From 9e133d6412945f84f858d4bfde26c69f9e1afbfd Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 19 Mar 2012 15:03:09 -0700
Subject: refactor openid logins/registrations

---
 include/auth.php | 29 ++++-------------------------
 1 file changed, 4 insertions(+), 25 deletions(-)

(limited to 'include/auth.php')

diff --git a/include/auth.php b/include/auth.php
index fc52684e6..faf922199 100755
--- a/include/auth.php
+++ b/include/auth.php
@@ -77,7 +77,7 @@ else {
 
 			$noid = get_config('system','no_openid');
 
-			$openid_url = trim(  (strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
+			$openid_url = trim((strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
 
 			// validate_url alters the calling parameter
 
@@ -99,30 +99,9 @@ else {
 			$openid->identity = $openid_url;
 			$_SESSION['openid'] = $openid_url;
 			$a = get_app();
-			$openid->returnUrl = $a->get_baseurl() . '/openid'; 
-
-			$r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1",
-				dbesc($openid_url)
-			);
-			if(count($r)) { 
-				// existing account
-				goaway($openid->authUrl());
-				// NOTREACHED	
-			}
-			else {
-				if($a->config['register_policy'] == REGISTER_CLOSED) {
-					$a = get_app();
-					notice( t('Login failed.') . EOL);
-					goaway(z_root());
-					// NOTREACHED
-				}
-				// new account
-				$_SESSION['register'] = 1;
-				$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
-				$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
-				goaway($openid->authUrl());
-				// NOTREACHED	
-			}
+			$openid->returnUrl = $a->get_baseurl(true) . '/openid'; 
+			goaway($openid->authUrl());
+			// NOTREACHED
 		}
 	}
 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
-- 
cgit v1.2.3


From 5a5aadb743e055530aa071dd3e47705a3bf5d728 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 19 Mar 2012 21:58:21 -0700
Subject: add IP address to failed login log message

---
 include/auth.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include/auth.php')

diff --git a/include/auth.php b/include/auth.php
index 4e246e354..835616a82 100755
--- a/include/auth.php
+++ b/include/auth.php
@@ -104,6 +104,7 @@ else {
 			// NOTREACHED
 		}
 	}
+
 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
 
 		$record = null;
@@ -144,7 +145,7 @@ else {
 		}
 
 		if((! $record) || (! count($record))) {
-			logger('authenticate: failed login attempt: ' . notags(trim($_POST['username']))); 
+			logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']); 
 			notice( t('Login failed.') . EOL );
 			goaway(z_root());
   		}
-- 
cgit v1.2.3