diff options
Diffstat (limited to 'Zotlabs/Storage/BasicAuth.php')
-rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index da5af7659..02c4117da 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -73,6 +73,9 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { protected $timezone = ''; + public $module_disabled = false; + + /** * @brief Validates a username and password. * @@ -92,7 +95,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { intval($record['account_id']), intval($record['account_default_channel']) ); - if ($r) { + if($r && $this->check_module_access($r[0]['channel_id'])) { return $this->setAuthenticated($r[0]); } } @@ -109,13 +112,17 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { if ((($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) && (hash('whirlpool', $record['account_salt'] . $password) === $record['account_password'])) { logger('password verified for ' . $username); - return $this->setAuthenticated($r[0]); + if($this->check_module_access($r[0]['channel_id'])) + return $this->setAuthenticated($r[0]); } } } } - $error = 'password failed for ' . $username; + if($this->module_disabled) + $error = 'module not enabled for ' . $username; + else + $error = 'password failed for ' . $username; logger($error); log_failed_login($error); @@ -139,6 +146,17 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { return true; } + protected function check_module_access($channel_id) { + if($channel_id && \App::$module === 'cdav') { + $x = get_pconfig($channel_id,'cdav','enabled'); + if(! $x) { + $this->module_disabled = true; + return false; + } + } + return true; + } + /** * Sets the channel_name from the currently logged-in channel. * |