xref: /plugin/authwordpress/auth.php (revision 5a63294461eefe7c94611e764d3fe8d571b03e90) 
124cd6f55SDamien Regad<?php
224cd6f55SDamien Regad/**
324cd6f55SDamien Regad * DokuWiki Plugin authwordpress (Auth Component)
424cd6f55SDamien Regad *
535dd80b8SDamien Regad * Provides authentication against a WordPress MySQL database backend
635dd80b8SDamien Regad *
735dd80b8SDamien Regad * This program is free software; you can redistribute it and/or modify
835dd80b8SDamien Regad * it under the terms of the GNU General Public License as published by
935dd80b8SDamien Regad * the Free Software Foundation; version 2 of the License
1035dd80b8SDamien Regad *
1135dd80b8SDamien Regad * This program is distributed in the hope that it will be useful,
1235dd80b8SDamien Regad * but WITHOUT ANY WARRANTY; without even the implied warranty of
1335dd80b8SDamien Regad * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
1435dd80b8SDamien Regad * GNU General Public License for more details.
1535dd80b8SDamien Regad *
1635dd80b8SDamien Regad * See the COPYING file in your DokuWiki folder for details
1735dd80b8SDamien Regad *
1824cd6f55SDamien Regad * @author     Damien Regad <dregad@mantisbt.org>
1935dd80b8SDamien Regad * @copyright  2015 Damien Regad
2035dd80b8SDamien Regad * @license    GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
21b5b72c15SDamien Regad * @version    1.1
2235dd80b8SDamien Regad * @link       https://github.com/dregad/dokuwiki-authwordpress
2324cd6f55SDamien Regad */
2424cd6f55SDamien Regad
2535dd80b8SDamien Regad
2624cd6f55SDamien Regad// must be run within Dokuwiki
2724cd6f55SDamien Regadif(!defined('DOKU_INC')) die();
2824cd6f55SDamien Regad
2935dd80b8SDamien Regad/**
3035dd80b8SDamien Regad * WordPress password hashing framework
3135dd80b8SDamien Regad */
3235dd80b8SDamien Regadrequire_once('class-phpass.php');
3335dd80b8SDamien Regad
3435dd80b8SDamien Regad/**
3535dd80b8SDamien Regad * Authentication class
3635dd80b8SDamien Regad */
3724cd6f55SDamien Regadclass auth_plugin_authwordpress extends DokuWiki_Auth_Plugin {
3824cd6f55SDamien Regad
3935dd80b8SDamien Regad	/**
4035dd80b8SDamien Regad	 * SQL statement to retrieve User data from WordPress DB
4135dd80b8SDamien Regad	 * (including group memberships)
42b5b72c15SDamien Regad	 * '%prefix%' will be replaced by the actual prefix (from plugin config)
4335dd80b8SDamien Regad	 */
44b5b72c15SDamien Regad	private $sql_wp_user_data = "SELECT
4535dd80b8SDamien Regad			id, user_login, user_pass, user_email, display_name,
4635dd80b8SDamien Regad			meta_value AS groups
47b5b72c15SDamien Regad		FROM %prefix%users u
48b5b72c15SDamien Regad		JOIN %prefix%usermeta m ON u.id = m.user_id
49*5a632944SDamien Regad		WHERE meta_key = '%prefix%capabilities'
5035dd80b8SDamien Regad		AND user_login = :user";
5124cd6f55SDamien Regad
5224cd6f55SDamien Regad	/**
5324cd6f55SDamien Regad	 * Constructor.
5424cd6f55SDamien Regad	 */
5524cd6f55SDamien Regad	public function __construct() {
5635dd80b8SDamien Regad		parent::__construct();
5724cd6f55SDamien Regad
5835dd80b8SDamien Regad		// Try to establish a connection to the WordPress DB
5935dd80b8SDamien Regad		// abort in case of failure
6035dd80b8SDamien Regad		try {
6135dd80b8SDamien Regad			$wp_db = $this->wp_connect();
6235dd80b8SDamien Regad		}
6335dd80b8SDamien Regad		catch (Exception $e) {
6435dd80b8SDamien Regad			msg(sprintf($this->getLang('error_connect_failed'), $e->getMessage()));
6535dd80b8SDamien Regad			$this->success = false;
6635dd80b8SDamien Regad			return;
6735dd80b8SDamien Regad		}
6824cd6f55SDamien Regad
69b5b72c15SDamien Regad		// Initialize SQL query with configured prefix
70b5b72c15SDamien Regad		$this->sql_wp_user_data = str_replace(
71b5b72c15SDamien Regad			'%prefix%',
72b5b72c15SDamien Regad			$this->getConf('prefix'),
73b5b72c15SDamien Regad			$this->sql_wp_user_data
74b5b72c15SDamien Regad		);
75b5b72c15SDamien Regad
7624cd6f55SDamien Regad		$this->success = true;
7724cd6f55SDamien Regad	}
7824cd6f55SDamien Regad
7924cd6f55SDamien Regad
8024cd6f55SDamien Regad	/**
8124cd6f55SDamien Regad	 * Check user+password
8224cd6f55SDamien Regad	 *
8324cd6f55SDamien Regad	 * @param   string $user the user name
8424cd6f55SDamien Regad	 * @param   string $pass the clear text password
8524cd6f55SDamien Regad	 * @return  bool
8635dd80b8SDamien Regad	 *
8735dd80b8SDamien Regad	 * @uses PasswordHash::CheckPassword WordPress password hasher
8824cd6f55SDamien Regad	 */
8924cd6f55SDamien Regad	public function checkPass($user, $pass) {
9035dd80b8SDamien Regad		$data = $this->getUserData($user);
9135dd80b8SDamien Regad		if ($data === false) {
9235dd80b8SDamien Regad			return false;
9324cd6f55SDamien Regad		}
9424cd6f55SDamien Regad
9535dd80b8SDamien Regad		$hasher = new PasswordHash(8, true);
9635dd80b8SDamien Regad		return $hasher->CheckPassword($pass, $data['pass']);
9735dd80b8SDamien Regad	}
9835dd80b8SDamien Regad
9935dd80b8SDamien Regad
10024cd6f55SDamien Regad	/**
10135dd80b8SDamien Regad	 * Returns info about the given user
10224cd6f55SDamien Regad	 *
10324cd6f55SDamien Regad	 * @param   string $user the user name
10424cd6f55SDamien Regad	 * @return  array containing user data or false
10524cd6f55SDamien Regad	 */
10635dd80b8SDamien Regad	function getUserData($user, $requireGroups=true) {
10735dd80b8SDamien Regad		global $conf;
10835dd80b8SDamien Regad
10935dd80b8SDamien Regad		$wp_db = $this->wp_connect();
110b5b72c15SDamien Regad		$stmt = $wp_db->prepare($this->sql_wp_user_data);
11135dd80b8SDamien Regad		$stmt->bindParam(':user', $user);
11235dd80b8SDamien Regad
11335dd80b8SDamien Regad		if (!$stmt->execute()) {
1149520968dSDamien Regad			// Query execution failed
11524cd6f55SDamien Regad			return false;
11624cd6f55SDamien Regad		}
1179520968dSDamien Regad
1189520968dSDamien Regad		$user = $stmt->fetch(PDO::FETCH_ASSOC);
1199520968dSDamien Regad		if ($user === false) {
1209520968dSDamien Regad			// Unknown user
1219520968dSDamien Regad			return false;
1229520968dSDamien Regad		}
12324cd6f55SDamien Regad
12435dd80b8SDamien Regad		// Group membership - add DokuWiki's default group
12535dd80b8SDamien Regad		$groups = array_keys(unserialize($user['groups']));
12635dd80b8SDamien Regad		$groups[] = $conf['defaultgroup'];
12724cd6f55SDamien Regad
12835dd80b8SDamien Regad		$info = array(
12935dd80b8SDamien Regad			'user' => $user['user_login'],
13035dd80b8SDamien Regad			'name' => $user['display_name'],
13135dd80b8SDamien Regad			'pass' => $user['user_pass'],
13235dd80b8SDamien Regad			'mail' => $user['user_email'],
13335dd80b8SDamien Regad			'grps' => $groups,
13435dd80b8SDamien Regad		);
13535dd80b8SDamien Regad		return $info;
13624cd6f55SDamien Regad	}
13724cd6f55SDamien Regad
13824cd6f55SDamien Regad
13924cd6f55SDamien Regad	/**
14035dd80b8SDamien Regad	 * Connect to Wordpress database
14124cd6f55SDamien Regad	 *
14235dd80b8SDamien Regad	 * @return PDO object
14324cd6f55SDamien Regad	 */
14435dd80b8SDamien Regad	private function wp_connect() {
14535dd80b8SDamien Regad		$dsn = array(
14635dd80b8SDamien Regad			'host=' . $this->getConf('hostname'),
14735dd80b8SDamien Regad			'dbname=' . $this->getConf('database'),
14835dd80b8SDamien Regad		);
14935dd80b8SDamien Regad		$port = $this->getConf('port');
15035dd80b8SDamien Regad		if ($port) {
15135dd80b8SDamien Regad			$dsn[] = 'port=' . $port;
15235dd80b8SDamien Regad		}
15335dd80b8SDamien Regad		$dsn = 'mysql:' . implode(';', $dsn);
15435dd80b8SDamien Regad
15535dd80b8SDamien Regad		return new PDO($dsn, $this->getConf('username'), $this->getConf('password'));
15624cd6f55SDamien Regad	}
15724cd6f55SDamien Regad
15824cd6f55SDamien Regad}
15924cd6f55SDamien Regad
1600e6cb03cSDamien Regad// vim:ts=4:sw=4:noet:
161