'OWWAuth', 'version' => '2008/02/12', 'author' => 'Austin Che', 'url' => 'http://openwetware.org/wiki/User:Austin_J._Che/Extensions/OWWAuth', 'description' => 'OpenWetWare auth module', ); require("AuthPlugin.php"); class OWWAuth extends AuthPlugin { var $realm; function OWWAuth() { //$this->realm = $_SERVER["HTTP_HOST"]; $this->realm = "openwetware.org"; // must match what's in asterisk's sip.conf } /* * Can users change their passwords? * * Added by WJF 12/10/2007 * * Only allow password change if the user is doing it from * within the main OWW wiki. Do not allow password changes * from within any private wiki. * * @return bool */ function allowPasswordChange() { global $wgOpenWetWare; return $wgOpenWetWare; } /** * When a user logs in, optionally fill in preferences and such. * For instance, you might pull the email address or real name from the * external user database. * * The User object is passed by reference so it can be modified; don't * forget the & on your function declaration. * * @param User $user * @public */ function updateUser( &$user ) { } /** * Set the given password in the authentication database. * As a special case, the password may be set to null to request * locking the password to an unusable value, with the expectation * that it will be set later through a mail reset or other method. * * Return true if successful. * * @param $user User object. * @param $password String: password. * @return bool * @public */ function setPassword($user, $password) { global $wgDBname; $name = $user->getName(); // this shouldn't happen if (! $name) return true; $dbw =& wfGetDB(DB_MASTER); // for the sip table $table = "asterisk_sip"; $secret = md5("$name:$this->realm:$password"); if ($dbw->selectField($table, 'name', array('name' => $name))) $dbw->update($table, array('md5secret' => $secret), array('name' => $name)); // user already in table else $dbw->insert($table, array('name' => $name, 'md5secret' => $secret)); // store some info in separate user table/database $table = "users"; $secret = md5($password); $username = strtolower($user->getTitleKey()); // for the username, we use the dbkey form (no spaces) and lowercased $realname = $user->getRealName(); $email = $user->getEmail(); // can only change the database after we get all the information we need from the original database! $dbw->selectDB("userdb"); if ($dbw->selectField($table, 'username', array('username' => $username))) { $dbw->update($table, array('password' => $secret, 'name' => $realname, 'email' => $email), array('username' => $username)); } else { $dbw->insert($table, array('username' => $username, 'password' => $secret, 'name' => $realname, 'email' => $email)); } $dbw->selectDB($wgDBname); return true; } /** * Add a user to the external authentication database. * Return true if successful. * * @param User $user * @param string $password * @return bool * @public */ function addUser($user, $password) { return $this->setPassword($user, $password); } /** * If you want to munge the case of an account name before the final * check, now is your chance. */ function getCanonicalName( $username ) { // if username exists, we don't do anything // otherwise look it up as an email in the db and find username mapping if (User::idFromName($username) != 0) return $username; $email = str_replace(' ', '_', $username); $dbr =& wfGetDB(DB_SLAVE); $name = $dbr->selectField( 'user', 'user_name', array('user_email' => $email ) ); if ($name) return $name; return $username; } } $wgAuth = new OWWAuth; ?>