[authserver.git] / app / authsystem.inc.php

<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
  Some resources for how to store passwords:
  - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/
  - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
  oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook
*/

// error reporting (for testing)
ini_set('display_errors', 1); error_reporting(E_ALL);

// Extended DOM document class
require_once(__DIR__.'/../php-utility-classes/classes/document.php-class');
// Class for sending emails
require_once(__DIR__.'/../php-utility-classes/classes/email.php-class');
// Composer-provided libraries (oauth2-server-php, doctrine DBAL)
require_once(__DIR__.'/../vendor/autoload.php');
// Authentication utilities
require_once(__DIR__.'/authutils.php-class');
// Instantiate server utils.
try {
  $utils = new AuthUtils();
  $db = $utils->db;
  $settings = $utils->settings;
}
catch (Exception $e) {
  $utils = null;
  print('Failed to set up utilities: '.$e->getMessage());
  exit(1);
}

$utils->setUpL10n();

// Sanitize settings.
$settings['piwik_enabled'] = (@$settings['piwik_enabled']) ? true : false;
$settings['piwik_site_id'] = intval(@$settings['piwik_site_id']);
$settings['piwik_url'] = strlen(@$settings['piwik_url']) ? $settings['piwik_url'] : '/piwik/';
$settings['piwik_tracker_path'] = strlen(@$settings['piwik_tracker_path']) ? $settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/';

/* Creating the DB tables:
CREATE TABLE `auth_sessions` (
 `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
 `sesskey` VARCHAR(150) NOT NULL DEFAULT '' ,
 `user` MEDIUMINT UNSIGNED NULL DEFAULT NULL ,
 `logged_in` BOOLEAN NOT NULL DEFAULT FALSE ,
 `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
 `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
 `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' ,
 PRIMARY KEY (`id`),
 INDEX (`sesskey`),
 INDEX (`time_expire`)
);
CREATE TABLE `auth_users` (
 `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT ,
 `email` VARCHAR(255) NOT NULL ,
 `pwdhash` VARCHAR(255) NOT NULL ,
 `status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' ,
 `verify_hash` VARCHAR(150) NULL DEFAULT NULL ,
 `group_id` MEDIUMINT UNSIGNED DEFAULT '0' ,
 PRIMARY KEY (`id`),
 UNIQUE (`email`)
);
CREATE TABLE `auth_log` (
 `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
 `code` VARCHAR(100) NOT NULL ,
 `info` TEXT NULL DEFAULT NULL ,
 `ip_addr` VARCHAR(50) NULL DEFAULT NULL ,
 `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
 PRIMARY KEY (`id`),
 INDEX (`time_logged`)
);
*/

// Set up our OAuth2 Server object
$server = $utils->getOAuthServer();
?>
Commit	Line	Data
	1	<?php
	2	/* This Source Code Form is subject to the terms of the Mozilla Public
	3	* License, v. 2.0. If a copy of the MPL was not distributed with this file,
	4	* You can obtain one at http://mozilla.org/MPL/2.0/. */
	5
	6	/*
	7	Some resources for how to store passwords:
	8	- https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/
	9	- https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
	10	oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook
	11	*/
	12
	13	// error reporting (for testing)
	14	ini_set('display_errors', 1); error_reporting(E_ALL);
	15
	16	// Extended DOM document class
	17	require_once(__DIR__.'/../php-utility-classes/classes/document.php-class');
	18	// Class for sending emails
	19	require_once(__DIR__.'/../php-utility-classes/classes/email.php-class');
	20	// Composer-provided libraries (oauth2-server-php, doctrine DBAL)
	21	require_once(__DIR__.'/../vendor/autoload.php');
	22	// Authentication utilities
	23	require_once(__DIR__.'/authutils.php-class');
	24	// Instantiate server utils.
	25	try {
	26	$utils = new AuthUtils();
	27	$db = $utils->db;
	28	$settings = $utils->settings;
	29	}
	30	catch (Exception $e) {
	31	$utils = null;
	32	print('Failed to set up utilities: '.$e->getMessage());
	33	exit(1);
	34	}
	35
	36	$utils->setUpL10n();
	37
	38	// Sanitize settings.
	39	$settings['piwik_enabled'] = (@$settings['piwik_enabled']) ? true : false;
	40	$settings['piwik_site_id'] = intval(@$settings['piwik_site_id']);
	41	$settings['piwik_url'] = strlen(@$settings['piwik_url']) ? $settings['piwik_url'] : '/piwik/';
	42	$settings['piwik_tracker_path'] = strlen(@$settings['piwik_tracker_path']) ? $settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/';
	43
	44	/* Creating the DB tables:
	45	CREATE TABLE `auth_sessions` (
	46	`id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
	47	`sesskey` VARCHAR(150) NOT NULL DEFAULT '' ,
	48	`user` MEDIUMINT UNSIGNED NULL DEFAULT NULL ,
	49	`logged_in` BOOLEAN NOT NULL DEFAULT FALSE ,
	50	`time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
	51	`time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
	52	`saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' ,
	53	PRIMARY KEY (`id`),
	54	INDEX (`sesskey`),
	55	INDEX (`time_expire`)
	56	);
	57	CREATE TABLE `auth_users` (
	58	`id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT ,
	59	`email` VARCHAR(255) NOT NULL ,
	60	`pwdhash` VARCHAR(255) NOT NULL ,
	61	`status` ENUM('unverified','ok') NOT NULL DEFAULT 'unverified' ,
	62	`verify_hash` VARCHAR(150) NULL DEFAULT NULL ,
	63	`group_id` MEDIUMINT UNSIGNED DEFAULT '0' ,
	64	PRIMARY KEY (`id`),
	65	UNIQUE (`email`)
	66	);
	67	CREATE TABLE `auth_log` (
	68	`id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
	69	`code` VARCHAR(100) NOT NULL ,
	70	`info` TEXT NULL DEFAULT NULL ,
	71	`ip_addr` VARCHAR(50) NULL DEFAULT NULL ,
	72	`time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
	73	PRIMARY KEY (`id`),
	74	INDEX (`time_logged`)
	75	);
	76	*/
	77
	78	// Set up our OAuth2 Server object
	79	$server = $utils->getOAuthServer();
	80	?>