2013-07-10 22:59:46 +10:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
/**
|
|
|
|
* LDAP Auth driver.
|
|
|
|
*
|
2013-07-12 10:35:54 +10:00
|
|
|
* @package Auth/LDAP
|
2013-07-10 22:59:46 +10:00
|
|
|
* @category Helpers
|
|
|
|
* @author Deon George
|
2013-07-12 10:35:54 +10:00
|
|
|
* @copyright (c) 2013 phpLDAPadmin Development Team
|
2013-07-10 22:59:46 +10:00
|
|
|
* @license http://dev.phpldapadmin.org/license.html
|
|
|
|
*/
|
|
|
|
class Kohana_Auth_LDAP extends Auth {
|
|
|
|
// Unnused required abstract functions
|
|
|
|
public function password($username) {}
|
|
|
|
public function check_password($password) {}
|
|
|
|
|
|
|
|
// Overrides
|
|
|
|
public function hash($str) {
|
|
|
|
// Since this is used automatically to encrypted a password, we need to suppress that for LDAP
|
|
|
|
if (! $this->_config['hash_key'])
|
|
|
|
return $str;
|
|
|
|
else
|
|
|
|
return parent::hash($str);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Logs a user in.
|
|
|
|
*
|
|
|
|
* @param string username
|
|
|
|
* @param string password
|
|
|
|
* @param boolean enable autologin (not supported)
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
protected function _login($user, $password, $remember) {
|
|
|
|
if ( ! is_object($user)) {
|
|
|
|
$username = $user;
|
|
|
|
|
|
|
|
// Load the user
|
|
|
|
// @todo Get the server ID
|
2013-07-12 10:35:54 +10:00
|
|
|
$user = LDAP::factory('user')->bind($username,$password);
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
// @todo Implement conditional logging based on memberships to groups or other criteria.
|
|
|
|
// @todo This check of user being logged in needs to be better
|
|
|
|
if ($user) {
|
|
|
|
/*
|
|
|
|
// @todo To implement
|
|
|
|
if ($remember === TRUE) {
|
|
|
|
// Token data
|
|
|
|
$data = array(
|
|
|
|
'user_id'=>$user->id,
|
|
|
|
'expires'=>time()+$this->_config['lifetime'],
|
|
|
|
'user_agent'=>sha1(Request::$user_agent),
|
|
|
|
);
|
|
|
|
|
|
|
|
// Create a new autologin token
|
|
|
|
$token = ORM::factory('user_token')
|
|
|
|
->values($data)
|
|
|
|
->create();
|
|
|
|
|
|
|
|
// Set the autologin cookie
|
|
|
|
Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
|
|
|
|
}
|
|
|
|
*/
|
|
|
|
|
|
|
|
// Finish the login
|
|
|
|
if (PHP_SAPI !== 'cli')
|
|
|
|
$this->complete_login($user);
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Login failed
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function logout($destroy=FALSE,$logout_all=FALSE) {
|
2013-07-12 10:35:54 +10:00
|
|
|
LDAP::factory('user')->disconnect();
|
2013-07-10 22:59:46 +10:00
|
|
|
|
|
|
|
if (PHP_SAPI !== 'cli')
|
|
|
|
return parent::logout($destroy,$logout_all);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|