mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
09088f48854227a7affaa67ed610309698771ce2
librenms-librenms/LibreNMS/Authentication/HttpAuthAuthorizer.php
Tony Murray f4a33c1a34 Prevent credentials from being leaked in backtrace in some instances (#9817) 
* Prevent credentials from being leak in backtrace in some instances
Particularly before the user is authenticated

* fix test
2019-03-05 00:24:14 -06:00

69 lines
1.6 KiB
PHP
Raw Blame History

<?php
namespace LibreNMS\Authentication;
use LibreNMS\Config;
use LibreNMS\Exceptions\AuthenticationException;
class HttpAuthAuthorizer extends MysqlAuthorizer
{
protected static $HAS_AUTH_USERMANAGEMENT = 1;
protected static $CAN_UPDATE_USER = 1;
protected static $CAN_UPDATE_PASSWORDS = 0;
protected static $AUTH_IS_EXTERNAL = 1;
public function authenticate($credentials)
{
if (isset($credentials['username']) && $this->userExists($credentials['username'])) {
return true;
}
throw new AuthenticationException('No matching user found and http_auth_guest is not set');
}
public function userExists($username, $throw_exception = false)
{
if (parent::userExists($username)) {
return true;
}
if (Config::has('http_auth_guest') && parent::userExists(Config::get('http_auth_guest'))) {
return true;
}
return false;
}
public function getUserlevel($username)
{
$user_level = parent::getUserlevel($username);
if ($user_level) {
return $user_level;
}
if (Config::has('http_auth_guest')) {
return parent::getUserlevel(Config::get('http_auth_guest'));
}
return 0;
}
public function getUserid($username)
{
$user_id = parent::getUserid($username);
if ($user_id) {
return $user_id;
}
if (Config::has('http_auth_guest')) {
return parent::getUserid(Config::get('http_auth_guest'));
}
return -1;
}
}
Reference in New Issue View Git Blame Copy Permalink