* Fix redirect on login for instances
On instances where base_url has been set for use behind a reverse proxy, logins are incorrectly redirected.
This happens because REQUEST_URI is set by the proxy:
1. librenms has base_url set to http://site.com/nms/
2. Browser requests http://site.com/nms/
3. nginx reverse proxies /nms/ to librenms at http://somehost:1234/
4. librenms sees REQUEST_URI as "/"
5. librenms logs the user in, but sends "Location: /" to the browser. This redirects to the wrong location.
To resolve, concatenate REQUEST_URI (which is relative) to base_url. As base_url is slash-terminated, crop the trailing slash. This should have no effect on users with default settings and will correctly redirect instances behind reverse proxies.
* I agree to the conditions of the Contributor Agreement contained in doc/General/Contributing.md.
* Adding comment explaining redirect logic on login
* Use rtrim instead of substr
* feature: bind user for active_directory auth
Optional, allows the use of "remember me", API, and alerting.
* missing global (but still may not be working)
* always return a value from reauthenticate()
* Make sure the ldapbind credentials are correct on reauth.
Do not send output if they are incorrect (use d_echo) this breaks ajax calls, etc.
Add scripts/auth_test.php, to make it easier to debug authentication.
* Refine auth_test.php a bit more
A few small cleanups in other places of the auth
* Add auth_test.php to docs
Some more improvements in the auth_test.php output.
* Update Authentication.md
* Updated to remove passwords from sessions
* Remove users sessions when user deleted
* Updated when cookies are set
* Updated setcookies to always contain a value
* Added destroy_cookies() to remove users cookies on failed login
* Removed debug line
* Fixed graph issues
* Implement an autoloader
When cleaning up classes for psr2, things got a bit unwieldy, so I implemented a class autoloader.
I created a PSR-0 compliant LibreNMS directory and moved all classes there that made sense.
Implemented LibreNMS\ClassLoader which supports adding manual class mappings
This reduces the file includes needed and only loads classes when needed.
* Add teh autoloader to graph.php
* Add a small bit of docs
Fix incomplete class in includes/discovery/functions.inc.php
Tested against Google-Authenticator app on Android 4.4.4
Made `verify_hotp` more efficient.
Added autofocus on twofactor input
Added GUI Unlock and Remove for TwoFactor credentials in /edituser/
Allow additional tries after elapsed time from last try exceeds configured parameter `$config['twofactor_lock']`.
If `$config['twofactor_lock']` is not defined or is set to `0`, administrators have to unlock accounts that exceed 3 failures via GUI.
Added Documentation
Moved TwoFactor form to logon.inc.php
Disabled autocomplete on twofactor input field
Updated Docs to include link to Google-Authenticator's install-guides
Moved authentication logic from authenticate.inc.php to twofactor.lib.php
typo in docblock for `twofactor_auth()`
Fixed scrutinizer bugs
To please scrutinizer
Chris Putnam
Tony Murray
Neil Lathwood
Eldon Koyle
Michael Newton
Job Snijders
f0o
Adam Amstrong
Tom Laermans