X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=blobdiff_plain;f=authsystem.inc.php;h=5354cd9528b4d4a80a2abb5c713c5efd2dd77cdc;hp=322e17faf74d615bed3c27f5d495b49fa6c58b9c;hb=b217e836543c89d872c8f692e2557c8c43da468f;hpb=087085d618e57aea5f292a5bb57d46304574cc6a

diff --git a/authsystem.inc.php b/authsystem.inc.php
index 322e17f..5354cd9 100644
--- a/authsystem.inc.php
+++ b/authsystem.inc.php
@@ -3,6 +3,13 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
+/*
+  Some resources for how to store passwords:
+  - https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/
+  - https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
+  oauth-server-php: https://bshaffer.github.io/oauth2-server-php-docs/cookbook
+*/
+
 // error reporting (for testing)
 ini_set('display_errors', 1); error_reporting(E_ALL);
 
@@ -18,13 +25,14 @@ require_once('../kairo/include/cbsm/util/document.php-class');
 require_once('../kairo/include/classes/email.php-class');
 // Class for sending emails
 require_once(__DIR__.'/authutils.php-class');
-$utils = new AuthUtils($settings);
 
 bindtextdomain('kairo_auth', 'en'); // XXX: Should negotiate locale.
 bind_textdomain_codeset('kairo_auth', 'utf-8');
 
 // Connect to our MySQL DB
 $db = new PDO($dbdata['dsn'], $dbdata['username'], $dbdata['password']);
+// Instantiate auth utils.
+$utils = new AuthUtils($settings, $db);
 
 /* Creating the DB tables:
 CREATE TABLE `auth_sessions` (
@@ -34,6 +42,7 @@ CREATE TABLE `auth_sessions` (
  `logged_in` BOOLEAN NOT NULL DEFAULT FALSE ,
  `time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
  `time_expire` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+ `saved_redirect` VARCHAR(255) NOT NULL DEFAULT '' ,
  PRIMARY KEY (`id`),
  INDEX (`sesskey`),
  INDEX (`time_expire`)
@@ -47,6 +56,15 @@ CREATE TABLE `auth_users` (
  PRIMARY KEY (`id`),
  UNIQUE (`email`)
 );
+CREATE TABLE `auth_log` (
+ `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT ,
+ `code` VARCHAR(100) NOT NULL ,
+ `info` TEXT NULL DEFAULT NULL ,
+ `ip_addr` VARCHAR(50) NULL DEFAULT NULL ,
+ `time_logged` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+ PRIMARY KEY (`id`),
+ INDEX (`time_logged`)
+);
 */
 
 // include our OAuth2 Server object