mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
52 lines
1.3 KiB
PHP
52 lines
1.3 KiB
PHP
|
<?php
|
||
|
|
||
|
/**
|
||
|
* Provides an interface to HTTP basic authentication.
|
||
|
*/
|
||
|
class BasicAuth extends Object {
|
||
|
/**
|
||
|
* Require basic authentication. Will request a username and password if none is given.
|
||
|
* @param memberValidationFunction A boolean method to call on the member to validate them.
|
||
|
*/
|
||
|
static function requireLogin($realm, $permissionCode) {
|
||
|
if(self::$disabled) return true;
|
||
|
|
||
|
|
||
|
if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
|
||
|
$member = Security::authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
|
||
|
if($member) {
|
||
|
$authenticated = true;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// If we've failed the authentication mechanism, then show the login form
|
||
|
if(!isset($authenticated)) {
|
||
|
header("WWW-Authenticate: Basic realm=\"$realm\"");
|
||
|
header('HTTP/1.0 401 Unauthorized');
|
||
|
|
||
|
if(isset($_SERVER['PHP_AUTH_USER'])) {
|
||
|
echo "That username / password isn't recognised";
|
||
|
} else {
|
||
|
echo "Please enter a username and password.";
|
||
|
}
|
||
|
|
||
|
die();
|
||
|
}
|
||
|
|
||
|
if(!Permission::checkMember($member->ID, 'ADMIN')) {
|
||
|
header("WWW-Authenticate: Basic realm=\"$realm\"");
|
||
|
header('HTTP/1.0 401 Unauthorized');
|
||
|
|
||
|
if(isset($_SERVER['PHP_AUTH_USER'])) {
|
||
|
echo "That user is not an administrator.";
|
||
|
}
|
||
|
|
||
|
die();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
static protected $disabled;
|
||
|
static function disable() {
|
||
|
self::$disabled = true;
|
||
|
}
|
||
|
}
|