From: Pierre Habouzit (MadCoder Date: Sun, 17 Apr 2005 18:28:40 +0000 (+0000) Subject: x.net auth X-Git-Tag: xorg/old~210 X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=a8b5bcdc5c1cf6529bda4f4df2077e18cdf42652;p=platal.git x.net auth * SSO works for X-ppl * doAuthOther has still to be implemented, but it should be quite trivial and straight forward. git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-552 --- diff --git a/htdocs.net/css/xnet.css b/htdocs.net/css/xnet.css index 76c6c60..e6be0ae 100644 --- a/htdocs.net/css/xnet.css +++ b/htdocs.net/css/xnet.css @@ -74,10 +74,23 @@ td#credits { font-weight: bold; } +td#perso { + vertical-align: top; +} + +td#perso ul { + font-weight: bold; + font-size: 90%; +} + td#search { + vertical-align: top; text-align: right; } +/*************************************************************************** + ***************************************************************************/ + img { vertical-align: middle; } a:link { diff --git a/include/xnet.inc.php b/include/xnet.inc.php index 5c0dc66..45f2bf5 100644 --- a/include/xnet.inc.php +++ b/include/xnet.inc.php @@ -25,5 +25,34 @@ require_once('xnet/session.inc.php'); XnetGlobals::init(); XnetSession::init(); +// {{{ function _new_page() + +function _new_page($type, $tpl_name, $min_auth, $admin=false) +{ + global $page,$globals; + require_once("xorg/page.inc.php"); + if (!empty($admin)) { + $page = new XnetAdmin($tpl_name, $type); + } else switch($min_auth) { + case AUTH_PUBLIC: + $page = new XnetPage($tpl_name, $type); + break; + + case AUTH_MDP: + $page = new XnetAuth($tpl_name, $type); + } + + $page->assign('xorg_tpl', $tpl_name); +} + +// }}} +// {{{ function new_skinned_page() + +function new_skinned_page($tpl_name, $min_auth) +{ + _new_page(SKINNED, $tpl_name, $min_auth); +} + +// }}} // vim:set et sw=4 sts=4 sws=4 foldmethod=marker: ?> diff --git a/include/xnet/page.inc.php b/include/xnet/page.inc.php index 5e37f76..27cd4ab 100644 --- a/include/xnet/page.inc.php +++ b/include/xnet/page.inc.php @@ -30,6 +30,9 @@ class XnetPage extends PlatalPage function XnetPage($tpl, $type=SKINNED) { $this->PlatalPage($tpl, $type); + if (Get::has('auth')) { + $_SESSION['session']->doAuthX($this); + } } // }}} @@ -44,6 +47,32 @@ class XnetPage extends PlatalPage } // }}} +// {{{ class XnetAuth + +/** Une classe pour les pages nécessitant l'authentification. + * (equivalent de controlauthentification.inc.php) + */ +class XnetAuth extends XnetPage +{ + // {{{ function XnetAuth() + + function XnetAuth($tpl, $type=SKINNED) + { + $this->XnetPage($tpl, $type); + } + + // }}} + // {{{ function doAuth() + + function doAuth() + { + $_SESSION['session']->doAuth($this); + } + + // }}} +} + +// }}} // vim:set et sw=4 sts=4 sws=4 foldmethod=marker: ?> diff --git a/include/xnet/session.inc.php b/include/xnet/session.inc.php index add4dcc..b06fef1 100644 --- a/include/xnet/session.inc.php +++ b/include/xnet/session.inc.php @@ -25,24 +25,32 @@ require_once('platal/session.inc.php'); class XnetSession extends DiogenesCoreSession { - // {{{ function XorgSession() + // {{{ function XnetSession() function XnetSession() { $this->DiogenesCoreSession(); - if (!Session::has('uid')) { - try_cookie(); - } } // }}} // {{{ function init function init() { + global $globals; + @session_start(); if (!Session::has('session')) { $_SESSION['session'] = new XnetSession; } + if (!logged()) { + $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}"; + $url = "https://www.polytechnique.org/auth-groupex.php"; + $url .= "?session=" . session_id(); + $url .= "&challenge=" . $_SESSION['session']->challenge; + $url .= "&pass=" . md5($_SESSION['session']->challenge . $globals->xnet->secret); + $url .= "&url=".urlencode($returl); + $_SESSION['session']->loginX = $url; + } } // }}} @@ -55,6 +63,74 @@ class XnetSession extends DiogenesCoreSession } // }}} + // {{{ function doAuth() + + /** Try to do an authentication. + * + * @param page the calling page (by reference) + */ + function doAuth(&$page) + { + global $globals; + if (identified()) { // ok, c'est bon, on n'a rien à faire + return true; + } + + if (Get::has('auth')) { + return $this->doAuthX($page); + } elseif (Post::has('challenge') && Post::has('username') && Post::has('response')) { + return $this->doAuthOther($page); + } else { + $this->doLogin($page); + } + } + + // }}} + // {{{ doAuthX + + function doAuthX(&$page) { + global $globals; + + if (md5('1'.$this->challenge.$globals->xnet->secret.Get::getInt('uid').'1') != Get::get('auth')) { + $page->kill("Erreur d'authentification avec polytechnique.org !"); + } + + $res = $globals->xdb->query(" + SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme, + a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash + FROM auth_user_md5 AS u + INNER JOIN auth_user_quick AS q USING(user_id) + INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie') + INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags)) + WHERE u.user_id = {?} AND u.perms IN('admin','user') + LIMIT 1", Get::getInt('uid')); + $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc()); + $_SESSION['auth'] = AUTH_MDP; + unset($this->challenge); + unset($this->loginX); + } + + // }}} + // {{{ doAuthOther + + function doAuthOther(&$page) { + if (Post::has('challenge') && Post::has('username') && Post::has('response')) { + $username = Post::get('username'); + } + $this->doLogin($page); + } + + // }}} + // {{{ doLogin + + function doLogin(&$page) { + $page->addJsLink('javascript/md5.js'); + $page->addJsLink('javascript/do_challenge_response.js'); + $page->assign("xorg_tpl", "xnet/login.tpl"); + $page->run(); + } + + // }}} } // }}} diff --git a/include/xorg/session.inc.php b/include/xorg/session.inc.php index b3b8654..b96fe45 100644 --- a/include/xorg/session.inc.php +++ b/include/xorg/session.inc.php @@ -279,7 +279,6 @@ function start_connexion ($uid, $identified) ORDER BY s.start DESC LIMIT 1", $uid); $sess = $res->fetchOneAssoc(); - echo mysql_error(); $suid = Session::getMixed('suid'); if ($suid) { diff --git a/templates/xnet/login.tpl b/templates/xnet/login.tpl new file mode 100644 index 0000000..627ae6f --- /dev/null +++ b/templates/xnet/login.tpl @@ -0,0 +1,115 @@ +{*************************************************************************** + * Copyright (C) 2003-2004 Polytechnique.org * + * http://opensource.polytechnique.org/ * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the Free Software * + * Foundation, Inc., * + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * + ***************************************************************************} + +

+ Accès à Polytechnique.net +

+ + + + + + + + + + + + +
+ Accès pour les Polytechniciens + + Accès pour les extérieurs +
+ Il suffit de suivre ce lien qui va te rediriger vers + Polytechnique.org + +
+ + + + + + + + + + + + + + + + + +
Connexion
+ Login + + +
+ Mot de passe: + + +
+ +
+
+ + (Activer obligatoirement le javascript) + {if $smarty.request.response} +
+ Erreur d'identification. Essaie à nouveau ! +
+ {/if} +
+ + +
+
+ + + + + +
+
+ +{literal} + +{/literal} + +{* vim:set et sw=2 sts=2 sws=2: *} diff --git a/templates/xnet/skin.tpl b/templates/xnet/skin.tpl index 952734e..1249895 100644 --- a/templates/xnet/skin.tpl +++ b/templates/xnet/skin.tpl @@ -60,27 +60,30 @@ Logo {$type} - + {$type} - + {include file="skin/common.content.tpl"} - ---------- + ---------- - -IF LOGGED PRINT LIST OF ASSOCES OR TODO : IF NOT LOGGED PRINT LOGIN + + {only_public} + Se connecter en tant que: + + {/only_public} - - - - +
infos @@ -96,10 +99,10 @@ - ---------- + ---------- - + page d'accueil - liste des associations - services proposés -