Commit | Line | Data |
---|---|---|
133aecbe | 1 | <?php |
d46a42f1 RK |
2 | /* This Source Code Form is subject to the terms of the Mozilla Public |
3 | * License, v. 2.0. If a copy of the MPL was not distributed with this file, | |
4 | * You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
5 | ||
77f0f9ff RK |
6 | /* |
7 | Some resources for how to store passwords: | |
8 | - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/ | |
9 | - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines | |
10 | oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook | |
11 | */ | |
12 | ||
133aecbe RK |
13 | // error reporting (for testing) |
14 | ini_set('display_errors', 1); error_reporting(E_ALL); | |
15 | ||
16 | // Read DB settings | |
17 | $dbdata = json_decode(file_get_contents('/etc/kairo/auth_db.json'), true); | |
18 | if (!is_array($dbdata)) { trigger_error('DB configuration not found', E_USER_ERROR); } | |
087085d6 RK |
19 | $settings = json_decode(file_get_contents('/etc/kairo/auth_settings.json'), true); |
20 | if (!is_array($settings)) { trigger_error('Auth settings not found', E_USER_ERROR); } | |
133aecbe RK |
21 | |
22 | // Extended DOM document class | |
7d51fe69 | 23 | require_once('../kairo-utils/document.php-class'); |
b19743bc | 24 | // Class for sending emails |
7d51fe69 | 25 | require_once('../kairo-utils/email.php-class'); |
d46a42f1 RK |
26 | // Class for sending emails |
27 | require_once(__DIR__.'/authutils.php-class'); | |
133aecbe RK |
28 | |
29 | bindtextdomain('kairo_auth', 'en'); // XXX: Should negotiate locale. | |
30 | bind_textdomain_codeset('kairo_auth', 'utf-8'); | |
31 | ||
d26d08a1 RK |
32 | // Connect to our MySQL DB |
33 | $db = new PDO($dbdata['dsn'], $dbdata['username'], $dbdata['password']); | |
558e9862 RK |
34 | // Instantiate auth utils. |
35 | $utils = new AuthUtils($settings, $db); | |
d26d08a1 RK |
36 | |
37 | /* Creating the DB tables: | |
d46a42f1 RK |
38 | CREATE TABLE `auth_sessions` ( |
39 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
40 | `sesskey` VARCHAR(150) NOT NULL DEFAULT '' , | |
41 | `user` MEDIUMINT UNSIGNED NULL DEFAULT NULL , | |
42 | `logged_in` BOOLEAN NOT NULL DEFAULT FALSE , | |
43 | `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
44 | `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
409b55f4 | 45 | `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' , |
d46a42f1 RK |
46 | PRIMARY KEY (`id`), |
47 | INDEX (`sesskey`), | |
48 | INDEX (`time_expire`) | |
49 | ); | |
50 | CREATE TABLE `auth_users` ( | |
51 | `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
52 | `email` VARCHAR(255) NOT NULL , | |
53 | `pwdhash` VARCHAR(255) NOT NULL , | |
54 | `status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' , | |
55 | `verify_hash` VARCHAR(150) NULL DEFAULT NULL , | |
60e46184 | 56 | `group_id` MEDIUMINT UNSIGNED DEFAULT '0' , |
d46a42f1 RK |
57 | PRIMARY KEY (`id`), |
58 | UNIQUE (`email`) | |
59 | ); | |
558e9862 RK |
60 | CREATE TABLE `auth_log` ( |
61 | `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT , | |
62 | `code` VARCHAR(100) NOT NULL , | |
63 | `info` TEXT NULL DEFAULT NULL , | |
64 | `ip_addr` VARCHAR(50) NULL DEFAULT NULL , | |
65 | `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , | |
66 | PRIMARY KEY (`id`), | |
67 | INDEX (`time_logged`) | |
68 | ); | |
d26d08a1 RK |
69 | */ |
70 | ||
133aecbe RK |
71 | // include our OAuth2 Server object |
72 | require_once(__DIR__.'/server.inc.php'); | |
73 | ?> |