PartKeepr\Service\ServiceManager;
-use de\RaumZeitLabor\PartKeepr\PartKeepr;
-use de\RaumZeitLabor\PartKeepr\Util\Configuration;
+use de\RaumZeitLabor\PartKeepr\User\User,
+ de\RaumZeitLabor\PartKeepr\Service\ServiceManager,
+ de\RaumZeitLabor\PartKeepr\PartKeepr,
+ de\RaumZeitLabor\PartKeepr\Session\SessionManager,
+ de\RaumZeitLabor\PartKeepr\Util\Configuration;
include("../src/backend/de/RaumZeitLabor/PartKeepr/PartKeepr.php");
@@ -15,6 +17,28 @@ $aParameters["doctrine_dbal_version"] = \Doctrine\DBAL\Version::VERSION;
$aParameters["doctrine_common_version"] = \Doctrine\Common\Version::VERSION;
$aParameters["php_version"] = phpversion();
+if (Configuration::getOption("partkeepr.auth.http", false) === true) {
+ if (!isset($_SERVER["PHP_AUTH_USER"])) {
+ // @todo Redirect to permission denied page
+ }
+
+ try {
+ $user = User::loadByName($_SERVER['PHP_AUTH_USER']);
+ } catch (\Doctrine\ORM\NoResultException $e) {
+ $user = new User;
+ $user->setUsername($_SERVER['PHP_AUTH_USER']);
+ $user->setPassword("invalid");
+
+ PartKeepr::getEM()->persist($user);
+ PartKeepr::getEM()->flush();
+ }
+
+
+ $session = SessionManager::getInstance()->startSession($user);
+
+ $aParameters["auto_start_session"] = $session->getSessionID();
+}
+
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
@@ -86,10 +110,10 @@ if (Configuration::getOption("partkeepr.frontend.autologin.enabled", false) ===
?>
window.autoLoginUsername = "<?php echo Configuration::getOption("partkeepr.frontend.autologin.username"); ?>";
window.autoLoginPassword = "<?php echo Configuration::getOption("partkeepr.frontend.autologin.password"); ?>";
-window.parameters = <?php echo json_encode($aParameters); ?>;
<?php
}
?>
+window.parameters = <?php echo json_encode($aParameters); ?>;
</script>
</body>
</html>
\ No newline at end of file
diff --git a/src/frontend/js/Components/Session/SessionManager.js b/src/frontend/js/Components/Session/SessionManager.js
@@ -1,7 +1,7 @@
/**
* Represents a session against the PartKeepr Server.
*/
-Ext.define("PartKeepr.Session", {
+Ext.define("PartKeepr.SessionManager", {
extend: 'Ext.util.Observable',
/**
@@ -71,12 +71,18 @@ Ext.define("PartKeepr.Session", {
* @param response The session ID
*/
onAfterLogin: function (response) {
- this.session = response.sessionid;
+ this.setSession(response.sessionid);
this.loginDialog.destroy();
this.fireEvent("login");
},
/**
+ * Sets the session
+ */
+ setSession: function (sessionid) {
+ this.session = sessionid;
+ },
+ /**
* Returns the current session
*
* @returns the session, or null if no session is available
diff --git a/src/frontend/js/PartKeepr.js b/src/frontend/js/PartKeepr.js
@@ -20,19 +20,26 @@ Ext.application({
PartKeepr.setMaxUploadSize(window.maxUploadSize);
PartKeepr.setAvailableImageFormats(window.availableImageFormats);
- // If auto login is wanted (for e.g. demo systems), put it in here
+ this.sessionManager = new PartKeepr.SessionManager();
-
- this.sessionManager = new PartKeepr.Session();
- this.sessionManager.on("login", this.onLogin, this);
-
- if (window.autoLoginUsername) {
- this.sessionManager.login(window.autoLoginUsername, window.autoLoginPassword);
+ /* Automatic session starting is active. This disables login/logout functionality. */
+ if (window.parameters.auto_start_session) {
+ this.getSessionManager().setSession(window.parameters.auto_start_session);
+ this.getStatusbar().connectionButton.hide();
+ this.onLogin();
} else {
- this.sessionManager.login();
+ // If auto login is wanted (for e.g. demo systems), put it in here
+ this.sessionManager.on("login", this.onLogin, this);
+
+ if (window.autoLoginUsername) {
+ this.sessionManager.login(window.autoLoginUsername, window.autoLoginPassword);
+ } else {
+ this.sessionManager.login();
+ }
}
+
Ext.fly(document.body).on('contextmenu', this.onContextMenu, this);
},
onContextMenu: function (e, target) {