Commit | Line | Data |
---|---|---|
133aecbe | 1 | <?php |
d46a42f1 RK |
2 | /* This Source Code Form is subject to the terms of the Mozilla Public |
3 | * License, v. 2.0. If a copy of the MPL was not distributed with this file, | |
4 | * You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
5 | ||
77f0f9ff RK |
6 | /* |
7 | Some resources for how to store passwords: | |
8 | - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/ | |
9 | - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines | |
10 | oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook | |
11 | */ | |
12 | ||
133aecbe RK |
13 | // error reporting (for testing) |
14 | ini_set('display_errors', 1); error_reporting(E_ALL); | |
15 | ||
133aecbe | 16 | // Extended DOM document class |
2b9aa8f3 | 17 | require_once(__DIR__.'/../php-utility-classes/classes/document.php-class'); |
b19743bc | 18 | // Class for sending emails |
2b9aa8f3 RK |
19 | require_once(__DIR__.'/../php-utility-classes/classes/email.php-class'); |
20 | // Composer-provided libraries (oauth2-server-php, doctrine DBAL) | |
21 | require_once(__DIR__.'/../vendor/autoload.php'); | |
2b9aa8f3 RK |
22 | // Authentication utilities |
23 | require_once(__DIR__.'/authutils.php-class'); | |
24 | // Instantiate server utils. | |
25 | try { | |
9ea26dfc | 26 | $utils = new AuthUtils(); |
74b24877 | 27 | $db = $utils->db; |
9ea26dfc | 28 | $settings = $utils->settings; |
2b9aa8f3 RK |
29 | } |
30 | catch (Exception $e) { | |
31 | $utils = null; | |
9ea26dfc RK |
32 | print('Failed to set up utilities: '.$e->getMessage()); |
33 | exit(1); | |
2b9aa8f3 | 34 | } |
d26d08a1 | 35 | |
74b24877 | 36 | $utils->setUpL10n(); |
8b69f29c | 37 | |
7be13777 RK |
38 | // Sanitize settings. |
39 | $settings['piwik_enabled'] = (@$settings['piwik_enabled']) ? true : false; | |
40 | $settings['piwik_site_id'] = intval(@$settings['piwik_site_id']); | |
426f76b2 RK |
41 | $settings['piwik_url'] = strlen(@$settings['piwik_url']) ? $settings['piwik_url'] : '/piwik/'; |
42 | $settings['piwik_tracker_path'] = strlen(@$settings['piwik_tracker_path']) ? $settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/'; | |
7be13777 | 43 | |
d26d08a1 | 44 | /* Creating the DB tables: |
d46a42f1 RK |
45 | CREATE TABLE `auth_sessions` ( |
46 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
47 | `sesskey` VARCHAR(150) NOT NULL DEFAULT '' , | |
48 | `user` MEDIUMINT UNSIGNED NULL DEFAULT NULL , | |
49 | `logged_in` BOOLEAN NOT NULL DEFAULT FALSE , | |
50 | `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
51 | `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
409b55f4 | 52 | `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' , |
d46a42f1 RK |
53 | PRIMARY KEY (`id`), |
54 | INDEX (`sesskey`), | |
55 | INDEX (`time_expire`) | |
56 | ); | |
57 | CREATE TABLE `auth_users` ( | |
58 | `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
59 | `email` VARCHAR(255) NOT NULL , | |
60 | `pwdhash` VARCHAR(255) NOT NULL , | |
61 | `status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' , | |
62 | `verify_hash` VARCHAR(150) NULL DEFAULT NULL , | |
60e46184 | 63 | `group_id` MEDIUMINT UNSIGNED DEFAULT '0' , |
d46a42f1 RK |
64 | PRIMARY KEY (`id`), |
65 | UNIQUE (`email`) | |
66 | ); | |
558e9862 RK |
67 | CREATE TABLE `auth_log` ( |
68 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
69 | `code` VARCHAR(100) NOT NULL , | |
70 | `info` TEXT NULL DEFAULT NULL , | |
71 | `ip_addr` VARCHAR(50) NULL DEFAULT NULL , | |
72 | `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
73 | PRIMARY KEY (`id`), | |
74 | INDEX (`time_logged`) | |
75 | ); | |
d26d08a1 RK |
76 | */ |
77 | ||
74b24877 RK |
78 | // Set up our OAuth2 Server object |
79 | $server = $utils->getOAuthServer(); | |
133aecbe | 80 | ?> |