aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2019-03-09 12:58:03 -0800
committerzotlabs <mike@macgirvin.com>2019-03-09 12:58:03 -0800
commit51024d382172c5e2e62bacc6d9103a1caa40e4a5 (patch)
tree37423abb2147b56945ac43a7ad0f13936890eec4 /include
parent220d6ed494c1c1aa1bd1365f485e0543c2baa800 (diff)
downloadvolse-hubzilla-51024d382172c5e2e62bacc6d9103a1caa40e4a5.tar.gz
volse-hubzilla-51024d382172c5e2e62bacc6d9103a1caa40e4a5.tar.bz2
volse-hubzilla-51024d382172c5e2e62bacc6d9103a1caa40e4a5.zip
authenticated fetch fixes
Diffstat (limited to 'include')
-rw-r--r--include/zid.php48
1 files changed, 48 insertions, 0 deletions
diff --git a/include/zid.php b/include/zid.php
index a37ebe1f6..0b12689ef 100644
--- a/include/zid.php
+++ b/include/zid.php
@@ -352,3 +352,51 @@ function owt_init($token) {
logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']);
}
+
+
+function observer_auth($ob_hash) {
+
+ if($ob_hash === false) {
+ return;
+ }
+
+ $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
+ where hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s' order by hubloc_id desc",
+ dbesc($ob_hash),
+ dbesc($ob_hash),
+ dbesc($ob_hash)
+ );
+
+ if(! $r) {
+ // finger them if they can't be found.
+ $wf = discover_by_webbie($ob_hash);
+ if($wf) {
+ $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash
+ where hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s' order by hubloc_id desc",
+ dbesc($ob_hash),
+ dbesc($ob_hash),
+ dbesc($ob_hash)
+ );
+ }
+ }
+ if(! $r) {
+ logger('unable to finger ' . $ob_hash);
+ return;
+ }
+
+ $hubloc = $r[0];
+
+ $_SESSION['authenticated'] = 1;
+
+ // normal visitor (remote_channel) login session credentials
+ $_SESSION['visitor_id'] = $hubloc['xchan_hash'];
+ $_SESSION['my_url'] = $hubloc['xchan_url'];
+ $_SESSION['my_address'] = $hubloc['hubloc_addr'];
+ $_SESSION['remote_hub'] = $hubloc['hubloc_url'];
+ $_SESSION['DNT'] = 1;
+
+ \App::set_observer($hubloc);
+ require_once('include/security.php');
+ \App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
+
+}