diff options
Diffstat (limited to 'doc/html/auth_8php.html')
-rw-r--r-- | doc/html/auth_8php.html | 98 |
1 files changed, 81 insertions, 17 deletions
diff --git a/doc/html/auth_8php.html b/doc/html/auth_8php.html index eefab2c61..9145b5ef3 100644 --- a/doc/html/auth_8php.html +++ b/doc/html/auth_8php.html @@ -110,24 +110,38 @@ $(document).ready(function(){initNavTree('auth_8php.html','');}); <div class="title">auth.php File Reference</div> </div> </div><!--header--> <div class="contents"> + +<p>Functions and inline functionality for authentication. +<a href="#details">More...</a></p> <table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a> Functions</h2></td></tr> <tr class="memitem:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a2add3a1129ffa4d5515442a9d52a9b1a">nuke_session</a> ()</td></tr> +<tr class="memdesc:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="mdescLeft"> </td><td class="mdescRight">Resets the current session. <a href="#a2add3a1129ffa4d5515442a9d52a9b1a">More...</a><br/></td></tr> <tr class="separator:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a07bae0e623e2daa9ee2cd5a8aa294dee">account_verify_password</a> ($email, $pass)</td></tr> +<tr class="memdesc:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="mdescLeft"> </td><td class="mdescRight">Verify login credentials. <a href="#a07bae0e623e2daa9ee2cd5a8aa294dee">More...</a><br/></td></tr> <tr class="separator:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="memSeparator" colspan="2"> </td></tr> -<tr class="memitem:ab7be44ee051c0aa29847807cf2c5dd38"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_POST,'auth-params'))&&$_POST['auth-params']=== <br class="typebreak"/> -'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#ab7be44ee051c0aa29847807cf2c5dd38">match_openid</a> ($authid)</td></tr> -<tr class="separator:ab7be44ee051c0aa29847807cf2c5dd38"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#ae3ecb5f34f202c7f9a61c5d589f6c6e1">log_failed_login</a> ($errormsg)</td></tr> +<tr class="memdesc:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="mdescLeft"> </td><td class="mdescRight">Log failed logins to a separate auth log. <a href="#ae3ecb5f34f202c7f9a61c5d589f6c6e1">More...</a><br/></td></tr> +<tr class="separator:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:a69fa663e6baf65f80d1b114ad72615f2"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params'))&&$_POST['auth-params']=== <br class="typebreak"/> +'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a69fa663e6baf65f80d1b114ad72615f2">match_openid</a> ($authid)</td></tr> +<tr class="memdesc:a69fa663e6baf65f80d1b114ad72615f2"><td class="mdescLeft"> </td><td class="mdescRight">Returns the channel_id for a given openid_identity. <a href="#a69fa663e6baf65f80d1b114ad72615f2">More...</a><br/></td></tr> +<tr class="separator:a69fa663e6baf65f80d1b114ad72615f2"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a> Variables</h2></td></tr> -<tr class="memitem:a0950af7c2888ca1d4743fe5d0bff9ae5"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((isset($_SESSION))&&(<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_SESSION,'authenticated'))&&((!(<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_POST,'auth-params')))||($_POST['auth-params']!== <br class="typebreak"/> -'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a0950af7c2888ca1d4743fe5d0bff9ae5">else</a></td></tr> -<tr class="separator:a0950af7c2888ca1d4743fe5d0bff9ae5"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:a6f60fb54f60cd36c2430d6615a7b4f3f"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((isset($_SESSION))&&(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_SESSION, <br class="typebreak"/> +'authenticated'))&&((!(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, <br class="typebreak"/> +'auth-params')))||($_POST['auth-params']!== <br class="typebreak"/> +'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a6f60fb54f60cd36c2430d6615a7b4f3f">else</a></td></tr> +<tr class="separator:a6f60fb54f60cd36c2430d6615a7b4f3f"><td class="memSeparator" colspan="2"> </td></tr> </table> -<h2 class="groupheader">Function Documentation</h2> +<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> +<div class="textblock"><p>Functions and inline functionality for authentication. </p> +<p>This file provides some functions for authentication handling and inline functionality. Look for auth parameters or re-validate an existing session also handles logout. Also provides a function for OpenID identiy matching. </p> +</div><h2 class="groupheader">Function Documentation</h2> <a class="anchor" id="a07bae0e623e2daa9ee2cd5a8aa294dee"></a> <div class="memitem"> <div class="memproto"> @@ -151,20 +165,56 @@ Variables</h2></td></tr> </tr> </table> </div><div class="memdoc"> -<p>Verify login credentials</p> -<p>Returns account record on success, null on failure </p> + +<p>Verify login credentials. </p> +<p>If system <em>authlog</em> is set a log entry will be added for failed login attempts.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramtype">string</td><td class="paramname">$email</td><td>The email address to verify. </td></tr> + <tr><td class="paramtype">string</td><td class="paramname">$pass</td><td>The provided password to verify. </td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd>array|null Returns account record on success, null on failure. </dd></dl> + +<p>Referenced by <a class="el" href="include_2api_8php.html#afe534f826e4282b72d66e8cadca7bb73">api_login()</a>, <a class="el" href="removeaccount_8php.html#a26a3325292e932c59793430ab737126a">removeaccount_post()</a>, <a class="el" href="removeme_8php.html#a7be08738beca44bb98a79e01cdb2ee88">removeme_post()</a>, and <a class="el" href="classRedMatrix_1_1RedDAV_1_1RedBasicAuth.html#a6ece02655b780469e59e204c5979a624">RedMatrix\RedDAV\RedBasicAuth\validateUserPass()</a>.</p> + +</div> +</div> +<a class="anchor" id="ae3ecb5f34f202c7f9a61c5d589f6c6e1"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname">log_failed_login </td> + <td>(</td> + <td class="paramtype"> </td> + <td class="paramname"><em>$errormsg</em></td><td>)</td> + <td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Log failed logins to a separate auth log. </p> +<p>Can be used to reduce overhead for server side intrusion prevention, like parse the authlog file with something like fail2ban, OSSEC, etc.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramtype">string</td><td class="paramname">$errormsg</td><td>Error message to display for failed login. </td></tr> + </table> + </dd> +</dl> <p>A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record Plugins should never set 'authenticated' except to indicate success - as hooks may be chained and later plugins should not interfere with an earlier one that succeeded.</p> -<p>Referenced by <a class="el" href="include_2api_8php.html#afe534f826e4282b72d66e8cadca7bb73">api_login()</a>, <a class="el" href="removeme_8php.html#a7be08738beca44bb98a79e01cdb2ee88">removeme_post()</a>, and <a class="el" href="classRedBasicAuth.html#a8dfd9a0953f8884723b421b7c1acf79b">RedBasicAuth\validateUserPass()</a>.</p> +<p>Referenced by <a class="el" href="auth_8php.html#a07bae0e623e2daa9ee2cd5a8aa294dee">account_verify_password()</a>, and <a class="el" href="classRedMatrix_1_1RedDAV_1_1RedBasicAuth.html#a6ece02655b780469e59e204c5979a624">RedMatrix\RedDAV\RedBasicAuth\validateUserPass()</a>.</p> </div> </div> -<a class="anchor" id="ab7be44ee051c0aa29847807cf2c5dd38"></a> +<a class="anchor" id="a69fa663e6baf65f80d1b114ad72615f2"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> - <td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_POST,'auth-params'))&&$_POST['auth-params']=== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') match_openid </td> + <td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params'))&&$_POST['auth-params']=== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') match_openid </td> <td>(</td> <td class="paramtype"> </td> <td class="paramname"><em>$authid</em></td><td>)</td> @@ -173,6 +223,17 @@ Variables</h2></td></tr> </table> </div><div class="memdoc"> +<p>Returns the channel_id for a given openid_identity. </p> +<p>Queries the values from pconfig configuration for the given openid_identity and returns the corresponding channel_id.</p> +<p>How do we prevent that an OpenID identity is used more than once?</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramtype">string</td><td class="paramname">$authid</td><td>The given openid_identity </td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd>int|bool Return channel_id from pconfig or false. </dd></dl> + <p>Referenced by <a class="el" href="openid_8php.html#a9a13827dbcf61ae4e45f0b6b33a88f43">openid_content()</a>.</p> </div> @@ -190,30 +251,33 @@ Variables</h2></td></tr> </table> </div><div class="memdoc"> +<p>Resets the current session. </p> +<dl class="section return"><dt>Returns</dt><dd>void </dd></dl> + <p>Referenced by <a class="el" href="include_2api_8php.html#a2e94eab9d6c164bfef7a1b2ab87b339b">api_account_logout()</a>.</p> </div> </div> <h2 class="groupheader">Variable Documentation</h2> -<a class="anchor" id="a0950af7c2888ca1d4743fe5d0bff9ae5"></a> +<a class="anchor" id="a6f60fb54f60cd36c2430d6615a7b4f3f"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> - <td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((isset($_SESSION))&&(<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_SESSION,'authenticated'))&&((!(<a class="el" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_POST,'auth-params')))||($_POST['auth-params']!== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) else</td> + <td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((isset($_SESSION))&&(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_SESSION, 'authenticated'))&&((!(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params')))||($_POST['auth-params']!== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) else</td> </tr> </table> </div><div class="memdoc"> <b>Initial value:</b><div class="fragment"><div class="line">{</div> <div class="line"></div> <div class="line"> <span class="keywordflow">if</span>(isset($_SESSION)) {</div> -<div class="line"> <a class="code" href="auth_8php.html#a2add3a1129ffa4d5515442a9d52a9b1a">nuke_session</a>();</div> +<div class="line"> <a class="code" href="auth_8php.html#a2add3a1129ffa4d5515442a9d52a9b1a" title="Resets the current session.">nuke_session</a>();</div> <div class="line"> }</div> <div class="line"></div> <div class="line"> </div> <div class="line"></div> -<div class="line"> <span class="keywordflow">if</span>((<a class="code" href="boot_8php.html#a01353c9abebc3544ea080ac161729632">x</a>($_POST,<span class="stringliteral">'password'</span>)) && strlen($_POST[<span class="stringliteral">'password'</span>]))</div> -<div class="line"> $encrypted = hash(<span class="stringliteral">'whirlpool'</span>,trim($_POST[<span class="stringliteral">'password'</span>]))</div> +<div class="line"> <span class="keywordflow">if</span>((<a class="code" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c" title="Multi-purpose function to check variable state.">x</a>($_POST, <span class="stringliteral">'password'</span>)) && strlen($_POST[<span class="stringliteral">'password'</span>]))</div> +<div class="line"> $encrypted = hash(<span class="stringliteral">'whirlpool'</span>, trim($_POST[<span class="stringliteral">'password'</span>]))</div> </div><!-- fragment --><p>Inline - not a function look for auth parameters or re-validate an existing session also handles logout </p> </div> |