Go to most recent revision | Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 104 | daniel-mar | 1 | <?php |
| 2 | |||
| 3 | /* |
||
| 4 | * OIDplus 2.0 |
||
| 5 | * Copyright 2019 Daniel Marschall, ViaThinkSoft |
||
| 6 | * |
||
| 7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 8 | * you may not use this file except in compliance with the License. |
||
| 9 | * You may obtain a copy of the License at |
||
| 10 | * |
||
| 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 12 | * |
||
| 13 | * Unless required by applicable law or agreed to in writing, software |
||
| 14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 16 | * See the License for the specific language governing permissions and |
||
| 17 | * limitations under the License. |
||
| 18 | */ |
||
| 19 | |||
| 20 | class OIDplusPagePublicLogin extends OIDplusPagePlugin { |
||
| 21 | public function type() { |
||
| 22 | return 'public'; |
||
| 23 | } |
||
| 24 | |||
| 25 | public function priority() { |
||
| 26 | return 90; |
||
| 27 | } |
||
| 28 | |||
| 29 | public function action(&$handled) { |
||
| 30 | // === RA LOGIN/LOGOUT === |
||
| 31 | |||
| 32 | if ($_POST["action"] == "ra_login") { |
||
| 33 | $handled = true; |
||
| 34 | |||
| 35 | $ra = new OIDplusRA($_POST['email']); |
||
| 36 | |||
| 37 | if (RECAPTCHA_ENABLED) { |
||
| 38 | $secret=RECAPTCHA_PRIVATE; |
||
| 39 | $response=$_POST["captcha"]; |
||
| 40 | $verify=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret={$secret}&response={$response}"); |
||
| 41 | $captcha_success=json_decode($verify); |
||
| 42 | if ($captcha_success->success==false) { |
||
| 43 | die('Captcha wrong'); |
||
| 44 | } |
||
| 45 | } |
||
| 46 | |||
| 47 | if ($ra->checkPassword($_POST['password'])) { |
||
| 48 | OIDplus::authUtils()::raLogin($_POST['email']); |
||
| 49 | |||
| 50 | if (!OIDplus::db()->query("UPDATE ".OIDPLUS_TABLENAME_PREFIX."ra set last_login = now() where email = '".OIDplus::db()->real_escape_string($_POST['email'])."'")) { |
||
| 51 | die(OIDplus::db()->error()); |
||
| 52 | } |
||
| 53 | |||
| 54 | echo "OK"; |
||
| 55 | } else { |
||
| 56 | echo "Wrong password"; |
||
| 57 | } |
||
| 58 | } |
||
| 59 | if ($_POST["action"] == "ra_logout") { |
||
| 60 | $handled = true; |
||
| 61 | OIDplus::authUtils()::raLogout($_POST['email']); |
||
| 62 | echo "OK"; |
||
| 63 | } |
||
| 64 | |||
| 65 | // === ADMIN LOGIN/LOGOUT === |
||
| 66 | |||
| 67 | if ($_POST["action"] == "admin_login") { |
||
| 68 | $handled = true; |
||
| 69 | |||
| 70 | if (RECAPTCHA_ENABLED) { |
||
| 71 | $secret=RECAPTCHA_PRIVATE; |
||
| 72 | $response=$_POST["captcha"]; |
||
| 73 | $verify=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret={$secret}&response={$response}"); |
||
| 74 | $captcha_success=json_decode($verify); |
||
| 75 | if ($captcha_success->success==false) { |
||
| 76 | die('Captcha wrong'); |
||
| 77 | } |
||
| 78 | } |
||
| 79 | |||
| 80 | if (OIDplus::authUtils()::adminCheckPassword($_POST['password'])) { |
||
| 81 | OIDplus::authUtils()::adminLogin(); |
||
| 82 | echo "OK"; |
||
| 83 | } else { |
||
| 84 | echo "Wrong password"; |
||
| 85 | } |
||
| 86 | } |
||
| 87 | if ($_POST["action"] == "admin_logout") { |
||
| 88 | $handled = true; |
||
| 89 | OIDplus::authUtils()::adminLogout(); |
||
| 90 | echo "OK"; |
||
| 91 | } |
||
| 92 | } |
||
| 93 | |||
| 94 | public function init($html=true) { |
||
| 95 | } |
||
| 96 | |||
| 97 | public function cfgSetValue($name, $value) { |
||
| 98 | } |
||
| 99 | |||
| 100 | public function gui($id, &$out, &$handled) { |
||
| 101 | if ($id === 'oidplus:login') { |
||
| 102 | $handled = true; |
||
| 103 | $out['title'] = 'Login'; |
||
| 104 | $out['icon'] = 'plugins/publicPages/'.basename(__DIR__).'/login_big.png'; |
||
| 105 | |||
| 106 | $out['text'] .= '<noscript>'; |
||
| 107 | $out['text'] .= '<p>You need to enable JavaScript to use the login area.</p>'; |
||
| 108 | $out['text'] .= '</noscript>'; |
||
| 109 | |||
| 110 | $out['text'] .= (RECAPTCHA_ENABLED ? '<script> grecaptcha.render(document.getElementById("g-recaptcha"), { "sitekey" : "'.RECAPTCHA_PUBLIC.'" }); </script>'. |
||
| 111 | '<p>Before logging in, please solve the following CAPTCHA</p><div id="g-recaptcha" class="g-recaptcha" data-sitekey="'.RECAPTCHA_PUBLIC.'"></div>' : ''); |
||
| 112 | |||
| 113 | |||
| 114 | $out['text'] .= '<br>'; |
||
| 115 | |||
| 116 | $out['text'] .= '<script>document.getElementById("loginArea").style.visibility = "visible";</script>'; |
||
| 117 | $out['text'] .= '<div id="loginArea" style="visibility: hidden"><div id="loginTab" class="container" style="width:100%;">'; |
||
| 118 | $out['text'] .= '<ul class="nav nav-pills">'; |
||
| 119 | $out['text'] .= ' <li class="active">'; |
||
| 120 | $out['text'] .= ' <a href="#1a" data-toggle="tab">Login as RA</a>'; |
||
| 121 | $out['text'] .= ' </li>'; |
||
| 122 | $out['text'] .= ' <li><a href="#2a" data-toggle="tab">Login as administrator</a>'; |
||
| 123 | $out['text'] .= ' </li>'; |
||
| 124 | $out['text'] .= ' </ul>'; |
||
| 125 | $out['text'] .= ' <div class="tab-content clearfix">'; |
||
| 126 | $out['text'] .= ' <div class="tab-pane active" id="1a">'; |
||
| 127 | |||
| 128 | $out['text'] .= '<h2>Login as RA</h2>'; |
||
| 129 | |||
| 130 | $login_list = OIDplus::authUtils()->loggedInRaList(); |
||
| 131 | if (count($login_list) > 0) { |
||
| 132 | foreach (OIDplus::authUtils()->loggedInRaList() as $x) { |
||
| 133 | $out['text'] .= '<p>You are logged in as <b>'.$x.'</b> (<a href="#" onclick="return raLogout('.js_escape($x).');">Logout</a>)</p>'; |
||
| 134 | } |
||
| 135 | $out['text'] .= '<p>If you have more accounts, you can log in with a new account:</p>'; |
||
| 136 | } else { |
||
| 137 | $out['text'] .= '<p>Enter your email address and your password to log in as Registration Authority.</p>'; |
||
| 138 | } |
||
| 139 | $out['text'] .= '<form action="action.php" method="POST" onsubmit="return raLoginOnSubmit(this);">'; |
||
| 140 | $out['text'] .= '<input type="hidden" name="action" value="ra_login">'; |
||
| 141 | $out['text'] .= '<label class="padding_label">E-Mail:</label><input type="text" name="email" value="" id="raLoginEMail"><br>'; |
||
| 142 | $out['text'] .= '<label class="padding_label">Password:</label><input type="password" name="password" value="" id="raLoginPassword"><br><br>'; |
||
| 143 | $out['text'] .= '<input type="submit" value="Login"><br><br>'; |
||
| 144 | $out['text'] .= '</form>'; |
||
| 145 | $out['text'] .= '<p><a href="?goto=oidplus:forgot_password">Forgot password?</a><br>'; |
||
| 146 | $out['text'] .= '<abbr title="To receive login data, the superior RA needs to send you an invitation. After creating or updating your OID, the system will ask them if they want to send you an invitation. If they accept, you will receive an email with an activation link.">How to register?</abbr></p>'; |
||
| 147 | |||
| 148 | $out['text'] .= ' </div>'; |
||
| 149 | $out['text'] .= ' <div class="tab-pane" id="2a">'; |
||
| 150 | |||
| 151 | if (OIDplus::authUtils()::isAdminLoggedIn()) { |
||
| 152 | $out['text'] .= '<h2>Admin login</h2>'; |
||
| 153 | $out['text'] .= '<p>You are logged in as administrator.</p>'; |
||
| 154 | $out['text'] .= '<a href="#" onclick="return adminLogout();">Logout</a>'; |
||
| 155 | } else { |
||
| 156 | $out['text'] .= '<h2>Login as administrator</h2>'; |
||
| 157 | $out['text'] .= '<form action="action.php" method="POST" onsubmit="return adminLoginOnSubmit(this);">'; |
||
| 158 | $out['text'] .= '<input type="hidden" name="action" value="admin_login">'; |
||
| 159 | $out['text'] .= '<label class="padding_label">Password:</label><input type="password" name="password" value="" id="adminLoginPassword"><br><br>'; |
||
| 160 | $out['text'] .= '<input type="submit" value="Login"><br><br>'; |
||
| 161 | $out['text'] .= '</form>'; |
||
| 162 | $out['text'] .= '<p><abbr title="Delete the file includes/config.inc.php and reload the page to start Setup again">Forgot password?</abbr></p>'; |
||
| 163 | } |
||
| 164 | |||
| 165 | $out['text'] .= ' </div>'; |
||
| 166 | $out['text'] .= ' </div>'; |
||
| 167 | $out['text'] .= ' </div><br>'; |
||
| 168 | $out['text'] .= '<p><font size="-1"><i>Privacy information</i>: By using the login functionality, you are accepting that a "session cookie" is temporarily stored in your browser. '. |
||
| 169 | 'The session cookie is a small text file that is sent to this website every time you visit it, to identify you as an already logged in user. '. |
||
| 170 | 'It does not track any of your online activities outside OIDplus. The cookie will be destroyed when you log out or after an inactivity of '.ceil(SESSION_LIFETIME/60).' minutes.</font></p></div>'; |
||
| 171 | } |
||
| 172 | } |
||
| 173 | |||
| 174 | public function tree(&$json, $ra_email=null, $nonjs=false) { |
||
| 175 | $loginChildren = array(); |
||
| 176 | |||
| 177 | if (OIDplus::authUtils()::isAdminLoggedIn()) { |
||
| 178 | $ra_roots = array(); |
||
| 179 | |||
| 180 | foreach (OIDplus::getPagePlugins('admin') as $plugin) { |
||
| 181 | $plugin->tree($ra_roots); |
||
| 182 | } |
||
| 183 | |||
| 184 | $ra_roots[] = array( |
||
| 185 | 'id' => 'oidplus:logout$admin', |
||
| 186 | 'icon' => 'plugins/publicPages/'.basename(__DIR__).'/treeicon_logout.png', |
||
| 187 | 'conditionalselect' => 'adminLogout()', // defined in oidplus.js |
||
| 188 | 'text' => 'Log out' |
||
| 189 | ); |
||
| 190 | $loginChildren[] = array( |
||
| 191 | 'id' => 'oidplus:dummy$'.md5(rand()), |
||
| 192 | 'text' => "Logged in as admin", |
||
| 193 | 'icon' => 'plugins/publicPages/'.basename(__DIR__).'/treeicon_admin.png', |
||
| 194 | 'conditionalselect' => 'false', // dummy node that can't be selected |
||
| 195 | 'state' => array("opened" => true), |
||
| 196 | 'children' => $ra_roots |
||
| 197 | ); |
||
| 198 | } |
||
| 199 | |||
| 200 | $ra_emails = OIDplus::authUtils()::loggedInRaList(); |
||
| 201 | |||
| 202 | foreach ($ra_emails as $ra_email) { |
||
| 203 | $ra_roots = array(); |
||
| 204 | |||
| 205 | foreach (OIDplus::getPagePlugins('ra') as $plugin) { |
||
| 206 | $plugin->tree($ra_roots, $ra_email); |
||
| 207 | } |
||
| 208 | |||
| 209 | $ra_roots[] = array( |
||
| 210 | 'id' => 'oidplus:logout$'.$ra_email, |
||
| 211 | 'conditionalselect' => 'raLogout("'.js_escape($ra_email).'")', // defined in oidplus.js |
||
| 212 | 'icon' => 'plugins/publicPages/'.basename(__DIR__).'/treeicon_logout.png', |
||
| 213 | 'text' => 'Log out' |
||
| 214 | ); |
||
| 215 | foreach (OIDplusObject::getRaRoots($ra_email) as $loc_root) { |
||
| 216 | $ico = $loc_root->getIcon(); |
||
| 217 | $ra_roots[] = array( |
||
| 218 | 'id' => 'oidplus:raroot$'.$loc_root->nodeId(), |
||
| 219 | 'text' => 'Jump to RA root '.$loc_root->objectTypeTitleShort().' '.$loc_root->crudShowId(OIDplusObject::parse($loc_root::root())), |
||
| 220 | 'conditionalselect' => '$("#content_window").html(""); document.location = "?goto="+encodeURI('.js_escape($loc_root->nodeId()).');', |
||
| 221 | 'icon' => !is_null($ico) ? $ico : 'plugins/publicPages/'.basename(__DIR__).'/treeicon_link.png' |
||
| 222 | ); |
||
| 223 | } |
||
| 224 | $ra_email_or_name = (new OIDplusRA($ra_email))->raName(); |
||
| 225 | if ($ra_email_or_name == '') $ra_email_or_name = $ra_email; |
||
| 226 | $loginChildren[] = array( |
||
| 227 | 'id' => 'oidplus:dummy$'.md5(rand()), |
||
| 228 | 'text' => "Logged in as ".htmlentities($ra_email_or_name), |
||
| 229 | 'icon' => 'plugins/publicPages/'.basename(__DIR__).'/treeicon_ra.png', |
||
| 230 | 'conditionalselect' => 'false', // dummy node that can't be selected |
||
| 231 | 'state' => array("opened" => true), |
||
| 232 | 'children' => $ra_roots |
||
| 233 | ); |
||
| 234 | } |
||
| 235 | |||
| 236 | $json[] = array( |
||
| 237 | 'id' => 'oidplus:login', |
||
| 238 | 'icon' => 'plugins/publicPages/'.basename(__DIR__).'/treeicon_login.png', |
||
| 239 | 'text' => 'Login', |
||
| 240 | 'state' => array("opened" => count($loginChildren)>0), |
||
| 241 | 'children' => $loginChildren |
||
| 242 | ); |
||
| 243 | |||
| 244 | return true; |
||
| 245 | } |
||
| 246 | } |
||
| 247 | |||
| 248 | OIDplus::registerPagePlugin(new OIDplusPagePublicLogin()); |