1<?php
2
3/**
4 * Manages user authentication with Apache's HTTP authentication.
5 *
6 * This Source Code Form is subject to the terms of the Mozilla Public License,
7 * v. 2.0. If a copy of the MPL was not distributed with this file, You can
8 * obtain one at http://mozilla.org/MPL/2.0/.
9 *
10 * @package   phpMyFAQ
11 * @author    Thorsten Rinne <thorsten@phpmyfaq.de>
12 * @author    Alberto Cabello <alberto@unex.es>
13 * @copyright 2009-2020 phpMyFAQ Team
14 * @license   http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
15 * @link      https://www.phpmyfaq.de
16 * @since     2009-03-01
17 */
18
19namespace phpMyFAQ\Auth;
20
21use phpMyFAQ\Auth;
22use phpMyFAQ\User;
23
24/**
25 * Class AuthHttp
26 *
27 * @package phpMyFAQ\Auth
28 */
29class AuthHttp extends Auth implements AuthDriverInterface
30{
31    /**
32     * Adds a new user account to the authentication table.
33     * Returns true on success, otherwise false.
34     *
35     * @param  string $login
36     * @param  string $pass
37     * @param  string $domain
38     * @return bool
39     */
40    public function add($login, $pass, $domain = ''): bool
41    {
42        $user = new User($this->config);
43        $result = $user->createUser($login, null);
44
45        $user->setStatus('active');
46        $user->setUserData(['display_name' => $login]);
47
48        return $result;
49    }
50
51    /**
52     * Changes the password for the account specified by login.
53     * Returns true as it's not possible via HTTP Auth.
54     *
55     * @param string $login Loginname
56     * @param string $pass  Password
57     *
58     * @return bool
59     */
60    public function changePassword($login, $pass): bool
61    {
62        return true;
63    }
64
65    /**
66     * Deletes the user account specified by login.
67     * Returns true as it's not possible via HTTP Auth.
68     *
69     * @param string $login Loginname
70     *
71     * @return bool
72     */
73    public function delete($login): bool
74    {
75        return true;
76    }
77
78    /**
79     * Checks the password for the given user account.
80     *
81     * Returns true if the given password for the user account specified by
82     * is correct, otherwise false.
83     * Error messages are added to the array errors.
84     *
85     * This function is only called when local authentication has failed, so
86     * we are about to create user account.
87     *
88     * @param string $login        Loginname
89     * @param string $pass         Password
90     * @param array  $optionalData Optional data
91     *
92     * @return bool
93     */
94    public function checkPassword($login, $pass, array $optionalData = null): bool
95    {
96        if (!isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW']) {
97            return false;
98        } else {
99            if ($_SERVER['PHP_AUTH_USER'] == $login && $_SERVER['PHP_AUTH_PW'] == $pass) {
100                return true;
101            } else {
102                return false;
103            }
104        }
105    }
106
107    /**
108     * Returns 1 or 0 for true or false.
109     *
110     * @param string $login        Loginname
111     * @param array  $optionalData Optional data
112     *
113     * @return int
114     */
115    public function checkLogin($login, array $optionalData = null): int
116    {
117        return isset($_SERVER['PHP_AUTH_USER']) ? 1 : 0;
118    }
119}
120