Home Explore Help
Sign In
fusionpbx
/
fusionpbx-framework
mirror of https://github.com/fusionpbx/fusionpbx-framework.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Authentication: Updates to improve order compatibility.

fusionate 2 years ago
parent
17f4c21c51
commit
2e3cc086d6
4 changed files with 71 additions and 51 deletions
Split View Show Diff Stats
  1. 37 34
      core/authentication/resources/classes/authentication.php
  2. 32 16
      core/authentication/resources/classes/plugins/database.php
  3. 1 0
      core/authentication/resources/classes/plugins/email.php
  4. 1 1
      core/authentication/resources/classes/plugins/totp.php

+ 37 - 34
core/authentication/resources/classes/authentication.php
View File 

@@ -65,7 +65,7 @@ class authentication {
 
 
 		//set the default authentication method to the database
 
 			if (empty($_SESSION['authentication']['methods']) || !is_array($_SESSION['authentication']['methods'])) {
 
-				$_SESSION['authentication']['methods'][]  = 'database';
 
+				$_SESSION['authentication']['methods'][] = 'database';
 
 			}
 
 
 		//set the database as the default plugin
 
@@ -75,7 +75,6 @@ class authentication {
 
 
 		//use the authentication plugins
 
 			foreach ($_SESSION['authentication']['methods'] as $name) {
 
-
 
 				//already processed the plugin move to the next plugin
 
 				if (!empty($_SESSION['authentication']['plugin']) && !empty($_SESSION['authentication']['plugin'][$name]) && $_SESSION['authentication']['plugin'][$name]['authorized']) {
 
 					continue;
 
@@ -103,16 +102,18 @@ class authentication {
 
 					$array = $object->$name();
 
 
 					//build a result array
 
-					$result['plugin'] = $array["plugin"];
 
-					$result['domain_name'] = $array["domain_name"];
 
-					$result['username'] = $array["username"];
 
-					$result['user_uuid'] = $array["user_uuid"];
 
-					$result['contact_uuid'] = $array["contact_uuid"];
 
-					$result['domain_uuid'] = $array["domain_uuid"];
 
-					$result['authorized'] = $array["authorized"];
 
-
 
-					//save the result to the authentication plugin
 
-					$_SESSION['authentication']['plugin'][$name] = $result;
 
+					if (!empty($array) && is_array($array)) {
 
+						$result['plugin'] = $array["plugin"];
 
+						$result['domain_name'] = $array["domain_name"];
 
+						$result['username'] = $array["username"];
 
+						$result['user_uuid'] = $array["user_uuid"];
 
+						$result['contact_uuid'] = $array["contact_uuid"];
 
+						$result['domain_uuid'] = $array["domain_uuid"];
 
+						$result['authorized'] = $array["authorized"];
 
+
 
+						//save the result to the authentication plugin
 
+						$_SESSION['authentication']['plugin'][$name] = $result;
 
+					}
 
 
 					//plugin authorized false
 
 					if (!$result['authorized']) {
 
@@ -122,15 +123,17 @@ class authentication {
 
 			}
 
 
 		//make sure all plugins are in the array
 
-			foreach ($_SESSION['authentication']['methods'] as $name) {
 
-				if (!isset($_SESSION['authentication']['plugin'][$name]['authorized'])) {
 
-					$_SESSION['authentication']['plugin'][$name]['plugin'] = $name;
 
-					$_SESSION['authentication']['plugin'][$name]['domain_name'] = $_SESSION['domain_name'];
 
-					$_SESSION['authentication']['plugin'][$name]['domain_uuid'] = $_SESSION['domain_uuid'];
 
-					$_SESSION['authentication']['plugin'][$name]['username'] = $_SESSION['username'];
 
-					$_SESSION['authentication']['plugin'][$name]['user_uuid'] = $_SESSION['user_uuid'];
 
-					$_SESSION['authentication']['plugin'][$name]['user_email'] = $_SESSION['user_email'];
 
-					$_SESSION['authentication']['plugin'][$name]['authorized'] = 0;
 
+			if (!empty($_SESSION['authentication']['methods'])) {
 
+				foreach ($_SESSION['authentication']['methods'] as $name) {
 
+					if (!isset($_SESSION['authentication']['plugin'][$name]['authorized'])) {
 
+						$_SESSION['authentication']['plugin'][$name]['plugin'] = $name;
 
+						$_SESSION['authentication']['plugin'][$name]['domain_name'] = $_SESSION['domain_name'];
 
+						$_SESSION['authentication']['plugin'][$name]['domain_uuid'] = $_SESSION['domain_uuid'];
 
+						$_SESSION['authentication']['plugin'][$name]['username'] = $_SESSION['username'];
 
+						$_SESSION['authentication']['plugin'][$name]['user_uuid'] = $_SESSION['user_uuid'];
 
+						$_SESSION['authentication']['plugin'][$name]['user_email'] = $_SESSION['user_email'];
 
+						$_SESSION['authentication']['plugin'][$name]['authorized'] = 0;
 
+					}
 
 				}
 
 			}
 
 
@@ -152,19 +155,19 @@ class authentication {
 
 			}
 
 
 		//result array
 
-			$result["plugin"] = "database";
 
-			$result["domain_name"] = $_SESSION['domain_name'];
 
-			if (!isset($_SESSION['username'])) {
 
-				$result["username"] = $_SESSION['username'];
 
-			}
 
-			if (!isset($_SESSION['user_uuid'])) {
 
-				$result["user_uuid"] = $_SESSION['user_uuid'];
 
-			}
 
-			$result["domain_uuid"] = $_SESSION['domain_uuid'];
 
-			if (!isset($_SESSION['contact_uuid'])) {
 
-				$result["contact_uuid"] = $_SESSION['contact_uuid'];
 
-			}
 
-			$result["authorized"] = $authorized;
 
+// 			$result["plugin"] = "database";
 
+// 			$result["domain_name"] = $_SESSION['domain_name'];
 
+// 			if (!isset($_SESSION['username'])) {
 
+// 				$result["username"] = $_SESSION['username'];
 
+// 			}
 
+// 			if (!isset($_SESSION['user_uuid'])) {
 
+// 				$result["user_uuid"] = $_SESSION['user_uuid'];
 
+// 			}
 
+// 			$result["domain_uuid"] = $_SESSION['domain_uuid'];
 
+// 			if (!isset($_SESSION['contact_uuid'])) {
 
+// 				$result["contact_uuid"] = $_SESSION['contact_uuid'];
 
+// 			}
 
+// 			$result["authorized"] = $authorized;
 
 
 		//add user logs
 
 			user_logs::add($result);

+ 32 - 16
core/authentication/resources/classes/plugins/database.php
View File 

@@ -226,9 +226,9 @@ class plugin_database {
 
 
 				//set a few session variables
 
 					$_SESSION["user_uuid"] = $row['user_uuid'];
 
-					$_SESSION["contact_uuid"] = $row["contact_uuid"];
 
 					$_SESSION["username"] = $row['username'];
 
 					$_SESSION["user_email"] = $row['user_email'];
 
+					$_SESSION["contact_uuid"] = $row["contact_uuid"];
 
 
 				//validate the password
 
 					$valid_password = false;
 
@@ -286,30 +286,46 @@ class plugin_database {
 
 								$p->delete('user_edit', 'temp');
 
 
 						}
 
+
 
 					}
 
 					else {
 
 						//clear authentication session
 
-						unset($_SESSION['authentication']);
 
+						if (empty($_SESSION['authentication']['methods']) || !is_array($_SESSION['authentication']['methods']) || sizeof($_SESSION['authentication']['methods']) == 0) {
 
+							unset($_SESSION['authentication']);
 
+						}
 
 
 						// clear username
 
-						unset($_SESSION['username'], $_REQUEST['username'], $_POST['username']);
 
+						if (!empty($_REQUEST["password"])) {
 
+							unset($_SESSION['username'], $_REQUEST['username'], $_POST['username']);
 
+							unset($_SESSION['authentication']);
 
+						}
 
 					}
 
 
+					//result array
 
+					if ($valid_password) {
 
+						$result["plugin"] = "database";
 
+						$result["domain_name"] = $this->domain_name;
 
+						$result["username"] = $this->username;
 
+						$result["user_uuid"] = $this->user_uuid;
 
+						$result["domain_uuid"] = $_SESSION['domain_uuid'];
 
+						$result["contact_uuid"] = $this->contact_uuid;
 
+						$result["user_email"] = $this->user_email;
 
+						$result["sql"] = $sql;
 
+						$result["authorized"] = $valid_password;
 
+					}
 
+
 
+					//return the results
 
+					return $result ?? false;
 
+
 
+			}
 
+			else {
 
+
 
+				unset($_SESSION['username'], $_REQUEST['username'], $_POST['username']);
 
+				unset($_SESSION['authentication']);
 
+
 
 			}
 
 
-		//result array
 
-			$result["plugin"] = "database";
 
-			$result["domain_name"] = $this->domain_name;
 
-			$result["username"] = $this->username;
 
-			$result["user_uuid"] = $this->user_uuid;
 
-			$result["domain_uuid"] = $_SESSION['domain_uuid'];
 
-			$result["contact_uuid"] = $this->contact_uuid;
 
-			$result["user_email"] = $this->user_email;
 
-			$result["sql"] = $sql;
 
-			$result["authorized"] = $valid_password;
 
-
 
-		//return the results
 
-			return $result;
 
+		return;
 
 
 	}
 
 }

+ 1 - 0
core/authentication/resources/classes/plugins/email.php
View File 

@@ -308,6 +308,7 @@ class plugin_email {
 
 				$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
 
 				$view->assign("login_logo_source", $settings['theme']['logo']);
 
 				$view->assign("button_verify", $text['label-verify']);
 
+				$view->assign("message_delay", $settings['theme']['message_delay']);
 
 				if (!empty($_SESSION['username'])) {
 
 					$view->assign("username", $_SESSION['username']);
 
 					$view->assign("button_cancel", $text['button-cancel']);

+ 1 - 1
core/authentication/resources/classes/plugins/totp.php
View File 

@@ -401,7 +401,7 @@ class plugin_totp {
 
 				//build the result array
 
 				$result["plugin"] = "totp";
 
 				$result["domain_name"] = $_SESSION["domain_name"];
 
-				$result["username"] = $_SESSION["username"];
 
+				$result["username"] = $_SESSION["username"] ?? null;
 
 				$result["user_uuid"] = $_SESSION["user_uuid"];
 
 				$result["domain_uuid"] = $_SESSION["domain_uuid"];
 
 				$result["contact_uuid"] = $_SESSION["contact_uuid"];