thumb: indicate 1 month caching of generated output

[minimedit.git] / auth.inc.php

diff --git a/auth.inc.php b/auth.inc.php
old mode 100755 (executable)
new mode 100644 (file)
index 363fc71..4d9b29e
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -1,4 +1,76 @@
 <?php
+date_default_timezone_set('Europe/Amsterdam');
+
+class User
+{
+       function __construct($dir)
+       {
+               if (!file_exists($dir)) {
+                       throw new Exception("Gebruiker niet gevonden in $dir");
+               }
+               $this->dir = $dir;
+               $this->login = basename($dir);
+       }
+
+       function __get($col)
+       {
+               return $this->$col = $this->$col();  # run method and cache
+       }
+
+       function rawname()
+       {
+               return rtrim(@file_get_contents("{$this->dir}/name.txt"));
+       }
+
+       function name()
+       {
+               return htmlspecialchars(implode(' & ', explode("\n", $this->rawname)));
+       }
+
+       function html()
+       {
+               return $this->name ?: $this->login;
+       }
+
+       function email()
+       {
+               return rtrim(@file_get_contents("{$this->dir}/email.txt"));
+       }
+
+       function admin()
+       {
+               return @file_exists("{$this->dir}/.admin");
+       }
+
+       function seen()
+       {
+               return @filemtime("{$this->dir}/last.log");
+       }
+
+       function logclient()
+       {
+               if ($log = @fopen("{$this->dir}/last.log", 'w')) {
+                       $line = $_SERVER['REMOTE_ADDR'].' '.$_SERVER['HTTP_USER_AGENT'];
+                       fwrite($log, $line."\n");
+               }
+       }
+}
+
+function login_password_verify($input, $test)
+{
+       if (substr($test, 0, 1) != '$') {
+               # plaintext match for uncrypted passwords
+               return $input === $test;
+       }
+       return password_verify($input, $test);
+}
+
+function login_setcookie()
+{
+       global $User;
+       return setcookie('login', $User->auth, 0, '/');
+}
+
 function login($inuser, $inpass = NULL)
 {
        if (empty($inuser)) return;
@@ -6,33 +78,29 @@ function login($inuser, $inpass = NULL)
                @list ($inuser, $inauth) = explode(':', $inuser, 2);
        }
 
-       # create pwlist table from htpasswd
-       $pwdata = file_get_contents('./.htpasswd');
-       $pwlist = [];
-       foreach (explode("\n", $pwdata) as $line) {
-               if (!$line) continue;
-               list ($username, $pass) = explode(':', $line);
-               $pwlist[$username] = $pass;
-       }
-
-       # find user by name
-       $usertest = @$pwlist[ strtolower($inuser) ];
+       # find password data by user name
+       $userdir = 'profile/'.preg_replace('/[^a-z0-9]+/', '-', strtolower($inuser));
+       $pwfile = "$userdir/.passwd";
+       if (!file_exists($pwfile)) return;
+       $usertest = trim(file_get_contents($pwfile));
        if (!$usertest) return;
 
        # verify password
        $authhash = md5($usertest);
        if (isset($inpass)) {
-               if (!password_verify($inpass, $usertest)) return;
+               if (!login_password_verify($inpass, $usertest)) return;
        }
        else {
                if ($inauth !== $authhash) return;
        }
 
-       return [
-               'name'  => $inuser,
-               'admin' => !empty($inuser) && strtolower($inuser) != 'lid',
-               'auth'  => "$inuser:$authhash",
-       ];
+       if (function_exists('apache_note')) apache_note('user', $inuser);
+
+       $user = new User($userdir);
+       $user->logclient();
+       $user->pass = $usertest;
+       $user->auth = "$inuser:$authhash";
+       return $user;
 }
 
 if (isset($_COOKIE['login'])) {