Commit cd0ef38f authored by Dainis Abols's avatar Dainis Abols
Browse files

Validation checks fixes

Version 5.0.4
parent a3f6363e
......@@ -23,6 +23,8 @@ use Lu\LuAuth\Models\Users;
use Lu\LDAPAuthorization\LDAP;
use TYPO3\CMS\Core\Authentication\AbstractAuthenticationService;
use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* Class LUBEAuthService
......@@ -82,14 +84,15 @@ class LUBEAuthService extends AbstractAuthenticationService
*
* @return array|null
*/
public function getUser(): ?array
public function getUser()
{
// Set initial authenticated value un false
$user = [
// Set initial authenticated value false and prepare for default data
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
$user = [
'authenticated' => false,
'password' => $hashInstance->getHashedPassword($this->password),
];
// Check if login request
$server = new Server();
if ($this->loginData['status'] == 'login' && !$this->username->empty()) {
......@@ -98,7 +101,8 @@ class LUBEAuthService extends AbstractAuthenticationService
// Bind and get user data
$ldapuser = $ldap->authorize($this->username->toString(), $this->password);// Check if data received
if ($ldapuser) {
if ($ldapuser->isValid()) {
// Fetch user data
$UserModel = new Users(RequestType::BE);
$user = $UserModel->getUserData($this->username);
......@@ -106,8 +110,6 @@ class LUBEAuthService extends AbstractAuthenticationService
if ($user) {
$user['authenticated'] = true;
}
} else {
return null;
}
}
......
......@@ -94,17 +94,17 @@ class LUFEAuthService extends AbstractAuthenticationService
/**
* Initialize authentication service
*
* @param string $mode Subtype of the service which is used to call the service.
* @param array $loginData Submitted login form data
* @param array $authInfo Information array. Holds submitted form data etc.
* @param AbstractUserAuthentication $pObj Parent object
* @param string $mode Subtype of the service which is used to call the service.
* @param array $loginData Submitted login form data
* @param array $authInfo Information array. Holds submitted form data etc.
* @param AbstractUserAuthentication $pObj Parent object
*/
public function initAuth($mode, $loginData, $authInfo, $pObj)
{
// Store login and authentication data
$this->login = $loginData;
$this->login = $loginData;
$this->authInfo = $authInfo;
$this->pObj = $pObj;
$this->pObj = $pObj;
}
/**
......@@ -114,8 +114,8 @@ class LUFEAuthService extends AbstractAuthenticationService
*/
public function getUser()
{
// Set initial authenticated value un false
$user = [
// Set initial authenticated value false and prepare for default data
$user = [
'authenticated' => false,
];
......@@ -153,11 +153,14 @@ class LUFEAuthService extends AbstractAuthenticationService
// Failed login attempt (wrong password) - write that to the log!
if (!$OK) {
if ($this->writeAttemptLog) {
$this->logger->info(sprintf("Login-attempt from %s (%s), username '%s', password not accepted!",
$this->info['REMOTE_ADDR'],
$this->info['REMOTE_HOST'],
$this->username->toString()
));
$this->logger->info(
sprintf(
"Login-attempt from %s (%s), username '%s', password not accepted!",
$this->info['REMOTE_ADDR'],
$this->info['REMOTE_HOST'],
$this->username->toString()
)
);
}
}
......@@ -178,7 +181,7 @@ class LUFEAuthService extends AbstractAuthenticationService
{
// Pre-set used models
$UserModel = new Users(RequestType::FE);
$LuisLib = new LuisLibrary();
$LuisLib = new LuisLibrary();
// Get user date and reactivate if disabled
$user = $UserModel->getUserData($this->username, 'activate');
......@@ -221,7 +224,7 @@ class LUFEAuthService extends AbstractAuthenticationService
$server = new Server();
if (!empty($server->conf['logoutInfoUrl'])) {
$redirectUrl = GeneralUtility::sanitizeLocalUrl($this->conf['logoutInfoUrl']);
header('Location: ' . GeneralUtility::locationHeaderUrl($redirectUrl));
header('Location: '.GeneralUtility::locationHeaderUrl($redirectUrl));
die;
}
}
......
{
"name": "luitd/lu-auth",
"version": "5.0.3",
"version": "5.0.4",
"description": "TYPO3 Authentication for University of Latvia",
"type": "typo3-cms-extension",
"keywords": [
......
......@@ -14,7 +14,7 @@ $EM_CONF[$_EXTKEY] = [
'title' => 'LU Authentication',
'description' => 'TYPO3 Authentication for University of Latvia',
'category' => 'misc',
'version' => '5.0.3',
'version' => '5.0.4',
'dependencies' => 'typo3,lu_api',
'state' => 'stable',
'clearCacheOnLoad' => 1,
......
......@@ -3,7 +3,7 @@
## Version
5.0.3
5.0.4
## Dependencies
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment