Changeset 7033

Timestamp:

11/22/08 02:27:39 (7 weeks ago)

Author:

inureyes

Message:

refs #777

• Auth 클래스 정리.
  

Location:

trunk/library

Files:

• auth.php (modified) (1 diff)
• auth/Auth.php (modified) (6 diffs)

trunk/library/auth.php

@@ -5 +5 @@
 
 function login($loginid, $password, $preKnownPassword = null) {
-    global $service;
-    $loginid = POD::escapeString($loginid);
-    $blogid = getBlogId();
-    $userid = Auth::authenticate($blogid , $loginid, $password );
-
-    if( $userid === false ) {
-        return false;
-    }
-
-    if (empty($_POST['save'])) {
-        setcookie('TSSESSION_LOGINID', '', time() - 31536000, $service['path'] . '/', $service['domain']);
-    } else {
-        setcookie('TSSESSION_LOGINID', $loginid, time() + 31536000, $service['path'] . '/', $service['domain']);
-    }
-
-    if( in_array( "group.writers", Acl::getCurrentPrivilege() ) ) {
-        Session::authorize($blogid, $userid);
-    }
-    return true;
+    return Auth::login($loginid, $password, false);
 }
 
 function logout() {
-    fireEvent("Logout");
-    Acl::clearAcl();
-    Transaction::clear();
-    session_destroy();
+    Auth::logout();
 }
 

trunk/library/auth/Auth.php

@@ -105 +105 @@
     group.guests:         Guests
 */
-    function Privilege() {
+    function __construct() {
     }
 
@@ -347 +347 @@
 
 class Auth {
-    function login($loginid, $password) {
-        global $blogid;
-        if( Auth::authenticate($blogid,$loginid,$password,true) === false ) {
-            return false;
-        }
-        return true;
-    }
-
-    function authenticate( $blogid, $loginid, $password, $blogapi = false ) {
-        global $database;
-
+    public function login($loginid, $password, $checkOnly = true) {
+        $config = Config::getInstance();
+        $context = Context::getInstance();
+        if($checkOnly === true) {
+            if( Auth::authenticate($context->blogid,$loginid,$password,true) === false ) {
+                return false;
+            }
+            return true;
+        } else {    // Perform login process (browser)
+            $loginid = POD::escapeString($loginid);
+            $userid = Auth::authenticate($context->blogid , $loginid, $password );
+        
+            if( $userid === false ) {
+                return false;
+            }
+        
+            if (empty($_POST['save'])) {
+                setcookie('TSSESSION_LOGINID', '', time() - 31536000, $config->service['path'] . '/', $config->service['domain']);
+            } else {
+                setcookie('TSSESSION_LOGINID', $loginid, time() + 31536000, $config->service['path'] . '/', $config->service['domain']);
+            }
+        
+            if( in_array( "group.writers", Acl::getCurrentPrivilege() ) ) {
+                Session::authorize($context->blogid, $userid);
+            }
+            return true;
+        }
+    }
+
+    public function logout() {
+        fireEvent("Logout");
+        Acl::clearAcl();
+        Transaction::clear();
+        session_destroy();
+    }
+
+    public function authenticate( $blogid, $loginid, $password, $blogapi = false ) {
+        $config = Config::getInstance();
+        
         Acl::clearAcl();
         $loginid = POD::escapeString($loginid);
@@ -365 +393 @@
         if ((strlen($password) == 32) && preg_match('/[0-9a-f]{32}/i', $password)) {
             $userid=getUserIdByEmail($loginid);
-            $authtoken = POD::queryCell("SELECT value FROM {$database['prefix']}UserSettings WHERE userid = '$userid' AND name = 'AuthToken' LIMIT 1");
+            $authtoken = POD::queryCell("SELECT value FROM {$config->database['prefix']}UserSettings WHERE userid = '$userid' AND name = 'AuthToken' LIMIT 1");
             if (!empty($authtoken)) {
                 $password = POD::escapeString($password);
@@ -380 +408 @@
         }
 
-        $session = POD::queryRow("SELECT userid, loginid, name FROM {$database['prefix']}Users WHERE loginid = '$loginid' AND $secret");
+        $session = POD::queryRow("SELECT userid, loginid, name FROM {$config->database['prefix']}Users WHERE loginid = '$loginid' AND $secret");
         if ( empty($session) ) {
             /* You should compare return value with '=== false' which checks with variable types*/
@@ -388 +416 @@
 
         Acl::authorize( 'textcube', $userid );
-        POD::execute("UPDATE  {$database['prefix']}Users SET lastLogin = unix_timestamp() WHERE loginid = '$loginid'");
+        POD::execute("UPDATE {$config->database['prefix']}Users SET lastLogin = unix_timestamp() WHERE loginid = '$loginid'");
 //      POD::execute("DELETE FROM {$database['prefix']}UserSettings WHERE userid = '$userid' AND name = 'AuthToken' LIMIT 1");
         return $userid;
@@ -395 +423 @@
 }
 
+class Permission {
+    public function require($scope) {
+        switch($scope) {
+            case 'owner':
+            case 'member':
+                global $hostURL;
+                if( doesHaveMembership() ) return true;
+                $_SESSION['refererURI'] = $hostURL.$_SERVER['REQUEST_URI'];
+                requireLogin();
+        }
+    }
+}
 ?>