public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 02:05:56 +00:00
Code Issues Releases Wiki Activity

add placeholder authentication via app passwords if service is passed

Browse Source 
forbid logins via regular passwords for services
remove AUTH_DISABLE_OTP
This commit is contained in:
Andrew Dolgov
2019-11-01 13:03:06 +03:00
parent 88cd9e586e
commit 68b0380118
6 changed files with 160 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
classes/api.php
View File

@@ -74,10 +74,10 @@ class API extends Handler {
}
if (get_pref("ENABLE_API_ACCESS", $uid)) {
if (authenticate_user($login, $password)) { // try login with normal password
if (authenticate_user($login, $password, false, Auth_Base::AUTH_SERVICE_API)) { // try login with normal password
$this->wrap(self::STATUS_OK, array("session_id" => session_id(),
"api_level" => self::API_LEVEL));
} else if (authenticate_user($login, $password_base64)) { // else try with base64_decoded password
} else if (authenticate_user($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password
$this->wrap(self::STATUS_OK, array("session_id" => session_id(),
"api_level" => self::API_LEVEL));
} else { // else we are not logged in

6
classes/auth/base.php
View File

@@ -2,6 +2,8 @@
class Auth_Base {
private $pdo;
const AUTH_SERVICE_API = '_api';
function __construct() {
$this->pdo = Db::pdo();
}
@@ -9,14 +11,14 @@ class Auth_Base {
/**
* @SuppressWarnings(unused)
*/
function check_password($owner_uid, $password) {
function check_password($owner_uid, $password, $service = '') {
return false;
}
/**
* @SuppressWarnings(unused)
*/
function authenticate($login, $password) {
function authenticate($login, $password, $service = '') {
return false;
}

2
classes/iauthmodule.php
View File

@@ -1,4 +1,4 @@
<?php
interface IAuthModule {
function authenticate($login, $password);
function authenticate($login, $password); // + optional third parameter: $service
}