From 5dda909b0cfde7d1488321fed26a5eed194d063f Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Fri, 20 Dec 2013 16:52:21 +0000
Subject: [PATCH] Proof of concept for authentication
---
include/class.client.php | 23 +++++++++++++++++++++++
view.php | 4 +++-
2 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/include/class.client.php b/include/class.client.php
index 7464b841c..cb247882e 100644
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -239,5 +239,28 @@ class Client {
return false;
}
+
+ static function authlogin($auth) {
+ //Expecting authtoken
+ // <user type><id of the user type>x<version id of the algo used>h<hash>
+ $matches = array();
+ $regex='/^(?P<type>\w{1})(?P<id>\d+)x(?P<v>\d+)h(?P<hash>.*)$/i';
+ if (!preg_match($regex, $auth, $matches))
+ return false;
+
+ switch($matches['type']) {
+ case 'c': //Collaborator c<id>x<algo id used>h<hash for algo>
+ if (($c = Collaborator::lookup($matches['id']))
+ && strcasecmp($c->getAuthToken($matches['v']), $auth) == 0
+ )
+ return $c;
+ break;
+ case 'o': //Ticket owner
+
+ break;
+ }
+
+ return false;
+ }
}
?>
diff --git a/view.php b/view.php
index 10e5374fe..5adb76b67 100644
--- a/view.php
+++ b/view.php
@@ -22,8 +22,10 @@ if(!$thisclient || !$thisclient->isValid()) {
// * On login Client::login will redirect the user to tickets.php view.
// * See TODO above for planned multi-view.
$user = null;
- if($_GET['t'] && $_GET['e'] && $_GET['a'])
+ if ($_GET['t'] && $_GET['e'] && $_GET['a'])
$user = Client::login($_GET['t'], $_GET['e'], $_GET['a'], $errors);
+ elseif ($_GET['auth'])
+ var_dump(Client::authlogin($_GET['auth']));
//XXX: For now we're assuming the user is the ticket owner
// (multi-view based on auth token will come later).
--
GitLab