Authenticator.inc
3.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
/**
* $Id$
*
* Interface class that performs all authentication functions.
*
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* @version $Revision$
* @author Michael Joseph <michael@jamwarehouse.com>, Jam Warehouse (Pty) Ltd, South Africa
* @package lib.authentication
*/
class Authenticator {
/**
* Verifies the login credentials
*
* @param string the user name of the user logging in
* @param string the user's password
* @return array containing userID and authentication status code
*/
function login($sUserName, $sPassword) {
global $default, $lang_err_database;
// initialise return array
$aUserDetails = array();
if ($this->checkPassword($sUserName, $sPassword)) {
// retrieve the userID
$iUserID = lookupID($default->owl_users_table, "username", "$sUserName");
$default->log->info("Authenticator::login authenticated user, id=$iUserID");
if ($iUserID) {
// add this to the return array
$aUserDetails["userID"] = $iUserID;
// remove stale sessions from the database for the user
// that is signing on.
Session::removeStaleSessions($aUserDetails["userID"]);
// Check if Maxsessions has been reached
// lookup maxsessions
$maxSessions = lookupField($default->owl_users_table, "max_sessions", "id", $iUserID);
$sql = $default->db;
if ($sql->query("SELECT * FROM $default->owl_sessions_table WHERE user_id = '".$aUserDetails["user_id"]."'")) {
if ($sql->num_rows($sql) >= $maxSessions) {
// return too many sessions status code
$aUserDetails["status"] = 3;
} else {
// authenticated successfully
$aUserDetails["status"] = 1;
}
// FIXME: account disabled status???
}
else {
// db access failed
$_SESSION["errorMessage"] = $lang_err_database;
$aUserDetails["status"] = 0;
}
} else {
// db access failed
$_SESSION["errorMessage"] = $lang_err_database;
$aUserDetails["status"] = 0;
}
} else {
// authentication failed
$aUserDetails["status"] = 0;
}
return $aUserDetails;
}
/**
* Logs the user out of the application
*
* @param int the ID of user logging out
* @param string the user's sessionID
*/
function logout($iUserID, $iSessionID) {
// remove session from db
Session::destroy($iSessionID);
}
/**
* [Abstract] Checks the user's password
*
* @param string the name of the user to check
* @param string the password to check
* @return boolean true if the password is correct, else false
*/
function checkPassword($sUserName, $sPassword) {}
/**
* [Abstract] Searches the user store for users matching the supplied search string.
*
* @param string the username to search for
* @param array the attributes to return from the search
* @return array containing the users found
*/
function searchUsers($sUserNameSearch, $aAttributes) {}
}
?>