diff options
Diffstat (limited to 'lib/Authentication.php')
-rw-r--r-- | lib/Authentication.php | 108 |
1 files changed, 55 insertions, 53 deletions
diff --git a/lib/Authentication.php b/lib/Authentication.php index ac8ea96a..1ae26edf 100644 --- a/lib/Authentication.php +++ b/lib/Authentication.php @@ -1,4 +1,5 @@ <?php + /** * This file is part of RSS-Bridge, a PHP project capable of generating RSS and * Atom feeds for websites that don't have one. @@ -6,9 +7,9 @@ * For the full license information, please view the UNLICENSE file distributed * with this source code. * - * @package Core - * @license http://unlicense.org/ UNLICENSE - * @link https://github.com/rss-bridge/rss-bridge + * @package Core + * @license http://unlicense.org/ UNLICENSE + * @link https://github.com/rss-bridge/rss-bridge */ /** @@ -30,56 +31,57 @@ * @todo Add functions to detect if a user is authenticated or not. This can be * utilized for limiting access to authorized users only. */ -class Authentication { - /** - * Throw an exception when trying to create a new instance of this class. - * Use {@see Authentication::showPromptIfNeeded()} instead! - * - * @throws \LogicException if called. - */ - public function __construct(){ - throw new \LogicException('Use ' . __CLASS__ . '::showPromptIfNeeded()!'); - } - - /** - * Requests the user for login credentials if necessary. - * - * Responds to an authentication request or returns the `WWW-Authenticate` - * header if authentication is enabled in the configuration of RSS-Bridge - * (`[authentication] enable = true`). - * - * @return void - */ - public static function showPromptIfNeeded() { - - if(Configuration::getConfig('authentication', 'enable') === true) { - if(!Authentication::verifyPrompt()) { - header('WWW-Authenticate: Basic realm="RSS-Bridge"', true, 401); - die('Please authenticate in order to access this instance !'); - } - - } - - } - - /** - * Verifies if an authentication request was received and compares the - * provided username and password to the configuration of RSS-Bridge - * (`[authentication] username` and `[authentication] password`). - * - * @return bool True if authentication succeeded. - */ - public static function verifyPrompt() { +class Authentication +{ + /** + * Throw an exception when trying to create a new instance of this class. + * Use {@see Authentication::showPromptIfNeeded()} instead! + * + * @throws \LogicException if called. + */ + public function __construct() + { + throw new \LogicException('Use ' . __CLASS__ . '::showPromptIfNeeded()!'); + } - if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { - if(Configuration::getConfig('authentication', 'username') === $_SERVER['PHP_AUTH_USER'] - && Configuration::getConfig('authentication', 'password') === $_SERVER['PHP_AUTH_PW']) { - return true; - } else { - error_log('[RSS-Bridge] Failed authentication attempt from ' . $_SERVER['REMOTE_ADDR']); - } - } - return false; + /** + * Requests the user for login credentials if necessary. + * + * Responds to an authentication request or returns the `WWW-Authenticate` + * header if authentication is enabled in the configuration of RSS-Bridge + * (`[authentication] enable = true`). + * + * @return void + */ + public static function showPromptIfNeeded() + { + if (Configuration::getConfig('authentication', 'enable') === true) { + if (!Authentication::verifyPrompt()) { + header('WWW-Authenticate: Basic realm="RSS-Bridge"', true, 401); + die('Please authenticate in order to access this instance !'); + } + } + } - } + /** + * Verifies if an authentication request was received and compares the + * provided username and password to the configuration of RSS-Bridge + * (`[authentication] username` and `[authentication] password`). + * + * @return bool True if authentication succeeded. + */ + public static function verifyPrompt() + { + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + if ( + Configuration::getConfig('authentication', 'username') === $_SERVER['PHP_AUTH_USER'] + && Configuration::getConfig('authentication', 'password') === $_SERVER['PHP_AUTH_PW'] + ) { + return true; + } else { + error_log('[RSS-Bridge] Failed authentication attempt from ' . $_SERVER['REMOTE_ADDR']); + } + } + return false; + } } |