add new api dfrn/remoteauth

allow 'user@server' as username in api_login()
This commit is contained in:
fabrixxm 2015-03-15 21:19:29 +01:00
parent 3355d00082
commit 11a83b2345
1 changed files with 69 additions and 1 deletions

View File

@ -102,6 +102,9 @@
$password = $_SERVER['PHP_AUTH_PW'];
$encrypted = hash('whirlpool',trim($password));
// allow "user@server" login (but ignore 'server' part)
$at=strstr($user, "@", true);
if ( $at ) $user=$at;
/**
* next code from mod/auth.php. needs better solution
@ -2666,6 +2669,70 @@
/**
* similar as /mod/redir.php
* redirect to 'url' after dfrn auth
*
* why this when there is mod/redir.php already?
* This use api_user() and api_login()
*
* params
* c_url: url of remote contact to auth to
* url: string, url to redirect after auth
*/
function api_dfrn_remoteauth(&$a) {
$url = ((x($_GET,'url')) ? $_GET['url'] : '');
$c_url = ((x($_GET,'c_url')) ? $_GET['c_url'] : '');
if ($url === '' || $c_url === '')
die((api_error($a, 'json', "Wrong parameters")));
$c_url = normalise_link($c_url);
// traditional DFRN
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `nurl` = '%s' LIMIT 1",
dbesc($c_url),
intval(api_user())
);
if ((! count($r)) || ($r[0]['network'] !== NETWORK_DFRN))
die((api_error($a, 'json', "Unknown contact")));
$cid = $r[0]['id'];
$dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
if($r[0]['duplex'] && $r[0]['issued-id']) {
$orig_id = $r[0]['issued-id'];
$dfrn_id = '1:' . $orig_id;
}
if($r[0]['duplex'] && $r[0]['dfrn-id']) {
$orig_id = $r[0]['dfrn-id'];
$dfrn_id = '0:' . $orig_id;
}
$sec = random_string();
q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
VALUES( %d, %s, '%s', '%s', %d )",
intval(api_user()),
intval($cid),
dbesc($dfrn_id),
dbesc($sec),
intval(time() + 45)
);
logger($r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = (($url) ? '&destination_url=' . $url : '');
goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&type=profile&sec=' . $sec . $dest . $quiet );
}
api_register_func('api/dfrn/remoteauth', 'api_dfrn_remoteauth', true);
function api_share_as_retweet(&$item) {
$body = trim($item["body"]);
@ -2884,6 +2951,7 @@ function api_best_nickname(&$contacts) {
$contacts = array($contacts[0]);
}
/*
Not implemented by now:
statuses/retweets_of_me