diff options
author | redmatrix <git@macgirvin.com> | 2016-06-27 19:53:35 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-06-27 19:53:35 -0700 |
commit | 30a5fe30617ef19d7cb896783442d43277ce5a8e (patch) | |
tree | 2203cd6a780f954c702407277c2872e4bf1c33a6 /Zotlabs | |
parent | b155e93ab134759f3d31a509d197916a5af84adb (diff) | |
download | volse-hubzilla-30a5fe30617ef19d7cb896783442d43277ce5a8e.tar.gz volse-hubzilla-30a5fe30617ef19d7cb896783442d43277ce5a8e.tar.bz2 volse-hubzilla-30a5fe30617ef19d7cb896783442d43277ce5a8e.zip |
provide a daemon for implementing zot magic-auth over curl.
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Daemon/CurlAuth.php | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/Zotlabs/Daemon/CurlAuth.php b/Zotlabs/Daemon/CurlAuth.php new file mode 100644 index 000000000..d0296a729 --- /dev/null +++ b/Zotlabs/Daemon/CurlAuth.php @@ -0,0 +1,52 @@ +<?php + +namespace Zotlabs\Daemon; + +// generate a curl compatible cookie file with an authenticated session for the given channel_id. +// If this file is then used with curl and the destination url is sent through zid() or manually +// manipulated to add a zid, it should allow curl to provide zot magic-auth across domains. + +// Handles expiration of stale cookies currently by deleting them and rewriting the file. + +class CurlAuth { + + static public function run($argc,$argv) { + + if($argc != 2) + killme(); + + session_start(); + + $_SESSION['authenticated'] = 1; + $_SESSION['uid'] = $argv[1]; + + $x = session_id(); + + $f = 'store/[data]/cookie_' . $argv[1]; + + $e = file_exists($f); + + $output = ''; + + if($e) { + $lines = file($f); + if($lines) { + foreach($lines as $line) { + if(strlen($line) > 0 && $line[0] != '#' && substr_count($line, "\t") == 6) { + $tokens = explode("\t", $line); + $tokens = array_map('trim', $tokens); + if($tokens[4] > time()) { + $output .= $line . "\n"; + } + } + else + $output .= $line; + } + } + } + + file_put_contents($f, $output . 'HttpOnly_' . \App::get_hostname() . "\tFALSE\t/\tFALSE\t0\tPHPSESSID\t" . $x, (($e) ? FILE_APPEND : 0)); + + killme(); + } +}
\ No newline at end of file |