Differences

This shows you the differences between two versions of the page.

--- auth:django [2009-09-11 19:59] – created, moved from plugins HåkanS
+++ auth:django [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Djangoauth ======
-author     : Michael Luggen <michael.luggen@unifr.ch> \\
-lastupdate : 2008-08-13\\
-compatible with DokuWiki 2008-05-05
-It's an extremely **ugly** implementation which enables a nice integration with a Django [http://www.djangoproject.com/] installation. You have to let authenticate the user first in Django to get a session. This can be realized with a Apache AuthenticationHandler [http://www.djangoproject.com/documentation/apache_auth/].
-===== Installation =====
-  * Copy to /inc/auth/
-  * Provide mysql_connect with the db contact information
-===== Code =====
-<code php auth_django.php>
-<?php
-/**
- * django auth backend
- *
- * Uses external Trust mechanism to check against a django session id
- *
- * @author    Andreas Gohr <andi@splitbrain.org>
- * @author    Michael Luggen <michael.luggen at rhone.ch>
- */
-define('DOKU_AUTH', dirname(__FILE__));
-define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
-class auth_django extends auth_basic {
-  /**
-   * Constructor.
-   *
-   * Sets additional capabilities and config strings
-   */
-  function auth_django(){
-    $this->cando['external'] = true;
-  }
-  /**
-   * Just checks against the django sessionid variable
-   */
-  function trustExternal($user,$pass,$sticky=false){
-    global $USERINFO;
-    global $conf;
-    $sticky ? $sticky = true : $sticky = false; //sanity check
-    if( isset($_COOKIE['sessionid'])){
-	/**
-	 * get user info from django-database (only mysql at the moment)
-	 */
-	$s_id =  $_COOKIE['sessionid'];
-	// Connecting, selecting database
-	$link = mysql_connect('database-server', 'djangodb', 'pass')
-	    or die('Could not connect: ' . mysql_error());
-	// Select the right table
-	mysql_select_db('djangotable') or die('Could not select database');
-	// Performing SQL query
-	$query = 'SELECT session_data FROM django_session where session_key="'.mysql_real_escape_string($s_id).'" limit 1;';
-	$result = mysql_query($query) or die('Query failed: ' . mysql_error());
-	$ar = mysql_fetch_row($result);
-	// Look for the userid, first_name, email
-	ereg(".*L([0-9]*)L.*",base64_decode($ar[0]),$data);
-	$userid = $data[1];
-	$query = 'SELECT username, first_name, email FROM auth_user where id="'.mysql_real_escape_string($userid).'" limit 1;';
-	$result2 = mysql_query($query) or die('Query failed: ' . mysql_error());
-	$user = mysql_fetch_row($result2);
-	$username =  $user[0];
-	$userfullname = $user[1];
-	$useremail = $user[2];
-	mysql_free_result($result);
-	mysql_close($link);
-      // okay we're logged in - set the globals
-      $groups = $this->_getUserGroups($username);
-      $USERINFO['name'] = $username;
-      $USERINFO['pass'] = '';
-      $USERINFO['mail'] = $useremail;
-      // Hack for a standard group
-      $groups[0] = 'user';
-      $USERINFO['grps'] = $groups;
-      $_SERVER['REMOTE_USER'] = $username;
-      $_SESSION[$conf['title']]['auth']['user'] = $username;
-      $_SESSION[$conf['title']]['auth']['info'] = $userfullname;
-      return true;
-    }
-    return false;
-  }
-  function _getUserGroups($user){
-      if(!@file_exists(AUTH_USERFILE)) return;
-      $lines = file(AUTH_USERFILE);
-      foreach($lines as $line){
-        $line = preg_replace('/#.*$/','',$line); //ignore comments
-        $line = trim($line);
-        if(empty($line)) continue;
-        $row    = split(":",$line,5);
-        $groups = split(",",$row[4]);
-        if($user == $row[0]) return $groups;
-      }
-      return;
-    }
-}
-</code>