1<?php 2/** 3 * django auth backend 4 * 5 * @author Andreas Gohr <andi@splitbrain.org> 6 * @author Michael Luggen <michael.luggen at unifr.ch> 7 * @author Robert Czechowski <zgtm at zgtm.de> 8 */ 9 10define('DOKU_AUTH', dirname(__FILE__)); 11define('AUTH_USERFILE',DOKU_CONF.'users.auth.php'); 12 13class auth_plugin_authdjango extends DokuWiki_Auth_Plugin { 14 15 var $dbh = null; // db handle 16 17 /** 18 * Constructor. 19 * 20 * Sets additional capabilities and config strings 21 * @author Michael Luggen <michael.luggen at rhone.ch> 22 * @author Robert Czechowski <zgtm at zgtm.de> 23 */ 24 function auth_plugin_authdjango(){ 25 global $config_cascade; 26 global $dbh; 27 28 $this->cando['external'] = true; 29 $this->cando['getGroups'] = true; 30 $this->cando['logout'] = false; 31 32 try { 33 // Connecting, selecting database 34 if ($this->getConf('protocol') == 'sqlite') { 35 $this->dbh = new PDO('sqlite:' . $this->getConf('server')); 36 } 37 else { 38 $this->dbh = new PDO($this->getConf('protocol') . ':host=' . $this->getConf('server') . ';dbname=' . $this->getConf('db'), $this->getConf('user'), $this->getConf('password')); 39 } 40 41 } catch (PDOException $e) { 42 msg("Can not connect to database!", -1); 43 $this->success = false; 44 } 45 $this->success = true; 46 } 47 48 49 function trustExternal($user,$pass,$sticky=false){ 50 global $USERINFO; 51 global $conf; 52 global $dbh; 53 54 $sticky ? $sticky = true : $sticky = false; //sanity check 55 56 /** 57 * Just checks against the django sessionid variable, 58 * gets user info from django-database 59 */ 60 if (isset($_COOKIE['sessionid']) && $this->dbh) { 61 62 $s_id = $_COOKIE['sessionid']; 63 64 // Look the cookie up in the db 65 $query = 'SELECT session_data FROM django_session WHERE session_key=' . $this->dbh->quote($s_id) . ' LIMIT 1;'; 66 $result = $this->dbh->query($query) or die('Query failed1: ' . $this->dbh->errorInfo()); 67 $ar = $result->fetch(PDO::FETCH_ASSOC); 68 $session_data = $ar['session_data']; 69 // TODO: $session_data can now be empty if the session does not exist in database, handle correctly instead of just dying 70 71 //decrypting the session_data 72 $session_json = preg_split('/:/', base64_decode($session_data), 2)[1]; 73 $userid = json_decode($session_json, true)['_auth_user_id']; 74 $query2 = 'SELECT username, first_name, last_name, email FROM auth_user WHERE id=' . $this->dbh->quote($userid) . ' LIMIT 1;'; 75 76 $result2 = $this->dbh->query($query2) or die('Query failed2: ' . print_r($this->dbh->errorInfo())); 77 $user = $result2->fetch(PDO::FETCH_ASSOC); 78 79 $username = $user['username']; 80 $userfullname = $user['first_name'] . " " . $user['last_name']; 81 $useremail = $user['email']; 82 83 // okay we're logged in - set the globals 84 $groups = $this->_getUserGroups($username); 85 86 $USERINFO['name'] = $username; 87 $USERINFO['pass'] = ''; 88 $USERINFO['mail'] = $useremail; 89 $groups[] = 'user'; 90 $USERINFO['grps'] = $groups; 91 92 $_SERVER['REMOTE_USER'] = $username; 93 94 $_SESSION[DOKU_COOKIE]['auth']['user'] = $username; 95 $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; 96 97 return true; 98 } 99 return false; 100 } 101 102 function _getUserGroups($user){ 103 $query = 'SELECT auth_group.name FROM auth_user, auth_user_groups, auth_group where auth_user.username = ' . $this->dbh->quote($user) . ' AND auth_user.id = auth_user_groups.user_id AND auth_user_groups.group_id = auth_group.id;'; 104 105 $result = $this->dbh->query($query) or die('Query failed3: ' . $this->dbh->errorInfo()); 106 $a = 0; 107 foreach ($result as $row) { 108 $groups[$a] = $row[0]; 109 $a++; 110 }; 111 112 return $groups; 113 } 114 115 function retrieveGroups($start=0,$limit=0){ 116 $query = 'SELECT auth_group.name FROM auth_group'; 117 118 $result = $this->dbh->query($query) or die('Query failed4: ' . $this->dbh->errorInfo()); 119 $a = 0; 120 foreach ($result as $row) { 121 $groups[$a] = $row[0]; 122 $a++; 123 }; 124 125 return $groups; 126 } 127 128 function __destruct() { 129 $this->dbh = null; 130 } 131} 132