124cd6f55SDamien Regad<?php 224cd6f55SDamien Regad/** 324cd6f55SDamien Regad * DokuWiki Plugin authwordpress (Auth Component) 424cd6f55SDamien Regad * 5*35dd80b8SDamien Regad * Provides authentication against a WordPress MySQL database backend 6*35dd80b8SDamien Regad * 7*35dd80b8SDamien Regad * This program is free software; you can redistribute it and/or modify 8*35dd80b8SDamien Regad * it under the terms of the GNU General Public License as published by 9*35dd80b8SDamien Regad * the Free Software Foundation; version 2 of the License 10*35dd80b8SDamien Regad * 11*35dd80b8SDamien Regad * This program is distributed in the hope that it will be useful, 12*35dd80b8SDamien Regad * but WITHOUT ANY WARRANTY; without even the implied warranty of 13*35dd80b8SDamien Regad * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14*35dd80b8SDamien Regad * GNU General Public License for more details. 15*35dd80b8SDamien Regad * 16*35dd80b8SDamien Regad * See the COPYING file in your DokuWiki folder for details 17*35dd80b8SDamien Regad * 1824cd6f55SDamien Regad * @author Damien Regad <dregad@mantisbt.org> 19*35dd80b8SDamien Regad * @copyright 2015 Damien Regad 20*35dd80b8SDamien Regad * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 21*35dd80b8SDamien Regad * @version 1.0 22*35dd80b8SDamien Regad * @link https://github.com/dregad/dokuwiki-authwordpress 2324cd6f55SDamien Regad */ 2424cd6f55SDamien Regad 25*35dd80b8SDamien Regad 2624cd6f55SDamien Regad// must be run within Dokuwiki 2724cd6f55SDamien Regadif(!defined('DOKU_INC')) die(); 2824cd6f55SDamien Regad 29*35dd80b8SDamien Regad/** 30*35dd80b8SDamien Regad * WordPress password hashing framework 31*35dd80b8SDamien Regad */ 32*35dd80b8SDamien Regadrequire_once('class-phpass.php'); 33*35dd80b8SDamien Regad 34*35dd80b8SDamien Regad/** 35*35dd80b8SDamien Regad * Authentication class 36*35dd80b8SDamien Regad */ 3724cd6f55SDamien Regadclass auth_plugin_authwordpress extends DokuWiki_Auth_Plugin { 3824cd6f55SDamien Regad 39*35dd80b8SDamien Regad /** 40*35dd80b8SDamien Regad * SQL statement to retrieve User data from WordPress DB 41*35dd80b8SDamien Regad * (including group memberships) 42*35dd80b8SDamien Regad */ 43*35dd80b8SDamien Regad const SQL_WP_USER_DATA = "SELECT 44*35dd80b8SDamien Regad id, user_login, user_pass, user_email, display_name, 45*35dd80b8SDamien Regad meta_value AS groups 46*35dd80b8SDamien Regad FROM wp_users u 47*35dd80b8SDamien Regad JOIN wp_usermeta m ON u.id = m.user_id 48*35dd80b8SDamien Regad WHERE meta_key = 'wp_capabilities' 49*35dd80b8SDamien Regad AND user_login = :user"; 5024cd6f55SDamien Regad 5124cd6f55SDamien Regad /** 5224cd6f55SDamien Regad * Constructor. 5324cd6f55SDamien Regad */ 5424cd6f55SDamien Regad public function __construct() { 55*35dd80b8SDamien Regad parent::__construct(); 5624cd6f55SDamien Regad 57*35dd80b8SDamien Regad // Try to establish a connection to the WordPress DB 58*35dd80b8SDamien Regad // abort in case of failure 59*35dd80b8SDamien Regad try { 60*35dd80b8SDamien Regad $wp_db = $this->wp_connect(); 61*35dd80b8SDamien Regad } 62*35dd80b8SDamien Regad catch (Exception $e) { 63*35dd80b8SDamien Regad msg(sprintf($this->getLang('error_connect_failed'), $e->getMessage())); 64*35dd80b8SDamien Regad $this->success = false; 65*35dd80b8SDamien Regad return; 66*35dd80b8SDamien Regad } 6724cd6f55SDamien Regad 6824cd6f55SDamien Regad $this->success = true; 6924cd6f55SDamien Regad } 7024cd6f55SDamien Regad 7124cd6f55SDamien Regad 7224cd6f55SDamien Regad /** 7324cd6f55SDamien Regad * Check user+password 7424cd6f55SDamien Regad * 7524cd6f55SDamien Regad * @param string $user the user name 7624cd6f55SDamien Regad * @param string $pass the clear text password 7724cd6f55SDamien Regad * @return bool 78*35dd80b8SDamien Regad * 79*35dd80b8SDamien Regad * @uses PasswordHash::CheckPassword WordPress password hasher 8024cd6f55SDamien Regad */ 8124cd6f55SDamien Regad public function checkPass($user, $pass) { 82*35dd80b8SDamien Regad $data = $this->getUserData($user); 83*35dd80b8SDamien Regad if ($data === false) { 84*35dd80b8SDamien Regad return false; 8524cd6f55SDamien Regad } 8624cd6f55SDamien Regad 87*35dd80b8SDamien Regad $hasher = new PasswordHash(8, true); 88*35dd80b8SDamien Regad return $hasher->CheckPassword($pass, $data['pass']); 89*35dd80b8SDamien Regad } 90*35dd80b8SDamien Regad 91*35dd80b8SDamien Regad 9224cd6f55SDamien Regad /** 93*35dd80b8SDamien Regad * Returns info about the given user 9424cd6f55SDamien Regad * 9524cd6f55SDamien Regad * @param string $user the user name 9624cd6f55SDamien Regad * @return array containing user data or false 9724cd6f55SDamien Regad */ 98*35dd80b8SDamien Regad function getUserData($user, $requireGroups=true) { 99*35dd80b8SDamien Regad global $conf; 100*35dd80b8SDamien Regad 101*35dd80b8SDamien Regad $wp_db = $this->wp_connect(); 102*35dd80b8SDamien Regad $stmt = $wp_db->prepare(self::SQL_WP_USER_DATA); 103*35dd80b8SDamien Regad $stmt->bindParam(':user', $user); 104*35dd80b8SDamien Regad 105*35dd80b8SDamien Regad if (!$stmt->execute()) { 10624cd6f55SDamien Regad return false; 10724cd6f55SDamien Regad } 108*35dd80b8SDamien Regad $user = $stmt->fetch(); 10924cd6f55SDamien Regad 110*35dd80b8SDamien Regad // Group membership - add DokuWiki's default group 111*35dd80b8SDamien Regad $groups = array_keys(unserialize($user['groups'])); 112*35dd80b8SDamien Regad $groups[] = $conf['defaultgroup']; 11324cd6f55SDamien Regad 114*35dd80b8SDamien Regad $info = array( 115*35dd80b8SDamien Regad 'user' => $user['user_login'], 116*35dd80b8SDamien Regad 'name' => $user['display_name'], 117*35dd80b8SDamien Regad 'pass' => $user['user_pass'], 118*35dd80b8SDamien Regad 'mail' => $user['user_email'], 119*35dd80b8SDamien Regad 'grps' => $groups, 120*35dd80b8SDamien Regad ); 121*35dd80b8SDamien Regad return $info; 12224cd6f55SDamien Regad } 12324cd6f55SDamien Regad 12424cd6f55SDamien Regad 12524cd6f55SDamien Regad /** 126*35dd80b8SDamien Regad * Connect to Wordpress database 12724cd6f55SDamien Regad * 128*35dd80b8SDamien Regad * @return PDO object 12924cd6f55SDamien Regad */ 130*35dd80b8SDamien Regad private function wp_connect() { 131*35dd80b8SDamien Regad $dsn = array( 132*35dd80b8SDamien Regad 'host=' . $this->getConf('hostname'), 133*35dd80b8SDamien Regad 'dbname=' . $this->getConf('database'), 134*35dd80b8SDamien Regad ); 135*35dd80b8SDamien Regad $port = $this->getConf('port'); 136*35dd80b8SDamien Regad if ($port) { 137*35dd80b8SDamien Regad $dsn[] = 'port=' . $port; 138*35dd80b8SDamien Regad } 139*35dd80b8SDamien Regad $dsn = 'mysql:' . implode(';', $dsn); 140*35dd80b8SDamien Regad 141*35dd80b8SDamien Regad return new PDO($dsn, $this->getConf('username'), $this->getConf('password')); 14224cd6f55SDamien Regad } 14324cd6f55SDamien Regad 14424cd6f55SDamien Regad} 14524cd6f55SDamien Regad 14624cd6f55SDamien Regad// vim:ts=4:sw=4:et: