1 files changed, 22 insertions, 70 deletions
diff --git a/mod/cloud.php b/mod/cloud.php
index 106379785..a72d0f108 100644
--- a/mod/cloud.php
+++ b/mod/cloud.php
@@ -1,23 +1,5 @@
 <?php
 
-	// This module is currently !!!HIGHLY EXPERIMENTAL!!!
-	// You should think twice before running this on a production server
-	// as security mechanisms are not yet implemented and those that
-	// are implemented probably don't work.
-
-	// DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send
-	// basic auth over non-encrypted connections.
-	// One could use digest auth - but then one has to calculate the A1 digest and store it for
-	// all acounts. We aren't doing that. We have a stored password already. We don't need another
-	// one. The login unfortunately is the channel nickname (webbie) as we have no way of passing 
-	// the destination channel to DAV. You should be able to login with your account credentials 
-	// and be directed to your default channel. 
-
-	// This interface does not yet support Red stored files. Consider any content in your "store" 
-	// directory to be throw-away until advised otherwise.
-
-
-
 	use Sabre\DAV;
 
     require_once('vendor/autoload.php');
@@ -44,64 +26,28 @@
 
 
 
-class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic {
-
-	public $channel_name = '';
-	public $channel_id = 0;
-	public $channel_hash = '';
-	public $observer = '';
-
-    protected function validateUserPass($username, $password) {
-		require_once('include/auth.php');
-		$record = account_verify_password($email,$pass);
-		if($record && $record['account_default_channel']) {
-			$r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
-				intval($record['account_id']),
-				intval($record['account_default_channel'])
-			);
-			if($r) {
-				$this->currentUser = $r[0]['channel_address'];
-				$this->channel_name = $r[0]['channel_address'];
-				$this->channel_id = $r[0]['channel_id'];
-				$this->channel_hash = $this->observer = $r[0]['channel_hash'];
-				return true;
-			}
-		}
-		$r = q("select * from channel where channel_address = '%s' limit 1",
-			dbesc($username)
-		);
-		if($r) {
-			$x = q("select * from account where account_id = %d limit 1",
-				intval($r[0]['channel_account_id'])
-			);
-			if($x) {
-			    foreach($x as $record) {
-			        if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
-            		&& (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) {
-			            logger('(DAV) RedBasicAuth: password verified for ' . $username);
-						$this->channel_name = $r[0]['channel_address'];
-						$this->channel_id = $r[0]['channel_id'];
-						$this->channel_hash = $this->observer = $r[0]['channel_hash'];
-            			return true;
-        			}
-    			}
-			}
-		}
-	    logger('(DAV) RedBasicAuth: password failed for ' . $username);
-    	return false;
-	}
-}
 
 
 function cloud_init(&$a) {
 
-	if(! get_config('system','enable_cloud'))
-		killme();
-
 	require_once('include/reddav.php');
 
 	$auth = new RedBasicAuth();
 
+	$ob_hash = get_observer_hash();
+
+	if($ob_hash) {
+		if(local_user()) {
+			$channel = $a->get_channel();
+			$auth->setCurrentUser($channel['channel_address']);
+			$auth->channel_name = $channel['channel_address'];
+			$auth->channel_id = $channel['channel_id'];
+			$auth->channel_hash = $channel['channel_hash'];
+		}	
+		$auth->observer = $ob_hash;
+	}	
+
+
 	$rootDirectory = new RedDirectory('/',$auth);
 	$server = new DAV\Server($rootDirectory);
 	$lockBackend = new DAV\Locks\Backend\File('store/data/locks');
@@ -110,9 +56,15 @@ function cloud_init(&$a) {
 	$server->addPlugin($lockPlugin);
 
 
-	$auth->Authenticate($server,'Red Matrix');
+	if(! $auth->observer)
+		$auth->Authenticate($server,'Red Matrix');
+
+//	$browser = new DAV\Browser\Plugin();
+
+	$browser = new RedBrowser($auth);
+
+	$auth->setBrowserPlugin($browser);
 
-	$browser = new DAV\Browser\Plugin();
 	$server->addPlugin($browser);