aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-02-17 20:10:43 -0800
committerfriendica <info@friendica.com>2014-02-17 20:10:43 -0800
commitea709361f6a27f3234afbaeb6d3d1759eeca2ee5 (patch)
tree5b36f6d0626c50300ead71c1045a5d6df74806bb /mod
parentd6ab975b188778a0be936c3065b502e0c58b8c91 (diff)
downloadvolse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.gz
volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.bz2
volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.zip
snakebite, cont. magic-auth via openid is now possible, with the caveat that one needs a hand-crafted xchan at the moment to make use of it and if you wish to do so, there will be no assistance or help provided. The risk of system instability and mangled DBs now and going forward is significant if you try this.
Diffstat (limited to 'mod')
-rw-r--r--mod/openid.php22
1 files changed, 20 insertions, 2 deletions
diff --git a/mod/openid.php b/mod/openid.php
index d59d671e7..42efeac70 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -59,8 +59,26 @@ function openid_content(&$a) {
goaway(z_root());
// }
- unset($_SESSION['register']);
- $args = '';
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($authid)
+ );
+
+ if($r) {
+ $_SESSION['authenticated'] = 1;
+ $_SESSION['visitor_id'] = $r[0]['xchan_hash'];
+ $_SESSION['my_address'] = $r[0]['xchan_addr'];
+ $arr = array('xchan' => $r[0], 'session' => $_SESSION);
+ call_hooks('magic_auth_openid_success',$arr);
+ $a->set_observer($r[0]);
+ require_once('include/security.php');
+ $a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
+ info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
+ logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
+ if($_SESSION['return_url'])
+ goaway($_SESSION['return_url']);
+ goaway(z_root());
+ }
+
$attr = $openid->getAttributes();
if(is_array($attr) && count($attr)) {
foreach($attr as $k => $v) {