|
can be downloaded at [http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch]
|
|
-{code}
|
---- users/admin/admin_login_inc.php.stokes 2006-07-04 21:53:20.000000000 -0400
|
-+++ users/admin/admin_login_inc.php 2006-07-04 22:17:08.000000000 -0400
|
-@@ -300,4 +300,52 @@
|
- }
|
- }
|
+Patch is now full functional, yes there are a couple of workarounds in the patch, however, you have the ability to define imap server, port, stmp port, server, and it should validate against that and allow you to login. |
|
-+$mailSettings = array(
|
-+ 'mail_create_user_auth' => array(
|
-+ 'label' => "Create user if not in Mail server",
|
-+ 'type' => "checkbox",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_create_gBitDbUser' => array(
|
-+ 'label' => "Create user if not in bitweaver",
|
-+ 'type' => "checkbox",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_skip_admin' => array(
|
-+ 'label' => "Just use bitweaver auth for admin",
|
-+ 'type' => "checkbox",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_smtp_port' => array(
|
-+ 'label' => "SMTP port",
|
-+ 'type' => "text",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_smtp_server' => array(
|
-+ 'label' => "SMTP Server",
|
-+ 'type' => "text",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_imap_server' => array(
|
-+ 'label' => "IMAP Server",
|
-+ 'type' => "text",
|
-+ 'note' => "",
|
-+ ),
|
-+ 'mail_imap_port' => array(
|
-+ 'label' => "IMAP Port",
|
-+ 'type' => "text",
|
-+ 'note' => "",
|
-+ ),
|
-+);
|
-+$gBitSmarty->assign( 'mailSettings', $mailSettings );
|
-+
|
-+if( !empty( $_REQUEST["mail_submit"] ) ) {
|
-+ foreach( array_keys( $mailSettings ) as $feature ) {
|
-+ if( $mailSettings[$feature]['type'] == 'text' ) {
|
-+ simple_set_value( $feature, USERS_PKG_NAME );
|
-+ } else {
|
-+ simple_set_toggle( $feature, USERS_PKG_NAME );
|
-+ }
|
-+ }
|
-+}
|
- ?>
|
---- users/admin/schema_inc.php.stokes 2006-07-04 22:07:40.000000000 -0400
|
-+++ users/admin/schema_inc.php 2006-07-04 22:15:11.000000000 -0400
|
-@@ -273,6 +273,14 @@
|
- array(USERS_PKG_NAME,'auth_ldap_useroc','inetOrgPerson'),
|
- array(USERS_PKG_NAME,'auth_method','tiki'),
|
- array(USERS_PKG_NAME,'auth_skip_admin','y'),
|
-+ // # Mail Auth additions
|
-+ array(USERS_PKG_NAME,'mail_create_user_auth','n'),
|
-+ array(USERS_PKG_NAME,'mail_create_gBitDbUser','n'),
|
-+ array(USERS_PKG_NAME,'mail_smtp_port','25'),
|
-+ array(USERS_PKG_NAME,'mail_smtp_server',''),
|
-+ array(USERS_PKG_NAME,'mail_imap_server',''),
|
-+ array(USERS_PKG_NAME,'mail_imap_port','993'),
|
-+ array(USERS_PKG_NAME,'mail_skip_admin','y'),
|
- array(USERS_PKG_NAME,'allowRegister','y'),
|
- array(USERS_PKG_NAME,'feature_userfiles','n'),
|
- array(USERS_PKG_NAME,'forgotPass','y'),
|
---- users/BitUser.php.stokes 2006-07-04 22:11:41.000000000 -0400
|
-+++ users/BitUser.php 2006-07-04 22:44:28.000000000 -0400
|
-@@ -748,6 +748,12 @@
|
- $create_tiki = ($gBitSystem->getPreference("auth_create_gBitDbUser", "n") == "y");
|
- $create_auth = ($gBitSystem->getPreference("auth_create_user_auth", "n") == "y");
|
- $skip_admin = ($gBitSystem->getPreference("auth_skip_admin", "n") == "y");
|
-+ // see if we want to use mail auth
|
-+ $mail_auth = ($gBitSystem->getPreference("mail_submit", "mail") == "mailauth");
|
-+ $create__mail_tiki = ($gBitSystem->getPreference("mail_create_gBitDbUser", "n") == "y");
|
-+ $create__mail_auth = ($gBitSystem->getPreference("mail_create_user_auth", "n") == "y");
|
-+ $skip__mail_admin = ($gBitSystem->getPreference("mail_skip_admin", "n") == "y");
|
-+
|
- // first attempt a login via the standard Tiki system
|
- $userId = $this->validateBitUser($user, $pass, $challenge, $response);
|
- if ($userId) {
|
-@@ -782,6 +788,25 @@
|
-
|
- }
|
- }
|
-+ if ( !$mail_auth || ($user == "root" && $skip_admin) ) {
|
-+ // dunno what to put here, nothing to reference - stokes
|
-+ } elseif ( $mail_auth ) {
|
-+ $result = $this->validateMail($user,$pass);
|
-+ switch ($result) {
|
-+ case USER_VALID:
|
-+ unset($this->mErrors['login']);
|
-+ $userAuthValid = true;
|
-+ $userAuthPresent = true;
|
-+ break;
|
-+ case PASSWORD_INCORRECT:
|
-+ $this->mErrors['login'] = 'password incorrect';
|
-+ $userAuthPresent = true;
|
-+ break;
|
-+ case USER_NOT_FOUND:
|
-+ // disabled for w/e reason
|
-+ break;
|
-+ }
|
-+ }
|
- /*
|
- echo "userId: $userId
|
-";
|
- echo "auth_pear: $auth_pear
|
-";
|
-@@ -908,6 +933,23 @@
|
- return $ret;
|
- }
|
-
|
-+ function validateMail($user,$pass) {
|
-+ global $gBitSystem;
|
-+ // just make sure we're supposed to be here
|
-+ if ($gBitSystem->getPreference("mail_submit", "mail") != "mailauth")
|
-+ return false;
|
-+ $options["host"] = $gBitSystem->getPreference("mail_imap_server", "");
|
-+ $options["port"] = $gBitSystem->getPreference("mail_imap_port", "993");
|
-+
|
-+ $imapauth = imap_open('{'.$options['host']."/ssl/novalidate-cert".':'.$options["port"].'}INBOX',$user , $pass);
|
-+ if (!$imapauth) {
|
-+ print_r(imap_errors());
|
-+ $ret=USER_NOT_FOUND;
|
-+ } else {
|
-+ $ret=USER_VALID;
|
-+ }
|
-+ return $ret;
|
-+ }
|
- // validate the user in the bitweaver database - validation is case insensitive, and we like it that way!
|
- function validateBitUser( $pLogin, $pass, $challenge, $response ) {
|
- global $gBitSystem;
|
---- users/templates/admin_login.tpl.stokes 2006-07-04 21:41:14.000000000 -0400
|
-+++ users/templates/admin_login.tpl 2006-07-04 22:05:45.000000000 -0400
|
-@@ -10,6 +10,7 @@
|
- <option value="tiki" {if $auth_method eq 'tiki'} selected="selected"{/if}>{tr}Just bitweaver{/tr}</option>
|
- <option value="ws" {if $auth_method eq 'ws'} selected="selected"{/if}>{tr}Web Server{/tr}</option>
|
- <option value="auth" {if $auth_method eq 'auth'} selected="selected"{/if}>{tr}bitweaver and PEAR::Auth{/tr}</option>
|
-+ <option value="mail" {if $auth_method eq 'mail'} selected="selected"{/if}>{tr}bitweaver and mail{/tr}</option>
|
- </select>
|
- {formhelp note=""}
|
- {/forminput}
|
-@@ -148,4 +149,27 @@
|
- </div>
|
- {/form}
|
- {/jstab}
|
-+ {jstab title="Mail Authentication"}
|
-+ {form legend="Mail Authentication"}
|
-+ <input type="hidden" name="page" value="{$page}" />
|
-+ {foreach from=$mailSettings key=feature item=output}
|
-+ <div class="row">
|
-+ {formlabel label=`$output.label` for=$feature}
|
-+ {forminput}
|
-+ {if $output.type == 'text'}
|
-+ <input type="text" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
|
-+ {elseif $output.type == 'password'}
|
-+ <input type="password" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
|
-+ {else}
|
-+ {html_checkboxes name="$feature" values="y" checked=`$gBitSystemPrefs.$feature` labels=false id=$feature}
|
-+ {/if}
|
-+ {formhelp note=`$output.note` page=`$output.page` link=`$output.link`}
|
-+ {/forminput}
|
-+ </div>
|
-+ {/foreach}
|
-+ <div class="row submit">
|
-+ <input type="submit" name="mail_submit" value="{tr}Change preferences{/tr}" />
|
-+ </div>
|
-+ {/form}
|
-+ {/jstab}
|
- {/jstabs}
|
-{/code} |
+now you have an extra authentication mechanism :) |