The Hubzilla
 All Classes Namespaces Files Functions Variables Pages
Functions | Variables
auth.php File Reference

Functions and inline functionality for authentication. More...

Functions

 account_verify_password ($login, $pass)
 Verify login credentials. More...
 
 log_failed_login ($errormsg)
 Log failed logins to a separate auth log. More...
 
if((x($_POST, 'auth-params'))&&$_POST['auth-params']===
'login') 		match_openid ($authid)
 Returns the channel_id for a given openid_identity. More...
 

Variables

if((isset($_SESSION))&&(x($_SESSION,
'authenticated'))&&((!(x($_POST,
'auth-params')))||($_POST['auth-params']!==
'login'))) 		else
 

Detailed Description

Functions and inline functionality for authentication.

This file provides some functions for authentication handling and inline functionality. Look for auth parameters or re-validate an existing session also handles logout. Also provides a function for OpenID identiy matching.

Function Documentation

account_verify_password (   $login,
  $pass 
)

Verify login credentials.

If system.authlog is set a log entry will be added for failed login attempts.

Parameters
string$loginThe login to verify (channel address, account email or guest login token).
string$passThe provided password to verify.
Returns
array|null Returns account record on success, null on failure. The return array is dependent on the login mechanism. $ret['account'] will be set if either an email or channel address validation was successful (local login). $ret['channel'] will be set if a channel address validation was successful. $ret['xchan'] will be set if a guest access token validation was successful. Keys will exist for invalid return arrays but will be set to null. This function does not perform a login. It merely validates systems passwords and tokens.

Referenced by api_login(), Zotlabs\Module\Settings\Account\post(), Zotlabs\Module\Removeme\post(), Zotlabs\Module\Removeaccount\post(), and Zotlabs\Module\Changeaddr\post().

log_failed_login (   $errormsg)

Log failed logins to a separate auth log.

Can be used to reduce overhead for server side intrusion prevention, like parse the authlog file with something like fail2ban, OSSEC, etc.

Parameters
string$errormsgError message to display for failed login.

A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record Plugins should never set 'authenticated' except to indicate success - as hooks may be chained and later plugins should not interfere with an earlier one that succeeded.

Referenced by account_verify_password(), and api_login().

if ((x($_POST, 'auth-params'))&&$_POST['auth-params']=== 'login') match_openid (   $authid)

Returns the channel_id for a given openid_identity.

Queries the values from pconfig configuration for the given openid_identity and returns the corresponding channel_id.

Fixme:
How do we prevent that an OpenID identity is used more than once?
Parameters
string$authidThe given openid_identity
Returns
int|bool Return channel_id from pconfig or false.

Variable Documentation

if ((isset($_SESSION))&&(x($_SESSION, 'authenticated'))&&((!(x($_POST, 'auth-params')))||($_POST['auth-params']!== 'login'))) else
Initial value:
{
if(isset($_SESSION)) {
App::$session->nuke();
}
if((x($_POST, 'password')) && strlen($_POST['password']))
$encrypted = hash('whirlpool', trim($_POST['password']))
x
x($s, $k=null)
Multi-purpose function to check variable state.
Definition: boot.php:1292
App\$session
static $session
Definition: boot.php:752

Inline - not a function look for auth parameters or re-validate an existing session also handles logout