The Red Matrix
 All Classes Namespaces Files Functions Variables Pages
Functions | Variables
auth.php File Reference

Functions and inline functionality for authentication. More...

Functions

 nuke_session ()
 Resets the current session. More...
 
 account_verify_password ($email, $pass)
 Verify login credentials. More...
 
 log_failed_login ($errormsg)
 Log failed logins to a separate auth log. More...
 
if((x($_POST, 'auth-params'))&&$_POST['auth-params']===
'login') 		match_openid ($authid)
 Returns the channel_id for a given openid_identity. More...
 

Variables

if((isset($_SESSION))&&(x($_SESSION,
'authenticated'))&&((!(x($_POST,
'auth-params')))||($_POST['auth-params']!==
'login'))) 		else
 

Detailed Description

Functions and inline functionality for authentication.

This file provides some functions for authentication handling and inline functionality. Look for auth parameters or re-validate an existing session also handles logout. Also provides a function for OpenID identiy matching.

Function Documentation

account_verify_password (   $email,
  $pass 
)

Verify login credentials.

If system authlog is set a log entry will be added for failed login attempts.

Parameters
string$emailThe email address to verify.
string$passThe provided password to verify.
Returns
array|null Returns account record on success, null on failure.

Referenced by api_login(), removeaccount_post(), removeme_post(), and RedMatrix\RedDAV\RedBasicAuth\validateUserPass().

log_failed_login (   $errormsg)

Log failed logins to a separate auth log.

Can be used to reduce overhead for server side intrusion prevention, like parse the authlog file with something like fail2ban, OSSEC, etc.

Parameters
string$errormsgError message to display for failed login.

A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record Plugins should never set 'authenticated' except to indicate success - as hooks may be chained and later plugins should not interfere with an earlier one that succeeded.

Referenced by account_verify_password(), and RedMatrix\RedDAV\RedBasicAuth\validateUserPass().

if ((x($_POST, 'auth-params'))&&$_POST['auth-params']=== 'login') match_openid (   $authid)

Returns the channel_id for a given openid_identity.

Queries the values from pconfig configuration for the given openid_identity and returns the corresponding channel_id.

How do we prevent that an OpenID identity is used more than once?

Parameters
string$authidThe given openid_identity
Returns
int|bool Return channel_id from pconfig or false.

Referenced by openid_content().

nuke_session ( )

Resets the current session.

Returns
void

Referenced by api_account_logout().

Variable Documentation

if ((isset($_SESSION))&&(x($_SESSION, 'authenticated'))&&((!(x($_POST, 'auth-params')))||($_POST['auth-params']!== 'login'))) else
Initial value:
{
if(isset($_SESSION)) {
nuke_session();
}
if((x($_POST, 'password')) && strlen($_POST['password']))
$encrypted = hash('whirlpool', trim($_POST['password']))

Inline - not a function look for auth parameters or re-validate an existing session also handles logout