-
Notifications
You must be signed in to change notification settings - Fork 101
Expand file tree
/
Copy pathlogin.php
More file actions
executable file
·106 lines (87 loc) · 2.46 KB
/
login.php
File metadata and controls
executable file
·106 lines (87 loc) · 2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
/**
* @package Com_Api
* @copyright Copyright (C) 2009-2014 Techjoomla, Tekdi Technologies Pvt. Ltd. All rights reserved.
* @license GNU GPLv2 <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
* @link http://techjoomla.com
* Work derived from the original RESTful API by Techjoomla (https://github.com/techjoomla/Joomla-REST-API)
* and the com_api extension by Brian Edgerton (http://www.edgewebworks.com)
*/
defined('_JEXEC') or die;
/**
* ApiAuthenticationLogin class.
*
* @since 1.6
*/
class ApiAuthenticationLogin extends ApiAuthentication
{
protected $auth_method = null;
protected $domain_checking = null;
/**
* Method to check authentication
*
* @return int
*
* @since 1.6
*/
public function authenticate()
{
$app = JFactory::getApplication();
$username = $app->input->post->get('username', '', 'STRING');
$password = $app->input->post->get('password', '', 'STRING');
$secret = $app->input->post->get('secretkey', '', 'STRING');
$userId = $this->loadUserByCredentials($username, $password);
// Remove username and password from request for when it gets logged
$uri = JFactory::getURI();
$uri->delVar('username');
$uri->delVar('password');
$uri->delVar('secretkey');
if ($userId === false)
{
// Errors are already set, just return
return false;
}
return $userId;
}
/**
* Method to check out an item for editing and redirect to the edit form.
*
* @param STRING $user user
* @param STRING $pass pass
* @param STRING $secret secretkey
*
* @return int
*
* @since 1.6
*/
public function loadUserByCredentials($user, $pass, $secret = NULL)
{
jimport('joomla.user.authentication');
$authenticate = JAuthentication::getInstance();
// $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array());
// adding support for two factor authentication
$response = $authenticate->authenticate(array('username' => $user, 'password' => $pass, 'secretkey' => $secret), $options = array());
if ($response->status === JAuthentication::STATUS_SUCCESS)
{
$userId = JUserHelper::getUserId($response->username);
if ($userId === false)
{
$this->setError(JError::getError());
return false;
}
}
else
{
if (isset($response->error_message))
{
$this->setError($response->error_message);
}
else
{
$this->setError($response->getError());
}
return false;
}
return $userId;
}
}