Skip to content
Snippets Groups Projects
Commit a8c82440 authored by Tom Needham's avatar Tom Needham
Browse files

API: Use http authentication, check the auth level required

parent 8b409dfe
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 22 additions and 19 deletions
lib/api.php
+ 22
19
View file @ a8c82440
...@@ -86,7 +86,7 @@ class OC_API { ...@@ -86,7 +86,7 @@ class OC_API {
foreach(self::$actions[$name] as $action){ foreach(self::$actions[$name] as $action){
$app = $action['app']; $app = $action['app'];
// Authorsie this call // Authorsie this call
if($this->isAuthorised($action)){ if(self::isAuthorised($action)){
if(is_callable($action['action'])){ if(is_callable($action['action'])){
$responses[] = array('app' => $app, 'response' => call_user_func($action['action'], $parameters)); $responses[] = array('app' => $app, 'response' => call_user_func($action['action'], $parameters));
} else { } else {
...@@ -105,7 +105,7 @@ class OC_API { ...@@ -105,7 +105,7 @@ class OC_API {
} else { } else {
self::respond($response); self::respond($response);
} }
// logout the user to be stateles // logout the user to be stateless
OC_User::logout(); OC_User::logout();
} }
...@@ -114,7 +114,7 @@ class OC_API { ...@@ -114,7 +114,7 @@ class OC_API {
* @param array $action the action details as supplied to OC_API::register() * @param array $action the action details as supplied to OC_API::register()
* @return bool * @return bool
*/ */
private function isAuthorised($action){ private static function isAuthorised($action){
$level = $action['authlevel']; $level = $action['authlevel'];
switch($level){ switch($level){
case OC_API::GUEST_AUTH: case OC_API::GUEST_AUTH:
...@@ -123,13 +123,25 @@ class OC_API { ...@@ -123,13 +123,25 @@ class OC_API {
break; break;
case OC_API::USER_AUTH: case OC_API::USER_AUTH:
// User required // User required
// Check url for username and password return self::loginUser();
break; break;
case OC_API::SUBADMIN_AUTH: case OC_API::SUBADMIN_AUTH:
// Check for subadmin // Check for subadmin
$user = self::loginUser();
if(!$user){
return false;
} else {
return OC_SubAdmin::isSubAdmin($user);
}
break; break;
case OC_API::ADMIN_AUTH: case OC_API::ADMIN_AUTH:
// Check for admin // Check for admin
$user = self::loginUser();
if(!$user){
return false;
} else {
return OC_Group::inGroup($user, 'admin');
}
break; break;
default: default:
// oops looks like invalid level supplied // oops looks like invalid level supplied
...@@ -139,11 +151,13 @@ class OC_API { ...@@ -139,11 +151,13 @@ class OC_API {
} }
/** /**
* gets login details from url and logs in the user * http basic auth
* @return bool * @return string|false (username, or false on failure)
*/ */
public function loginUser(){ private static function loginUser(){
// Todo $authuser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
$authpw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
return OC_User::login($authuser, $authpw) ? $authuser : false;
} }
/** /**
...@@ -222,17 +236,6 @@ class OC_API { ...@@ -222,17 +236,6 @@ class OC_API {
$writer->writeElement($k, $v); $writer->writeElement($k, $v);
} }
} }
}
/**
* check if the user is authenticated
*/
public static function checkLoggedIn(){
// Check OAuth
if(!OC_OAuth_Server::isAuthorised()){
OC_Response::setStatus(401);
die();
}
}
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment