X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=classes%2Fxnetsession.php;h=27ed4d8b638549643b29121c90d5d462a8ddf932;hb=e73697f95e30f81670765878d38309205e433a00;hp=2833d329b934f01cfe3bb64dc9538628fd3f7096;hpb=020a95fa78dc544b3064739d409026a0056d98f4;p=platal.git

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index 2833d32..27ed4d8 100644
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -34,6 +34,26 @@ class XnetSession extends XorgSession
             }
         }
 
+        if (!S::logged() && Post::has('auth_type') && Post::v('auth_type') == 'xnet' && !Post::has('wait')) {
+            $email = Post::v('username');
+            $type = XDB::fetchOneCell('SELECT  type
+                                         FROM  accounts
+                                        WHERE  email = {?}',
+                                      $email);
+            if ((!is_null($type) && $type != 'xnet') || !User::isForeignEmailAddress($email)) {
+                Platal::page()->trigErrorRedirect('Ce formulaire d\'authentification est réservé aux extérieurs à la communauté polytechnicienne.', '');
+            }
+
+            $user = parent::doAuth(AUTH_MDP);
+            if (is_null($user)) {
+                return false;
+            }
+            if (!parent::checkAuth(AUTH_MDP) || !parent::startSessionAs($user, AUTH_MDP)) {
+                $this->destroy();
+                return false;
+            }
+        }
+
         global $globals;
         if (!S::logged() && $globals->xnet->auth_baseurl) {
             // prevent connection to be linked to disconnection