openid logins working

This commit is contained in:
Friendika 2010-11-17 17:03:27 -08:00
parent 1d420e473f
commit 875b31fb8e
2 changed files with 74 additions and 8 deletions

View file

@ -67,16 +67,30 @@ else {
unset($_SESSION['page_flags']);
}
if(x($_POST,'password'))
if((x($_POST,'password')) && strlen($_POST['password']))
$encrypted = hash('whirlpool',trim($_POST['password']));
else {
if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
require_once('library/openid.php');
$openid = new LightOpenID;
$openid->identity = trim($_POST['login-name']);
$a = get_app();
$openid->returnUrl = $a->get_baseurl() . '/openid';
goaway($openid->authUrl());
if((x($_POST,'login-name')) && strlen($_POST['login-name'])) {
$openid_url = trim($_POST['login-name']);
$r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1",
dbesc($openid_url)
);
if(count($r)) {
require_once('library/openid.php');
$openid = new LightOpenID;
$openid->identity = $openid_url;
$_SESSION['openid'] = $openid_url;
$a = get_app();
$openid->returnUrl = $a->get_baseurl() . '/openid';
goaway($openid->authUrl());
// NOTREACHED
}
else {
$a = get_app();
notice( t('Login failed.') . EOL);
goaway($a->get_baseurl());
// NOTREACHED
}
}
}
if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {

52
mod/openid.php Normal file
View file

@ -0,0 +1,52 @@
<?php
require_once('library/openid.php');
function openid_content(&$a) {
if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
$openid = new LightOpenID;
if($openid->validate()) {
$r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
dbesc($_SESSION['openid'])
);
if(! count($r)) {
notice( t('Login failed.') . EOL );
goaway($a->get_baseurl());
}
unset($_SESSION['openid']);
$_SESSION['uid'] = $r[0]['uid'];
$_SESSION['theme'] = $r[0]['theme'];
$_SESSION['authenticated'] = 1;
$_SESSION['page_flags'] = $r[0]['page-flags'];
$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
notice( t("Welcome back ") . $r[0]['username'] . EOL);
$a->user = $r[0];
if(strlen($a->user['timezone']))
date_default_timezone_set($a->user['timezone']);
$r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
intval($_SESSION['uid']));
if(count($r)) {
$a->contact = $r[0];
$a->cid = $r[0]['id'];
$_SESSION['cid'] = $a->cid;
}
header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
if(($a->module !== 'home') && isset($_SESSION['return_url']))
goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
else
goaway($a->get_baseurl());
}
}
notice( t('Login failed.') . EOL);
goaway($a->get_baseurl());
// NOTREACHED
}