mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
5141fc4872
* Share code between all mysql based authorizers I plan to update the mysql password encryption and this will allow the code to be changed in a single location. It also reduces a lot of duplication. * Fix tests, I suspect reauthenticate will work for these... Do not allow password updates for several authorizers
43 lines
1.1 KiB
PHP
43 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace LibreNMS\Authentication;
|
|
|
|
use Dapphp\Radius\Radius;
|
|
use LibreNMS\Config;
|
|
use LibreNMS\Exceptions\AuthenticationException;
|
|
|
|
class RadiusAuthorizer extends MysqlAuthorizer
|
|
{
|
|
protected static $HAS_AUTH_USERMANAGEMENT = 1;
|
|
protected static $CAN_UPDATE_USER = 1;
|
|
protected static $CAN_UPDATE_PASSWORDS = 0;
|
|
|
|
/** @var Radius $radius */
|
|
protected $radius;
|
|
|
|
public function __construct()
|
|
{
|
|
$this->radius = new Radius(Config::get('radius.hostname'), Config::get('radius.secret'), Config::get('radius.suffix'), Config::get('radius.timeout'), Config::get('radius.port'));
|
|
}
|
|
|
|
public function authenticate($username, $password)
|
|
{
|
|
global $debug;
|
|
|
|
if (empty($username)) {
|
|
throw new AuthenticationException('Username is required');
|
|
}
|
|
|
|
if ($debug) {
|
|
$this->radius->setDebug(true);
|
|
}
|
|
|
|
if ($this->radius->accessRequest($username, $password) === true) {
|
|
$this->addUser($username, $password, Config::get('radius.default_level', 1));
|
|
return true;
|
|
}
|
|
|
|
throw new AuthenticationException();
|
|
}
|
|
}
|