[icinga-checkins] icinga.org: icinga-web/r1.2: * Fixed login procedure (fixes #1018)

git at icinga.org git at icinga.org
Mon Nov 22 16:29:29 CET 2010


Module: icinga-web
Branch: r1.2
Commit: 3fc324957c9ffc60d6cc50c7044288f854a1c793
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=3fc324957c9ffc60d6cc50c7044288f854a1c793

Author: Marius Hein <marius.hein at netways.de>
Date:   Mon Nov 22 16:27:45 2010 +0100

* Fixed login procedure (fixes #1018)

---

 .../lib/auth/AppKitIAuthProvider.interface.php     |    2 +-
 .../AppKit/models/Auth/DispatchModel.class.php     |    2 +-
 .../models/Auth/Provider/AuthKeyModel.class.php    |   14 +++++++++++---
 .../models/Auth/Provider/DatabaseModel.class.php   |    6 +++++-
 .../HTTPBasicAuthenticationModel.class.php         |    2 +-
 .../models/Auth/Provider/LDAPModel.class.php       |    2 +-
 .../tdisplay/IcingaTemplateDisplayFormat.class.php |    4 ++++
 7 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/app/modules/AppKit/lib/auth/AppKitIAuthProvider.interface.php b/app/modules/AppKit/lib/auth/AppKitIAuthProvider.interface.php
index a900536..2dff718 100755
--- a/app/modules/AppKit/lib/auth/AppKitIAuthProvider.interface.php
+++ b/app/modules/AppKit/lib/auth/AppKitIAuthProvider.interface.php
@@ -25,7 +25,7 @@ interface AppKitIAuthProvider {
 	 * @param string $password
 	 * @return boolean
 	 */
-	public function doAuthenticate(NsmUser $user, $password);
+	public function doAuthenticate(NsmUser $user, $password, $username=null, $authid=null);
 	
 	/**
 	 * isAvailable
diff --git a/app/modules/AppKit/models/Auth/DispatchModel.class.php b/app/modules/AppKit/models/Auth/DispatchModel.class.php
index 88c3f36..30821cd 100755
--- a/app/modules/AppKit/models/Auth/DispatchModel.class.php
+++ b/app/modules/AppKit/models/Auth/DispatchModel.class.php
@@ -144,7 +144,7 @@ class AppKit_Auth_DispatchModel extends AppKitBaseModel implements AgaviISinglet
 					}
 					
 					// Check password
-					if ($provider->isAuthoritative() && $provider->doAuthenticate($user, $password)) {
+					if ($provider->isAuthoritative() && $provider->doAuthenticate($user, $password, $username, $authid)) {
 						$this->log('Auth.Dispatch: Successfull authentication (provder=%s)', $provider->getProviderName(), AgaviLogger::DEBUG);
 						return $user;
 					}
diff --git a/app/modules/AppKit/models/Auth/Provider/AuthKeyModel.class.php b/app/modules/AppKit/models/Auth/Provider/AuthKeyModel.class.php
index 5e1dd1a..b97c5ea 100644
--- a/app/modules/AppKit/models/Auth/Provider/AuthKeyModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/AuthKeyModel.class.php
@@ -3,13 +3,19 @@
 
 class AppKit_Auth_Provider_AuthKeyModel extends AppKitAuthProviderBaseModel  implements AppKitIAuthProvider{
 
+	protected $parameters_default = array (
+		AppKitIAuthProvider::AUTH_MODE => AppKitIAuthProvider::MODE_SILENT
+	);
+	
 	/**
 	 * (non-PHPdoc)
 	 * @see app/modules/AppKit/lib/auth/AppKitIAuthProvider#doAuthenticate()
 	 */
-	public function doAuthenticate(NsmUser $user, $password) {
+	public function doAuthenticate(NsmUser $user, $password, $username=null, $authid=null) {
 		if ($user instanceof NsmUser && $user->user_id > 0) {
-			return true;
+			if ($user->user_authkey === $username) {
+				return true;
+			}
 		}
 		return false;
 	}
@@ -19,13 +25,15 @@ class AppKit_Auth_Provider_AuthKeyModel extends AppKitAuthProviderBaseModel  imp
 	 * @see app/modules/AppKit/lib/auth/AppKitIAuthProvider#isAvailable()
 	 */
 	public function isAvailable($uid, $authid=null) {
+		
 		$res = Doctrine_Query::create()
 		->select('COUNT(u.user_id) as cnt')
 		->from('NsmUser u')
 		->where('u.user_authkey=? and user_disabled=? and user_authsrc = ?', array($uid, 0,'auth_key'));
 
 		$res = $res->execute(null, Doctrine::HYDRATE_ARRAY);
-		if ($res[0]['cnt'] !== 0) {
+		
+		if (isset($res[0]['cnt']) && $res[0]['cnt'] === 1) {
 			return true;
 		}
 		
diff --git a/app/modules/AppKit/models/Auth/Provider/DatabaseModel.class.php b/app/modules/AppKit/models/Auth/Provider/DatabaseModel.class.php
index 7dfdc69..1f64ee8 100755
--- a/app/modules/AppKit/models/Auth/Provider/DatabaseModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/DatabaseModel.class.php
@@ -6,9 +6,13 @@ class AppKit_Auth_Provider_DatabaseModel extends AppKitAuthProviderBaseModel imp
 	 * (non-PHPdoc)
 	 * @see app/modules/AppKit/lib/auth/AppKitIAuthProvider#doAuthenticate()
 	 */
-	public function doAuthenticate(NsmUser $user, $password) {
+	public function doAuthenticate(NsmUser $user, $password, $username=null, $authid=null) {
 		if ($user instanceof NsmUser && $user->user_id > 0) {
+			
 			$test_hash = hash_hmac(NsmUser::HASH_ALGO, $password, $user->user_salt);
+			
+			$this->log('Auth.Provider.Database: HASH(%s)', $test_hash, AgaviLogger::DEBUG);
+			
 			if ($test_hash === $user->user_password) {
 				return true;
 			}
diff --git a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
index 09b66a4..fea642e 100644
--- a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
@@ -26,7 +26,7 @@ class AppKit_Auth_Provider_HTTPBasicAuthenticationModel extends AppKitAuthProvid
 	private $auth_type = null;
 
 
-	public function doAuthenticate(NsmUser $user, $password) {
+	public function doAuthenticate(NsmUser $user, $password, $username=null, $authid=null) {
 		$tuser = $this->loadUserByDQL($user->user_name);
 
 		if ($tuser && $tuser instanceof NsmUser && $user->user_name == $this->getAuthName()) {
diff --git a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
index 59d09fc..56b4fc1 100755
--- a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
@@ -8,7 +8,7 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
 	 * (non-PHPdoc)
 	 * @see app/modules/AppKit/lib/auth/AppKitIAuthProvider#doAuthenticate()
 	 */
-	public function doAuthenticate(NsmUser $user, $password) {
+	public function doAuthenticate(NsmUser $user, $password, $username=null, $authid=null) {
 		$authid = $user->getAuthId();
 		$username = $user->user_name;
 		
diff --git a/app/modules/Web/lib/tdisplay/IcingaTemplateDisplayFormat.class.php b/app/modules/Web/lib/tdisplay/IcingaTemplateDisplayFormat.class.php
index 4aecbfb..8c68714 100755
--- a/app/modules/Web/lib/tdisplay/IcingaTemplateDisplayFormat.class.php
+++ b/app/modules/Web/lib/tdisplay/IcingaTemplateDisplayFormat.class.php
@@ -45,5 +45,9 @@ class IcingaTemplateDisplayFormat extends IcingaTemplateDisplay {
 		$tm = $this->getAgaviTranslationManager();
 		return $tm->_d($val, $method_params->getParameter('domain', 'date-tstamp'));
 	}
+	
+	public function durationString($val, AgaviParameterHolder $method_params, AgaviParameterHolder $row) {
+		return "LLL";
+	}
 }
 ?>
\ No newline at end of file





More information about the icinga-checkins mailing list