diff options
author | friendica <info@friendica.com> | 2014-02-17 20:10:43 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-02-17 20:10:43 -0800 |
commit | ea709361f6a27f3234afbaeb6d3d1759eeca2ee5 (patch) | |
tree | 5b36f6d0626c50300ead71c1045a5d6df74806bb /mod | |
parent | d6ab975b188778a0be936c3065b502e0c58b8c91 (diff) | |
download | volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.gz volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.bz2 volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.zip |
snakebite, cont. magic-auth via openid is now possible, with the caveat that one needs a hand-crafted xchan at the moment to make use of it and if you wish to do so, there will be no assistance or help provided. The risk of system instability and mangled DBs now and going forward is significant if you try this.
Diffstat (limited to 'mod')
-rw-r--r-- | mod/openid.php | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/mod/openid.php b/mod/openid.php index d59d671e7..42efeac70 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -59,8 +59,26 @@ function openid_content(&$a) { goaway(z_root()); // } - unset($_SESSION['register']); - $args = ''; + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($authid) + ); + + if($r) { + $_SESSION['authenticated'] = 1; + $_SESSION['visitor_id'] = $r[0]['xchan_hash']; + $_SESSION['my_address'] = $r[0]['xchan_addr']; + $arr = array('xchan' => $r[0], 'session' => $_SESSION); + call_hooks('magic_auth_openid_success',$arr); + $a->set_observer($r[0]); + require_once('include/security.php'); + $a->set_groups(init_groups_visitor($_SESSION['visitor_id'])); + info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name'])); + logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); + if($_SESSION['return_url']) + goaway($_SESSION['return_url']); + goaway(z_root()); + } + $attr = $openid->getAttributes(); if(is_array($attr) && count($attr)) { foreach($attr as $k => $v) { |