2011-03-16 18:28:52 +00:00
|
|
|
<?php
|
2007-04-03 14:10:23 +00:00
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
use LibreNMS\Exceptions\AuthenticationException;
|
2017-01-01 03:37:15 -06:00
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
ini_set('session.use_only_cookies', 1);
|
|
|
|
|
ini_set('session.cookie_httponly', 1);
|
|
|
|
|
ini_set('session.use_strict_mode', 1); // php >= 5.5.2
|
|
|
|
|
ini_set('session.use_trans_sid', 0); // insecure feature, be sure it is disabled
|
2010-07-05 19:19:19 +00:00
|
|
|
|
2017-05-15 23:13:07 -05:00
|
|
|
// Pre-flight checks
|
2015-07-13 20:10:26 +02:00
|
|
|
if (!is_dir($config['rrd_dir'])) {
|
|
|
|
|
echo "<div class='errorbox'>RRD Log Directory is missing ({$config['rrd_dir']}). Graphing may fail.</div>";
|
2011-03-26 19:28:39 +00:00
|
|
|
}
|
2010-07-05 19:19:19 +00:00
|
|
|
|
2015-07-13 20:10:26 +02:00
|
|
|
if (!is_dir($config['temp_dir'])) {
|
|
|
|
|
echo "<div class='errorbox'>Temp Directory is missing ({$config['temp_dir']}). Graphing may fail.</div>";
|
2011-03-26 19:28:39 +00:00
|
|
|
}
|
2010-07-05 19:19:19 +00:00
|
|
|
|
2015-07-13 20:10:26 +02:00
|
|
|
if (!is_writable($config['temp_dir'])) {
|
|
|
|
|
echo "<div class='errorbox'>Temp Directory is not writable ({$config['tmp_dir']}). Graphing may fail.</div>";
|
2011-03-26 19:28:39 +00:00
|
|
|
}
|
2010-07-05 19:19:19 +00:00
|
|
|
|
2014-02-03 22:32:45 +00:00
|
|
|
// Clear up any old sessions
|
2015-07-13 20:10:26 +02:00
|
|
|
dbDelete('session', '`session_expiry` < ?', array(time()));
|
|
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
session_start();
|
|
|
|
|
|
2016-09-13 15:10:42 +01:00
|
|
|
if ($vars['page'] == 'logout' && $_SESSION['authenticated']) {
|
2017-05-15 22:18:23 -05:00
|
|
|
log_out_user();
|
2015-08-11 14:54:05 -07:00
|
|
|
header('Location: ' . $config['base_url']);
|
2015-07-13 20:10:26 +02:00
|
|
|
exit;
|
2007-04-03 14:10:23 +00:00
|
|
|
}
|
|
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
try {
|
|
|
|
|
if (isset($_SESSION['authenticated']) && $_SESSION['authenticated']) {
|
|
|
|
|
// session authenticated already
|
|
|
|
|
log_in_user();
|
|
|
|
|
} else {
|
|
|
|
|
// try authentication methods
|
|
|
|
|
|
|
|
|
|
// cookie authentication
|
|
|
|
|
if (isset($_COOKIE['sess_id'], $_COOKIE['token']) &&
|
|
|
|
|
reauthenticate(clean($_COOKIE['sess_id']), clean($_COOKIE['token']))
|
|
|
|
|
) {
|
|
|
|
|
log_in_user();
|
|
|
|
|
|
|
|
|
|
// update cookie expiry times
|
|
|
|
|
set_remember_me();
|
|
|
|
|
} else {
|
|
|
|
|
// collect username and password
|
|
|
|
|
$password = null;
|
|
|
|
|
if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
|
|
|
|
|
$username = clean($_REQUEST['username']);
|
|
|
|
|
$password = $_REQUEST['password'];
|
|
|
|
|
} elseif (isset($_SERVER['REMOTE_USER'])) {
|
|
|
|
|
$username = $_SERVER['REMOTE_USER'];
|
|
|
|
|
} elseif (isset($_SERVER['PHP_AUTH_USER']) && $config['auth_mechanism'] === 'http-auth') {
|
|
|
|
|
$username = $_SERVER['PHP_AUTH_USER'];
|
2016-12-27 20:37:03 +00:00
|
|
|
}
|
2016-12-26 16:11:00 -07:00
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
// form authentication
|
|
|
|
|
if (isset($username) && authenticate($username, $password)) {
|
|
|
|
|
$_SESSION['username'] = $username;
|
|
|
|
|
log_in_user();
|
2015-07-13 20:10:26 +02:00
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
// set cookie if requested
|
|
|
|
|
if (isset($_POST['remember'])) {
|
|
|
|
|
set_remember_me();
|
|
|
|
|
}
|
2015-07-13 20:10:26 +02:00
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
// redirect to original uri or home page.
|
|
|
|
|
header('Location: '.rtrim($config['base_url'], '/').$_SERVER['REQUEST_URI'], true, 303);
|
|
|
|
|
}
|
2016-09-09 08:04:03 -05:00
|
|
|
}
|
2015-04-11 21:01:33 +01:00
|
|
|
}
|
2017-05-15 22:18:23 -05:00
|
|
|
} catch (AuthenticationException $ae) {
|
|
|
|
|
$auth_message = $ae->getMessage();
|
|
|
|
|
if ($debug) {
|
|
|
|
|
$auth_message .= '<br /> ' . $ae->getFile() . ': ' . $ae->getLine();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dbInsert(
|
|
|
|
|
array('user' => $_SESSION['username'], 'address' => get_client_ip(), 'result' => $auth_message),
|
|
|
|
|
'authlog'
|
|
|
|
|
);
|
|
|
|
|
log_out_user($auth_message);
|
2011-03-16 18:28:52 +00:00
|
|
|
}
|
2017-05-15 22:18:23 -05:00
|
|
|
|
|
|
|
|
session_write_close();
|
2017-05-15 23:13:07 -05:00
|
|
|
|
|
|
|
|
// populate the permissions cache
|
|
|
|
|
if (isset($_SESSION['user_id'])) {
|
|
|
|
|
$permissions = permissions_cache($_SESSION['user_id']);
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-15 22:18:23 -05:00
|
|
|
unset($username, $password);
|
