Changeset 1254

Show
Ignore:
Timestamp:
11/15/06 12:42:45 (2 years ago)
Author:
jm3
Message:

basic success/fail authentication and logouts working!

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • brains/.htaccess

    r1253 r1254  
    22php_flag register_globals on 
    33 
    4 # OS X doesnt like this 
    54RewriteEngine on 
    65 
     6# OS X doesnt like this 
    77#RewriteBase    / 
    88 
    99# clean url mappings 
    10  
    11 RewriteRule   ^foo /ok.html  
    1210 
    1311RewriteRule    ^lists/([a-z0-9_-]+)/([0-9]+)$ /index.php?op=view&id=$2 [L] 

  • brains/blapi.php

    r1253 r1254  
    1 <% 
    2   class Blapi { 
     1<?php 
    32 
    4     # FINISH UP HERE: make this look at the authid in the user object and try to authenticate that and do a get-list. parse the responsefor a failure; 
     3class Blapi { 
    54 
    6     function yes() { 
    7       $bla = new Blapi(); 
    8       $authid = $_COOKIE["auth_id"]; 
    9       $u      = $_COOKIE["uid"]; 
    10       echo "$u / $authid<br>"; 
    11       $bla->init( $u, $p, $authid ); 
    12       $ok = $bla->authorized(); 
    13       if( $ok ) 
    14         echo "we are authorized with the token";  
    15       else     
    16         echo "we are NOT authorized with the token";  
     5    function logout() { 
     6      setCookie( 'user', "", time() - 3600, '/' ); 
     7      setCookie( 'authid', "", time() - 3600, '/' ); 
     8?> 
     9  <meta http-equiv="refresh" content="0; URL=/login?message=You+have+been+logged+out.+Would+you+like+to+sign+in+as+another+user?" /> 
     10<?php 
    1711    } 
    1812 
    19     function authorized() { 
    20       $response = $this->xform( "transforms/authenticate.xsl", $this->pack( "login", "" )); 
    21       $response = $response[0]; 
    22       if( $response != "INVALID:credentials" ) 
    23         return true; 
    24       else 
    25         return false; 
     13    function authenticate( $u, $p ) { 
     14    $login_url = $this->domain . "/login?submission=credentials&login=$u&password=$p"; 
     15      $response = $this->xform( "transforms/authenticate.xsl", $login_url ); 
     16      $authid = $response[0]; 
     17      if( $authid && $authid != "INVALID:credentials" ) { 
     18        $this->authid = $authid; 
     19        setCookie( 'user',   $u, time()+60*60*24*69, '/' ); 
     20        setCookie( 'authid', $authid, time()+60*60*24*69, '/' ); 
     21?> 
     22  <meta http-equiv="refresh" content="0; URL=/" /> 
     23<?php 
     24      } else { 
     25?> 
     26  <meta http-equiv="refresh" content="0; URL=/login" /> 
     27<?php 
     28      } 
    2629    } 
    2730 
     
    7477    } 
    7578 
    76     function init( $u, $p, $authid ) { 
    77       $this->user = $u; 
    78       $this->password = $p; 
     79    # normally called before performing any operation 
     80    function init( $authid ) { 
    7981      $this->authid = $authid; 
     82      $this->user = $_COOKIE["user"]; 
    8083      $this->parser = "/usr/bin/xsltproc"; 
    8184      $this->domain = "http://blablalist.com"; 
     
    103106 
    104107    function getlist( $id ) { 
    105       return $this->dump_items( $this->xform( "transforms/getlist.xsl", $this->pack( "getlist", "&id=" . $id ))); 
     108      return $this->dump_items( $this->xform( "transforms/getlist.xsl", $this->pack( "getlist", "&id=" . $id )), "" ); 
    106109    } 
    107110     
     
    142145 
    143146    function pack( $operation, $args ) { 
    144       $uri = "$operation?submission=credentials&login=" . $this->user . "&password=" . $this->password . "&$args"; ; 
     147      $uri = "$operation?submission=credentials&authid=" . $this->authid . "&$args"; ; 
     148      #echo $uri; 
    145149      return $this->domain . "/" . $uri; 
    146150    } 

  • brains/index.php

    r1253 r1254  
    1 <% 
     1<?php 
    22  include_once( "blapi.php" ); 
    33  include_once( "util.php" ); # FINISH PAGE FUNCTION HERE 
     
    88 
    99  # FINISH ME AUTHID WORKING LOGIN WE CAN SHARE IT 
    10   #$authid = $_COOKIE["authid"]; 
    11   #$u      = $_COOKIE["uid"]; 
    12   #echo $u; 
    13   #echo $authid; 
    14   #if( $u && $authid && authorized( $authid )) 
    15     #echo "we are authorized with the token"
    16   #else 
    17     #echo "we are NOT authorized with the token"; 
     10  $authid = $_COOKIE["authid"]; 
     11  if( ! $authid ) { 
     12?> 
     13  <meta http-equiv="refresh" content="0; URL=/login" /> 
     14<?php 
     15  return
     16  exit; 
     17
    1818   
    19   $u      = "codeswami"; 
    20   $p      = chop( implode('', file('pass.txt'))); 
    21  
    2219  $bla = new Blapi(); 
    23    
    24   $bla->init( $u, $p, $_COOKIE["authid"] ); 
    25   $ok = $bla->authorized(); 
    26   if( ! $ok ) { 
    27 %> 
    28 <meta http-equiv="refresh" content="0; URL=/login?message=Invalid+username+or+password" /> 
    29 <% 
    30     return; 
    31     exit; 
    32   } 
     20  $bla->init( $authid ); 
    3321 
    3422  $op = $op ? $op : "index"; 
     
    6755  if( $forward ) { 
    6856    $url = ($list_id && $op != "delete") ? "/lists/$u/$list_id" : "/";  
    69 %
     57?
    7058 
    71 <meta http-equiv="refresh" content="0; URL=<%= $url %>" /> 
     59<meta http-equiv="refresh" content="0; URL=<?= $url ?>" /> 
    7260 
    73 <%  
     61<?php  
    7462  } else { 
    7563    if( $show_html ) { 
    76 %
     64?
    7765<html> 
    7866  <head> 
     
    9078    <h1><a href="/">BRAINS</a></h1> 
    9179 
    92     <p><a href="/logout">log out</a></p> 
     80    <p>(<a href="/logout">log out?</a>)</p> 
    9381 
    94     <%= $payload %
     82    <?= $payload ?
    9583 
    9684    <hr /> 
    97  
     85     
    9886    <form name="create" action="/create" method="post"> 
    9987      <label> 
     
    10290      </label> 
    10391    </form> 
     92     
     93    <?php if( $REQUEST_URI != "/" ) { ?> 
     94    <a href="/">View all my lists</a> 
     95    <?php } ?> 
    10496 
    10597  </body> 
    10698</html> 
    107 <%  
     99<?php  
    108100    } 
    109101  } 
    110 %
     102?

  • brains/login.php

    r1253 r1254  
    1 <% 
    2   include_once( "blapi.php" ); 
     1<?php 
     2  include( "blapi.php" ); 
    33 
     4  $bla = new Blapi(); 
     5  $bla->init( $authid ); # auth id will be undef if this is a new user -- that's fine. 
     6  $show_html = true; 
     7   
    48  if( $op == "logout" ) { 
    5     echo "deleting the cookies"; 
    6  
    7     # delete the cookie and fwd to /login 
    8    
     9    $bla->logout(); 
    910  } else if( $user && $password ) { 
    10  
    11     # verify the authorized call: 
    12  
    13     setCookie( 'uid', $user, time()+60*60*24*69, '/' ); 
    14     setCookie( 'auth_id', md5( $password ), time()+60*60*24*69, '/' ); 
    15  
    16     echo "SUCCESS! you are logged in!"; 
    17 %> 
    18   <meta http-equiv="refresh" content="0; URL=/" /> 
    19 <% 
    20  
    21      
    22     # set cookie and fwd to index 
    23     #http://blablalist.com/login?submission=credentials&login=johnsmith&password=password 
     11    $bla->authenticate( $user, $password ); 
     12    $show_html = false; 
    2413  } 
    2514 
    26  
    27   $show_html = true; 
    28  
    2915  if( $show_html ) { 
    30 %
     16?
    3117 
    3218<h2><a href="/">BRAINS</a></h2> 
    33 <h2>log in</h2> 
    3419 
    35 <h3><%= $message %></h3> 
     20<?php if( ! $message ) { ?> 
     21<h3>Welcome, please log in:</h3> 
     22<?php } else { ?> 
     23<h3><?= $message ?></h3> 
     24<?php } ?> 
    3625 
    3726<form name="login" action="/login" method="post"> 
    3827  <label> 
    3928    Username 
    40     <input name="user" value="<%= $user %>" /> 
     29    <input name="user" value="<?= $user ?>" /> 
    4130  </label> 
    4231  <br /> 
     
    4837</form> 
    4938 
    50 <% } %
     39<? } ?