| | |
|---|
| | | * |
|---|
| | | * Configuration: |
|---|
| | | * // redirect the client to this URL after logout. This page is then responsible to clear HTTP auth |
|---|
| | | * $rcmail_config['logout_url'] = 'http://server.tld/logout.html'; |
|---|
| | | * $config['logout_url'] = 'http://server.tld/logout.html'; |
|---|
| | | * |
|---|
| | | * See logout.html (in this directory) for an example how HTTP auth can be cleared. |
|---|
| | | * |
|---|
| | |
|---|
| | | */ |
|---|
| | | class http_authentication extends rcube_plugin |
|---|
| | | { |
|---|
| | | private $redirect_query; |
|---|
| | | |
|---|
| | | function init() |
|---|
| | | { |
|---|
| | | $this->add_hook('startup', array($this, 'startup')); |
|---|
| | | $this->add_hook('authenticate', array($this, 'authenticate')); |
|---|
| | | $this->add_hook('logout_after', array($this, 'logout')); |
|---|
| | | $this->add_hook('login_after', array($this, 'login')); |
|---|
| | | } |
|---|
| | | |
|---|
| | | function startup($args) |
|---|
| | | { |
|---|
| | | if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { |
|---|
| | | if (!empty($_SERVER['PHP_AUTH_USER'])) { |
|---|
| | | $rcmail = rcmail::get_instance(); |
|---|
| | | $rcmail->add_shutdown_function(array('http_authentication', 'shutdown')); |
|---|
| | | |
|---|
| | | // handle login action |
|---|
| | | if (empty($args['action']) && empty($_SESSION['user_id'])) { |
|---|
| | | $args['action'] = 'login'; |
|---|
| | | if (empty($_SESSION['user_id'])) { |
|---|
| | | $args['action'] = 'login'; |
|---|
| | | $this->redirect_query = $_SERVER['QUERY_STRING']; |
|---|
| | | } |
|---|
| | | // Set user password in session (see shutdown() method for more info) |
|---|
| | | else if (!empty($_SESSION['user_id']) && empty($_SESSION['password'])) { |
|---|
| | | else if (!empty($_SESSION['user_id']) && empty($_SESSION['password']) |
|---|
| | | && !empty($_SERVER['PHP_AUTH_PW'])) { |
|---|
| | | $_SESSION['password'] = $rcmail->encrypt($_SERVER['PHP_AUTH_PW']); |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | return $args; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { |
|---|
| | | if (!empty($_SERVER['PHP_AUTH_USER'])) { |
|---|
| | | $args['user'] = $_SERVER['PHP_AUTH_USER']; |
|---|
| | | $args['pass'] = $_SERVER['PHP_AUTH_PW']; |
|---|
| | | if (!empty($_SERVER['PHP_AUTH_PW'])) |
|---|
| | | $args['pass'] = $_SERVER['PHP_AUTH_PW']; |
|---|
| | | } |
|---|
| | | |
|---|
| | | $args['cookiecheck'] = false; |
|---|
| | |
|---|
| | | // We'll set it back on startup (#1486553) |
|---|
| | | rcmail::get_instance()->session->remove('password'); |
|---|
| | | } |
|---|
| | | |
|---|
| | | function login($args) |
|---|
| | | { |
|---|
| | | // Redirect to the previous QUERY_STRING |
|---|
| | | if($this->redirect_query){ |
|---|
| | | header('Location: ./?' . $this->redirect_query); |
|---|
| | | exit; |
|---|
| | | } |
|---|
| | | return $args; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
