History of Mail Authentication patch
preliminary patch for implementing mail auth, could use some help on fully implementing this within bw. thanx
tested on at least bw 1.3.1
can be downloaded at [http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch]
{code}
--- users/admin/admin_login_inc.php.stokes 2006-07-04 21:53:20.000000000 -0400
+++ users/admin/admin_login_inc.php 2006-07-04 22:17:08.000000000 -0400
@@ -300,4 +300,52 @@
}
}
+$mailSettings = array(
+ 'mail_create_user_auth' => array(
+ 'label' => "Create user if not in Mail server",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_create_gBitDbUser' => array(
+ 'label' => "Create user if not in bitweaver",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_skip_admin' => array(
+ 'label' => "Just use bitweaver auth for admin",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_smtp_port' => array(
+ 'label' => "SMTP port",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_smtp_server' => array(
+ 'label' => "SMTP Server",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_imap_server' => array(
+ 'label' => "IMAP Server",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_imap_port' => array(
+ 'label' => "IMAP Port",
+ 'type' => "text",
+ 'note' => "",
+ ),
+);
+$gBitSmarty->assign( 'mailSettings', $mailSettings );
+
+if( !empty( $_REQUEST["mail_submit"] ) ) {
+ foreach( array_keys( $mailSettings ) as $feature ) {
+ if( $mailSettings[$feature]['type'] == 'text' ) {
+ simple_set_value( $feature, USERS_PKG_NAME );
+ } else {
+ simple_set_toggle( $feature, USERS_PKG_NAME );
+ }
+ }
+}
?>
--- users/admin/schema_inc.php.stokes 2006-07-04 22:07:40.000000000 -0400
+++ users/admin/schema_inc.php 2006-07-04 22:15:11.000000000 -0400
@@ -273,6 +273,14 @@
array(USERS_PKG_NAME,'auth_ldap_useroc','inetOrgPerson'),
array(USERS_PKG_NAME,'auth_method','tiki'),
array(USERS_PKG_NAME,'auth_skip_admin','y'),
+ // # Mail Auth additions
+ array(USERS_PKG_NAME,'mail_create_user_auth','n'),
+ array(USERS_PKG_NAME,'mail_create_gBitDbUser','n'),
+ array(USERS_PKG_NAME,'mail_smtp_port','25'),
+ array(USERS_PKG_NAME,'mail_smtp_server',''),
+ array(USERS_PKG_NAME,'mail_imap_server',''),
+ array(USERS_PKG_NAME,'mail_imap_port','993'),
+ array(USERS_PKG_NAME,'mail_skip_admin','y'),
array(USERS_PKG_NAME,'allowRegister','y'),
array(USERS_PKG_NAME,'feature_userfiles','n'),
array(USERS_PKG_NAME,'forgotPass','y'),
--- users/BitUser.php.stokes 2006-07-04 22:11:41.000000000 -0400
+++ users/BitUser.php 2006-07-04 22:44:28.000000000 -0400
@@ -748,6 +748,12 @@
$create_tiki = ($gBitSystem->getPreference("auth_create_gBitDbUser", "n") == "y");
$create_auth = ($gBitSystem->getPreference("auth_create_user_auth", "n") == "y");
$skip_admin = ($gBitSystem->getPreference("auth_skip_admin", "n") == "y");
+ // see if we want to use mail auth
+ $mail_auth = ($gBitSystem->getPreference("mail_submit", "mail") == "mailauth");
+ $create__mail_tiki = ($gBitSystem->getPreference("mail_create_gBitDbUser", "n") == "y");
+ $create__mail_auth = ($gBitSystem->getPreference("mail_create_user_auth", "n") == "y");
+ $skip__mail_admin = ($gBitSystem->getPreference("mail_skip_admin", "n") == "y");
+
// first attempt a login via the standard Tiki system
$userId = $this->validateBitUser($user, $pass, $challenge, $response);
if ($userId) {
@@ -782,6 +788,25 @@
}
}
+ if ( !$mail_auth || ($user == "root" && $skip_admin) ) {
+ // dunno what to put here, nothing to reference - stokes
+ } elseif ( $mail_auth ) {
+ $result = $this->validateMail($user,$pass);
+ switch ($result) {
+ case USER_VALID:
+ unset($this->mErrors['login']);
+ $userAuthValid = true;
+ $userAuthPresent = true;
+ break;
+ case PASSWORD_INCORRECT:
+ $this->mErrors['login'] = 'password incorrect';
+ $userAuthPresent = true;
+ break;
+ case USER_NOT_FOUND:
+ // disabled for w/e reason
+ break;
+ }
+ }
/*
echo "userId: $userId
";
echo "auth_pear: $auth_pear
";
@@ -908,6 +933,23 @@
return $ret;
}
+ function validateMail($user,$pass) {
+ global $gBitSystem;
+ // just make sure we're supposed to be here
+ if ($gBitSystem->getPreference("mail_submit", "mail") != "mailauth")
+ return false;
+ $options["host"] = $gBitSystem->getPreference("mail_imap_server", "");
+ $options["port"] = $gBitSystem->getPreference("mail_imap_port", "993");
+
+ $imapauth = imap_open('{'.$options['host']."/ssl/novalidate-cert".':'.$options["port"].'}INBOX',$user , $pass);
+ if (!$imapauth) {
+ print_r(imap_errors());
+ $ret=USER_NOT_FOUND;
+ } else {
+ $ret=USER_VALID;
+ }
+ return $ret;
+ }
// validate the user in the bitweaver database - validation is case insensitive, and we like it that way!
function validateBitUser( $pLogin, $pass, $challenge, $response ) {
global $gBitSystem;
--- users/templates/admin_login.tpl.stokes 2006-07-04 21:41:14.000000000 -0400
+++ users/templates/admin_login.tpl 2006-07-04 22:05:45.000000000 -0400
@@ -10,6 +10,7 @@
<option value="tiki" {if $auth_method eq 'tiki'} selected="selected"{/if}>{tr}Just bitweaver{/tr}</option>
<option value="ws" {if $auth_method eq 'ws'} selected="selected"{/if}>{tr}Web Server{/tr}</option>
<option value="auth" {if $auth_method eq 'auth'} selected="selected"{/if}>{tr}bitweaver and PEAR::Auth{/tr}</option>
+ <option value="mail" {if $auth_method eq 'mail'} selected="selected"{/if}>{tr}bitweaver and mail{/tr}</option>
</select>
{formhelp note=""}
{/forminput}
@@ -148,4 +149,27 @@
</div>
{/form}
{/jstab}
+ {jstab title="Mail Authentication"}
+ {form legend="Mail Authentication"}
+ <input type="hidden" name="page" value="{$page}" />
+ {foreach from=$mailSettings key=feature item=output}
+ <div class="row">
+ {formlabel label=`$output.label` for=$feature}
+ {forminput}
+ {if $output.type == 'text'}
+ <input type="text" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+ {elseif $output.type == 'password'}
+ <input type="password" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+ {else}
+ {html_checkboxes name="$feature" values="y" checked=`$gBitSystemPrefs.$feature` labels=false id=$feature}
+ {/if}
+ {formhelp note=`$output.note` page=`$output.page` link=`$output.link`}
+ {/forminput}
+ </div>
+ {/foreach}
+ <div class="row submit">
+ <input type="submit" name="mail_submit" value="{tr}Change preferences{/tr}" />
+ </div>
+ {/form}
+ {/jstab}
{/jstabs}
{/code}
tested on at least bw 1.3.1
can be downloaded at [http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch]
{code}
--- users/admin/admin_login_inc.php.stokes 2006-07-04 21:53:20.000000000 -0400
+++ users/admin/admin_login_inc.php 2006-07-04 22:17:08.000000000 -0400
@@ -300,4 +300,52 @@
}
}
+$mailSettings = array(
+ 'mail_create_user_auth' => array(
+ 'label' => "Create user if not in Mail server",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_create_gBitDbUser' => array(
+ 'label' => "Create user if not in bitweaver",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_skip_admin' => array(
+ 'label' => "Just use bitweaver auth for admin",
+ 'type' => "checkbox",
+ 'note' => "",
+ ),
+ 'mail_smtp_port' => array(
+ 'label' => "SMTP port",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_smtp_server' => array(
+ 'label' => "SMTP Server",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_imap_server' => array(
+ 'label' => "IMAP Server",
+ 'type' => "text",
+ 'note' => "",
+ ),
+ 'mail_imap_port' => array(
+ 'label' => "IMAP Port",
+ 'type' => "text",
+ 'note' => "",
+ ),
+);
+$gBitSmarty->assign( 'mailSettings', $mailSettings );
+
+if( !empty( $_REQUEST["mail_submit"] ) ) {
+ foreach( array_keys( $mailSettings ) as $feature ) {
+ if( $mailSettings[$feature]['type'] == 'text' ) {
+ simple_set_value( $feature, USERS_PKG_NAME );
+ } else {
+ simple_set_toggle( $feature, USERS_PKG_NAME );
+ }
+ }
+}
?>
--- users/admin/schema_inc.php.stokes 2006-07-04 22:07:40.000000000 -0400
+++ users/admin/schema_inc.php 2006-07-04 22:15:11.000000000 -0400
@@ -273,6 +273,14 @@
array(USERS_PKG_NAME,'auth_ldap_useroc','inetOrgPerson'),
array(USERS_PKG_NAME,'auth_method','tiki'),
array(USERS_PKG_NAME,'auth_skip_admin','y'),
+ // # Mail Auth additions
+ array(USERS_PKG_NAME,'mail_create_user_auth','n'),
+ array(USERS_PKG_NAME,'mail_create_gBitDbUser','n'),
+ array(USERS_PKG_NAME,'mail_smtp_port','25'),
+ array(USERS_PKG_NAME,'mail_smtp_server',''),
+ array(USERS_PKG_NAME,'mail_imap_server',''),
+ array(USERS_PKG_NAME,'mail_imap_port','993'),
+ array(USERS_PKG_NAME,'mail_skip_admin','y'),
array(USERS_PKG_NAME,'allowRegister','y'),
array(USERS_PKG_NAME,'feature_userfiles','n'),
array(USERS_PKG_NAME,'forgotPass','y'),
--- users/BitUser.php.stokes 2006-07-04 22:11:41.000000000 -0400
+++ users/BitUser.php 2006-07-04 22:44:28.000000000 -0400
@@ -748,6 +748,12 @@
$create_tiki = ($gBitSystem->getPreference("auth_create_gBitDbUser", "n") == "y");
$create_auth = ($gBitSystem->getPreference("auth_create_user_auth", "n") == "y");
$skip_admin = ($gBitSystem->getPreference("auth_skip_admin", "n") == "y");
+ // see if we want to use mail auth
+ $mail_auth = ($gBitSystem->getPreference("mail_submit", "mail") == "mailauth");
+ $create__mail_tiki = ($gBitSystem->getPreference("mail_create_gBitDbUser", "n") == "y");
+ $create__mail_auth = ($gBitSystem->getPreference("mail_create_user_auth", "n") == "y");
+ $skip__mail_admin = ($gBitSystem->getPreference("mail_skip_admin", "n") == "y");
+
// first attempt a login via the standard Tiki system
$userId = $this->validateBitUser($user, $pass, $challenge, $response);
if ($userId) {
@@ -782,6 +788,25 @@
}
}
+ if ( !$mail_auth || ($user == "root" && $skip_admin) ) {
+ // dunno what to put here, nothing to reference - stokes
+ } elseif ( $mail_auth ) {
+ $result = $this->validateMail($user,$pass);
+ switch ($result) {
+ case USER_VALID:
+ unset($this->mErrors['login']);
+ $userAuthValid = true;
+ $userAuthPresent = true;
+ break;
+ case PASSWORD_INCORRECT:
+ $this->mErrors['login'] = 'password incorrect';
+ $userAuthPresent = true;
+ break;
+ case USER_NOT_FOUND:
+ // disabled for w/e reason
+ break;
+ }
+ }
/*
echo "userId: $userId
";
echo "auth_pear: $auth_pear
";
@@ -908,6 +933,23 @@
return $ret;
}
+ function validateMail($user,$pass) {
+ global $gBitSystem;
+ // just make sure we're supposed to be here
+ if ($gBitSystem->getPreference("mail_submit", "mail") != "mailauth")
+ return false;
+ $options["host"] = $gBitSystem->getPreference("mail_imap_server", "");
+ $options["port"] = $gBitSystem->getPreference("mail_imap_port", "993");
+
+ $imapauth = imap_open('{'.$options['host']."/ssl/novalidate-cert".':'.$options["port"].'}INBOX',$user , $pass);
+ if (!$imapauth) {
+ print_r(imap_errors());
+ $ret=USER_NOT_FOUND;
+ } else {
+ $ret=USER_VALID;
+ }
+ return $ret;
+ }
// validate the user in the bitweaver database - validation is case insensitive, and we like it that way!
function validateBitUser( $pLogin, $pass, $challenge, $response ) {
global $gBitSystem;
--- users/templates/admin_login.tpl.stokes 2006-07-04 21:41:14.000000000 -0400
+++ users/templates/admin_login.tpl 2006-07-04 22:05:45.000000000 -0400
@@ -10,6 +10,7 @@
<option value="tiki" {if $auth_method eq 'tiki'} selected="selected"{/if}>{tr}Just bitweaver{/tr}</option>
<option value="ws" {if $auth_method eq 'ws'} selected="selected"{/if}>{tr}Web Server{/tr}</option>
<option value="auth" {if $auth_method eq 'auth'} selected="selected"{/if}>{tr}bitweaver and PEAR::Auth{/tr}</option>
+ <option value="mail" {if $auth_method eq 'mail'} selected="selected"{/if}>{tr}bitweaver and mail{/tr}</option>
</select>
{formhelp note=""}
{/forminput}
@@ -148,4 +149,27 @@
</div>
{/form}
{/jstab}
+ {jstab title="Mail Authentication"}
+ {form legend="Mail Authentication"}
+ <input type="hidden" name="page" value="{$page}" />
+ {foreach from=$mailSettings key=feature item=output}
+ <div class="row">
+ {formlabel label=`$output.label` for=$feature}
+ {forminput}
+ {if $output.type == 'text'}
+ <input type="text" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+ {elseif $output.type == 'password'}
+ <input type="password" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+ {else}
+ {html_checkboxes name="$feature" values="y" checked=`$gBitSystemPrefs.$feature` labels=false id=$feature}
+ {/if}
+ {formhelp note=`$output.note` page=`$output.page` link=`$output.link`}
+ {/forminput}
+ </div>
+ {/foreach}
+ <div class="row submit">
+ <input type="submit" name="mail_submit" value="{tr}Change preferences{/tr}" />
+ </div>
+ {/form}
+ {/jstab}
{/jstabs}
{/code}