2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
4 * You can obtain one at http://mozilla.org/MPL/2.0/. */
7 Some resources for how to store passwords:
8 - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/
9 - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
10 oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook
13 // error reporting (for testing)
14 ini_set('display_errors', 1); error_reporting(E_ALL);
17 $dbdata = json_decode(file_get_contents('/etc/kairo/auth_db.json'), true);
18 if (!is_array($dbdata)) { trigger_error('DB configuration not found', E_USER_ERROR); }
19 $settings = json_decode(file_get_contents('/etc/kairo/auth_settings.json'), true);
20 if (!is_array($settings)) { trigger_error('Auth settings not found', E_USER_ERROR); }
22 // Extended DOM document class
23 require_once('../kairo/include/cbsm/util/document.php-class');
24 // Class for sending emails
25 require_once('../kairo/include/classes/email.php-class');
26 // Class for sending emails
27 require_once(__DIR__.'/authutils.php-class');
29 bindtextdomain('kairo_auth', 'en'); // XXX: Should negotiate locale.
30 bind_textdomain_codeset('kairo_auth', 'utf-8');
32 // Connect to our MySQL DB
33 $db = new PDO($dbdata['dsn'], $dbdata['username'], $dbdata['password']);
34 // Instantiate auth utils.
35 $utils = new AuthUtils($settings, $db);
37 /* Creating the DB tables:
38 CREATE TABLE `auth_sessions` (
39 `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
40 `sesskey` VARCHAR(150) NOT NULL DEFAULT '' ,
41 `user` MEDIUMINT UNSIGNED NULL DEFAULT NULL ,
42 `logged_in` BOOLEAN NOT NULL DEFAULT FALSE ,
43 `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
44 `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
45 `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' ,
50 CREATE TABLE `auth_users` (
51 `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT ,
52 `email` VARCHAR(255) NOT NULL ,
53 `pwdhash` VARCHAR(255) NOT NULL ,
54 `status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' ,
55 `verify_hash` VARCHAR(150) NULL DEFAULT NULL ,
59 CREATE TABLE `auth_log` (
60 `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
61 `code` VARCHAR(100) NOT NULL ,
62 `info` TEXT NULL DEFAULT NULL ,
63 `ip_addr` VARCHAR(50) NULL DEFAULT NULL ,
64 `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
70 // include our OAuth2 Server object
71 require_once(__DIR__.'/server.inc.php');