added class mxDatabase; store credentials; implement login.php
This commit is contained in:
105
public/login.php
Normal file
105
public/login.php
Normal file
@@ -0,0 +1,105 @@
|
||||
<?php
|
||||
$response = [
|
||||
"auth" => [
|
||||
"success" => false,
|
||||
]
|
||||
];
|
||||
|
||||
require_once("config.php");
|
||||
require_once("database.php");
|
||||
abstract class LoginRequester {
|
||||
const UNDEFINED = 0;
|
||||
const MXISD = 1;
|
||||
const RestAuth = 2;
|
||||
}
|
||||
$loginRequester = LoginRequester::UNDEFINED;
|
||||
|
||||
try {
|
||||
$input = json_decode('
|
||||
{
|
||||
"user": {
|
||||
"id": "@matrix.id.of.the.user:example.com",
|
||||
"password": "passwordOfTheUser"
|
||||
}
|
||||
}
|
||||
',true);
|
||||
$mxid = NULL;
|
||||
$localpart = NULL;
|
||||
if (isset($input["user"])) {
|
||||
if (isset($input["user"]["localpart"])) {
|
||||
$localpart = $input["user"]["localpart"];
|
||||
$loginRequester = LoginRequester::MXISD;
|
||||
} elseif (isset($input["user"]["id"])) {
|
||||
// compatibility for matrix-synapse-rest-auth
|
||||
$mxid = $input["user"]["id"];
|
||||
$loginRequester = LoginRequester::RestAuth;
|
||||
} elseif (isset($input["user"]["mxid"])) {
|
||||
// compatibility for mxisd
|
||||
$mxid = $input["user"]["mxid"];
|
||||
$loginRequester = LoginRequester::MXISD;
|
||||
}
|
||||
}
|
||||
|
||||
// prefer the localpart attribute of mxisd. But in case of matrix-synapse-rest-auth
|
||||
// we have to parse it on our own
|
||||
if (empty($localpart) && !empty($mxid)) {
|
||||
// A mxid would start with an @ so we start at the 2. position
|
||||
$sepPos = strpos($mxid,':', 1);
|
||||
if ($sepPos === false) {
|
||||
// : not found. Assume mxid is localpart
|
||||
// TODO: further checks
|
||||
$localpart = $mxid;
|
||||
} else {
|
||||
$localpart = substr($mxid, 1, strpos($mxid,':') - 1 );
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($localpart)) {
|
||||
throw new Exception ("localpart cannot be identified");
|
||||
}
|
||||
|
||||
$password = NULL;
|
||||
if (isset($input["user"]) && isset($input["user"]["password"])) {
|
||||
$password = $input["user"]["password"];
|
||||
}
|
||||
if (empty($password)) {
|
||||
throw new Exception ("password is not present");
|
||||
}
|
||||
|
||||
$user = $mx_db->getUserForLogin($localpart, $password);
|
||||
if (!$user) {
|
||||
throw new Exception("user not found or password did not match");
|
||||
}
|
||||
$response["auth"]["success"] = true;
|
||||
$response["auth"]["profile"] = [
|
||||
"display_name" => $user["first_name"] . " " . $user["first_name"],
|
||||
"three_pids" => [
|
||||
[
|
||||
"medium" => "email",
|
||||
"address" => $user["email"],
|
||||
],
|
||||
],
|
||||
];
|
||||
|
||||
switch ($loginRequester) {
|
||||
case LoginRequester::RestAuth:
|
||||
$response["auth"]["mxid"] = $mxid;
|
||||
break;
|
||||
case LoginRequester::MXISD;
|
||||
$response["auth"]["id"] = [
|
||||
"type" => "localpart",
|
||||
"value" => $localpart,
|
||||
];
|
||||
break;
|
||||
default:
|
||||
// only return that it was successful.
|
||||
// we do not know how the data shall be transmitted so we do nothing with it
|
||||
$response["auth"]["success"] = false;
|
||||
break;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
error_log("Auth failed with error: " . $e->getMessage());
|
||||
//$response["auth"]["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
?>
|
||||
@@ -7,7 +7,6 @@ if (!file_exists("../config.php")) {
|
||||
exit();
|
||||
}
|
||||
require_once "../config.php";
|
||||
require_once "../mail_templates.php";
|
||||
|
||||
// enforce admin via https
|
||||
if (!isset($_SERVER['HTTPS'])) {
|
||||
@@ -17,8 +16,6 @@ if (!isset($_SERVER['HTTPS'])) {
|
||||
|
||||
session_start();
|
||||
|
||||
require_once("../database.php");
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
try {
|
||||
if (!isset($_SESSION["token"]) || !isset($_POST["token"]) || $_SESSION["token"] != $_POST["token"]) {
|
||||
@@ -53,48 +50,27 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
|
||||
$note = filter_var($_POST["note"], FILTER_SANITIZE_STRING);
|
||||
$email = filter_var($_POST["email"], FILTER_VALIDATE_EMAIL);
|
||||
$verify_token = bin2hex(random_bytes(16));
|
||||
$admin_token = bin2hex(random_bytes(16));
|
||||
|
||||
# $first="test"; $last="test2"; $user="test3"; $note="empty"; $email="mail+test1@matthias-kesler.de";
|
||||
require_once("../database.php");
|
||||
$res = $mx_db->addRegistration($first_name, $last_name, $username, $note, $email);
|
||||
|
||||
$sql = "SELECT COUNT(*) FROM registrations WHERE username = '" . $username . "' AND NOT state = "
|
||||
. RegisterState::RegistrationDeclined . " LIMIT 1;";
|
||||
$res = $db->query($sql);
|
||||
if ($res->fetchColumn() > 0) {
|
||||
throw new Exception($language["USERNAME_PENDING_REGISTRATION"]);
|
||||
if (!isset($res["verify_token"])) {
|
||||
error_log("sth. went wrong. registration did not throw but admin_token not set");
|
||||
throw Exception ("Unknown Error");
|
||||
}
|
||||
require_once("../MatrixConnection.php");
|
||||
$mxConn = new MatrixConnection($homeserver, $access_token);
|
||||
if ($mxConn->hasUser($username)) {
|
||||
throw new Exception($language["USERNAME_REGISTERED"]);
|
||||
}
|
||||
|
||||
$db->exec('INSERT INTO registrations
|
||||
(first_name, last_name, username, note, email, verify_token, admin_token)
|
||||
VALUES ("' . $first_name.'","' . $last_name . '","' . $username . '","' . $note . '","'
|
||||
. $email.'","' .$verify_token.'","' .$admin_token.'")');
|
||||
# $ins_stmt->bindValue(':first_name', $first);
|
||||
# $ins_stmt->bindValue(':last_lame', $last);
|
||||
# $ins_stmt->bindValue(':username', $user);
|
||||
# $ins_stmt->bindValue(':note', $note);
|
||||
# $ins_stmt->bindValue(':email', $email);
|
||||
# $ins_stmt->bindValue(':verify_token', $vToken);
|
||||
# $ins_stmt->bindValue(':admin_token', $adminToken);
|
||||
# $ins_stmt->bindValue(':now', date('Y-m-d H:i:s'));
|
||||
#
|
||||
# $ins_stmt->execute();
|
||||
$verify_token = $res["verify_token"];
|
||||
|
||||
$verify_url = $webroot . "/verify.php?t=" . $verify_token;
|
||||
require_once "../mail_templates.php";
|
||||
$success = send_mail_pending_verification(
|
||||
$homeserver,
|
||||
$first_name . " " . $last_name,
|
||||
$email,
|
||||
$verify_url);
|
||||
|
||||
$db->exec("UPDATE registrations SET state = " .
|
||||
($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend)
|
||||
. " WHERE verify_token = \"" . $verify_token. "\";");
|
||||
$mx_db->setRegistrationStateVerify(
|
||||
($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend),
|
||||
$verify_token);
|
||||
|
||||
print("<title>Erfolgreich</title>");
|
||||
print("</head><body>");
|
||||
|
||||
@@ -28,24 +28,15 @@ try {
|
||||
|
||||
require_once("../database.php");
|
||||
|
||||
$sql = "SELECT COUNT(*) FROM registrations WHERE verify_token = '" . $token . "' LIMIT 1;";
|
||||
$res = $db->query($sql);
|
||||
|
||||
$first_name = NULL; $last_name = NULL; $note = NULL; $email = NULL; $admin_token = NULL;
|
||||
|
||||
if ($res->fetchColumn() > 0) {
|
||||
$sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations WHERE verify_token = '" . $token . "' LIMIT 1;";
|
||||
foreach ($db->query($sql) as $row) {
|
||||
// will only be executed once
|
||||
$first_name = $row["first_name"];
|
||||
$last_name = $row["last_name"];
|
||||
$note = $row["note"];
|
||||
$email = $row["email"];
|
||||
$admin_token = $row["admin_token"];
|
||||
}
|
||||
} else {
|
||||
$user = $mx_db->getUserForVerify($token);
|
||||
if ($user == NULL) {
|
||||
throw new Exception($language["UNKNOWN_TOKEN"]);
|
||||
}
|
||||
$first_name = $user["first_name"];
|
||||
$last_name = $user["last_name"];
|
||||
$note = $user["note"];
|
||||
$email = $user["email"];
|
||||
$admin_token = $user["admin_token"];
|
||||
|
||||
require_once("../MatrixConnection.php");
|
||||
$adminUrl = $webroot . "/verify_admin.php?t=" . $admin_token;
|
||||
@@ -63,9 +54,9 @@ try {
|
||||
if ($response) {
|
||||
$message = $language["SEND_MATRIX_FAIL"];
|
||||
}
|
||||
$db->exec("UPDATE registrations SET state = " .
|
||||
($response ? RegisterState::PendingAdminVerify : RegisterState::PendingAdminSend)
|
||||
. " WHERE verify_token = \"" . $token. "\";");
|
||||
$mx_db->setRegistrationStateVerify(
|
||||
($response ? RegisterState::PendingAdminVerify : RegisterState::PendingAdminSend),
|
||||
$token);
|
||||
|
||||
send_mail_pending_approval($homeserver, $first_name . " " . $last_name, $email);
|
||||
|
||||
|
||||
@@ -40,47 +40,33 @@ try {
|
||||
}
|
||||
}
|
||||
|
||||
$sql = "SELECT COUNT(*) FROM registrations WHERE admin_token = '" . $token
|
||||
. "' AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
|
||||
$res = $db->query($sql);
|
||||
$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
|
||||
|
||||
if ($res->fetchColumn() > 0) {
|
||||
$sql = "SELECT first_name, last_name, username, note, email FROM registrations WHERE admin_token = '" . $token
|
||||
. "' AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
|
||||
foreach ($db->query($sql) as $row) {
|
||||
// will only be executed once
|
||||
$first_name = $row["first_name"];
|
||||
$last_name = $row["last_name"];
|
||||
$username = $row["username"];
|
||||
$note = $row["note"];
|
||||
$email = $row["email"];
|
||||
}
|
||||
} else {
|
||||
$user = $mx_db->getUserForApproval($token);
|
||||
if ($user == NULL) {
|
||||
throw new Exception($language["UNKNOWN_TOKEN"]);
|
||||
}
|
||||
|
||||
$first_name = $user["first_name"];
|
||||
$last_name = $user["last_name"];
|
||||
$username = $user["username"];
|
||||
$note = $user["note"];
|
||||
$email = $user["email"];
|
||||
|
||||
if ($action == RegisterState::RegistrationAccepted) {
|
||||
$db->exec("UPDATE registrations SET state = " . RegisterState::PendingRegistration
|
||||
. " WHERE admin_token = '" . $token. "';");
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::PendingRegistration, $token);
|
||||
|
||||
// register user
|
||||
require_once("../MatrixConnection.php");
|
||||
$mxConn = new MatrixConnection($homeserver, $access_token);
|
||||
|
||||
// generate a password with 8 characters
|
||||
$password = bin2hex(openssl_random_pseudo_bytes(4));
|
||||
|
||||
$res = $mxConn->register($username, $password, $registration_shared_secret);
|
||||
if ($res) {
|
||||
$password = addUser($first_name, $last_name, $username, $email);
|
||||
if ($password != NULL) {
|
||||
// send registration_success
|
||||
$res = send_mail_registration_success($homeserver, $first_name . " " . $last_name, $email, $username, $password, $howToURL);
|
||||
if ($res) {
|
||||
$db->exec("UPDATE registrations SET state = " . RegisterState::AllDone
|
||||
. " WHERE admin_token = '" . $token. "';");
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::AllDone, $token);
|
||||
} else {
|
||||
$db->exec("UPDATE registrations SET state = " . RegisterState::PendingSendRegistrationMail
|
||||
. " WHERE admin_token = '" . $token. "';");
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::PendingSendRegistrationMail, $token);
|
||||
}
|
||||
} else {
|
||||
send_mail_registration_allowed_but_failed($homeserver, $first_name . " " . $last_name, $email);
|
||||
@@ -96,8 +82,7 @@ try {
|
||||
print("<h1>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</h1>");
|
||||
print("<p>" . $language["ADMIN_REGISTER_ACCEPTED_BODY"] . "</p>");
|
||||
} elseif ($action == RegisterState::RegistrationDeclined) {
|
||||
$db->exec("UPDATE registrations SET state = " . RegisterState::RegistrationDeclined
|
||||
. " WHERE admin_token = '" . $token. "';");
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::RegistrationDeclined, $token);
|
||||
send_mail_registration_decline($homeserver, $first_name . " " . $last_name, $email, $decline_reason);
|
||||
print("<title>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</title>");
|
||||
print("</head><body>");
|
||||
|
||||
Reference in New Issue
Block a user