From 3affb2e8172b4cc673aafe9551c21dad6f606d87 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Wed, 20 Jul 2016 17:55:40 -0700
Subject: sort out some of the authentication mess - with luck this may fix the
 DAV auth issue which I simply could not duplicate or find a reason for.

---
 Zotlabs/Storage/BasicAuth.php | 37 ++++++++++++-------------------------
 1 file changed, 12 insertions(+), 25 deletions(-)

(limited to 'Zotlabs/Storage/BasicAuth.php')

diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php
index 9c73b47b9..67617b637 100644
--- a/Zotlabs/Storage/BasicAuth.php
+++ b/Zotlabs/Storage/BasicAuth.php
@@ -91,33 +91,20 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 
 		require_once('include/auth.php');
 		$record = account_verify_password($username, $password);
-		if ($record && $record['account_default_channel']) {
-			$r = q("SELECT * FROM channel WHERE channel_account_id = %d AND channel_id = %d LIMIT 1",
-				intval($record['account_id']),
-				intval($record['account_default_channel'])
-			);
-			if($r && $this->check_module_access($r[0]['channel_id'])) {
-				return $this->setAuthenticated($r[0]);
+		if($record && $record['account']) {
+			if($record['channel'])
+				$channel = $record['channel'];
+			else {
+				$r = q("SELECT * FROM channel WHERE channel_account_id = %d AND channel_id = %d LIMIT 1",
+					intval($record['account']['account_id']),
+					intval($record['account']['account_default_channel'])
+				);
+				if($r)
+					$channel = $r[0];
 			}
 		}
-		$r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1",
-			dbesc($username)
-		);
-		if ($r) {
-			$x = q("SELECT account_flags, account_salt, account_password FROM account WHERE account_id = %d LIMIT 1",
-				intval($r[0]['channel_account_id'])
-			);
-			if ($x) {
-				// @fixme this foreach should not be needed?
-				foreach ($x as $record) {
-					if ((($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED))
-					&& (hash('whirlpool', $record['account_salt'] . $password) === $record['account_password'])) {
-						logger('password verified for ' . $username);
-						if($this->check_module_access($r[0]['channel_id']))
-							return $this->setAuthenticated($r[0]);
-					}
-				}
-			}
+		if($channel && $this->check_module_access($channel['channel_id'])) {
+			return $this->setAuthenticated($channel);
 		}
 
 		if($this->module_disabled)
-- 
cgit v1.2.3