Commit | Line | Data |
---|---|---|
133aecbe | 1 | <?php |
d46a42f1 RK |
2 | /* This Source Code Form is subject to the terms of the Mozilla Public |
3 | * License, v. 2.0. If a copy of the MPL was not distributed with this file, | |
4 | * You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
5 | ||
77f0f9ff RK |
6 | /* |
7 | Some resources for how to store passwords: | |
8 | - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/ | |
9 | - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines | |
10 | oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook | |
11 | */ | |
12 | ||
133aecbe RK |
13 | // error reporting (for testing) |
14 | ini_set('display_errors', 1); error_reporting(E_ALL); | |
15 | ||
16 | // Read DB settings | |
17 | $dbdata = json_decode(file_get_contents('/etc/kairo/auth_db.json'), true); | |
18 | if (!is_array($dbdata)) { trigger_error('DB configuration not found', E_USER_ERROR); } | |
087085d6 RK |
19 | $settings = json_decode(file_get_contents('/etc/kairo/auth_settings.json'), true); |
20 | if (!is_array($settings)) { trigger_error('Auth settings not found', E_USER_ERROR); } | |
74b24877 | 21 | $settings['dbdata'] = $dbdata; |
133aecbe RK |
22 | |
23 | // Extended DOM document class | |
2b9aa8f3 | 24 | require_once(__DIR__.'/../php-utility-classes/classes/document.php-class'); |
b19743bc | 25 | // Class for sending emails |
2b9aa8f3 RK |
26 | require_once(__DIR__.'/../php-utility-classes/classes/email.php-class'); |
27 | // Composer-provided libraries (oauth2-server-php, doctrine DBAL) | |
28 | require_once(__DIR__.'/../vendor/autoload.php'); | |
2b9aa8f3 RK |
29 | // Authentication utilities |
30 | require_once(__DIR__.'/authutils.php-class'); | |
31 | // Instantiate server utils. | |
32 | try { | |
74b24877 RK |
33 | $utils = new AuthUtils($settings); |
34 | $db = $utils->db; | |
2b9aa8f3 RK |
35 | } |
36 | catch (Exception $e) { | |
37 | $utils = null; | |
38 | } | |
d26d08a1 | 39 | |
74b24877 | 40 | $utils->setUpL10n(); |
8b69f29c | 41 | |
7be13777 RK |
42 | // Sanitize settings. |
43 | $settings['piwik_enabled'] = (@$settings['piwik_enabled']) ? true : false; | |
44 | $settings['piwik_site_id'] = intval(@$settings['piwik_site_id']); | |
426f76b2 RK |
45 | $settings['piwik_url'] = strlen(@$settings['piwik_url']) ? $settings['piwik_url'] : '/piwik/'; |
46 | $settings['piwik_tracker_path'] = strlen(@$settings['piwik_tracker_path']) ? $settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/'; | |
7be13777 | 47 | |
d26d08a1 | 48 | /* Creating the DB tables: |
d46a42f1 RK |
49 | CREATE TABLE `auth_sessions` ( |
50 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
51 | `sesskey` VARCHAR(150) NOT NULL DEFAULT '' , | |
52 | `user` MEDIUMINT UNSIGNED NULL DEFAULT NULL , | |
53 | `logged_in` BOOLEAN NOT NULL DEFAULT FALSE , | |
54 | `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
55 | `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
409b55f4 | 56 | `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' , |
d46a42f1 RK |
57 | PRIMARY KEY (`id`), |
58 | INDEX (`sesskey`), | |
59 | INDEX (`time_expire`) | |
60 | ); | |
61 | CREATE TABLE `auth_users` ( | |
62 | `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
63 | `email` VARCHAR(255) NOT NULL , | |
64 | `pwdhash` VARCHAR(255) NOT NULL , | |
65 | `status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' , | |
66 | `verify_hash` VARCHAR(150) NULL DEFAULT NULL , | |
60e46184 | 67 | `group_id` MEDIUMINT UNSIGNED DEFAULT '0' , |
d46a42f1 RK |
68 | PRIMARY KEY (`id`), |
69 | UNIQUE (`email`) | |
70 | ); | |
558e9862 RK |
71 | CREATE TABLE `auth_log` ( |
72 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
73 | `code` VARCHAR(100) NOT NULL , | |
74 | `info` TEXT NULL DEFAULT NULL , | |
75 | `ip_addr` VARCHAR(50) NULL DEFAULT NULL , | |
76 | `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
77 | PRIMARY KEY (`id`), | |
78 | INDEX (`time_logged`) | |
79 | ); | |
d26d08a1 RK |
80 | */ |
81 | ||
74b24877 RK |
82 | // Set up our OAuth2 Server object |
83 | $server = $utils->getOAuthServer(); | |
133aecbe | 84 | ?> |