X-Git-Url: http://git.pjr.cc/?a=blobdiff_plain;f=authserver%2Fauthd%2Fauthd.php;h=67b9627a86a174d5c4e8c670add94517e2530c7d;hb=684d7cc6c2ce6ba3f1ca5c48dda5c4efa9448455;hp=f4b366df897acc65f2e695a9bf3cb2d2e975c1a0;hpb=b01c2819480261bd5c94de2bf05533c9e82a6ab2;p=ga4php.git diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index f4b366d..67b9627 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -1,10 +1,7 @@ query($sql); + $clients = ""; + $i=0; + foreach($res as $row) { + // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);'; + $clients[$i]["name"] = $row["rad_name"]; + $clients[$i]["ip"] = $row["rad_ip"]; + $clients[$i]["secret"] = $row["rad_secret"]; + $clients[$i]["desc"] = $row["rad_desc"]; + } + msg_send($cl_queue, MSG_GET_RADIUS_CLIENTS, $clients); + break; + case MSG_REMOVE_RADIUS_CLIENT: + // it should send us a client by rad_name - doesnt work yet + $client = $msg["clientname"]; + $sql = "delete from radclients where rad_name='$client'"; + $res = $dbo->query($sql); + updateRadius(); + msg_send($cl_queue, MSG_REMOVE_RADIUS_CLIENT, true); + break; + case MSG_ADD_RADIUS_CLIENT: + $client = $msg["clientname"]; + $clientsecret = $msg["clientsecret"]; + $clientip = $msg["clientip"]; + $clientdesc = $msg["clientdescription"]; + $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')"; + updateRadius(); + msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, true); + break; + case MSG_DELETE_USER_TOKEN: + $username = $msg["username"]; + + $sql = "select users_otk from users where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $otkid = ""; + foreach($res as $row) { + $otkid = $row["users_otk"]; + } + if($otkid!="") { + global $BASE_DIR; + unlink("$BASE_DIR/authserver/authd/otks/$otkid.png"); + } + + $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + + msg_send($cl_queue, MSG_DELETE_USER_TOKEN, true); + break; case MSG_AUTH_USER_TOKEN: echo "Call to auth user token\n"; // minimal checking, we leav it up to authenticateUser to do the real // checking - if(!isset($msg["user"])) $msg["user"] = ""; + if(!isset($msg["username"])) $msg["username"] = ""; if(!isset($msg["passcode"])) $msg["passcode"] = ""; - $username = $msg["user"]; + $username = $msg["username"]; $passcode = $msg["passcode"]; global $myga; - msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $myga->authenticateUser($username, $passcode)); + $authval = $myga->authenticateUser($username, $passcode); + msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval); + break; + case MSG_GET_OTK_ID: + if(!isset($msg["username"])) { + msg_send($cl_queue, MSG_GET_OTK_ID, false); + } else { + $username = $msg["username"]; + $sql = "select users_otk from users where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $otkid = ""; + foreach($res as $row) { + $otkid = $row["users_otk"]; + } + + if($otkid == "") { + msg_send($cl_queue, MSG_GET_OTK_ID, false); + } else { + msg_send($cl_queue, MSG_GET_OTK_ID, $otkid); + } + } + break; + case MSG_GET_OTK_PNG: + if(!isset($msg["otk"])) { + msg_send($cl_queue, MSG_GET_OTK_PNG, false); + } else { + $otk = $msg["otk"]; + $sql = "select users_username from users where users_otk='$otk'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $username = ""; + foreach($res as $row) { + $username = $row["users_username"]; + } + + if($username == "") { + msg_send($cl_queue, MSG_GET_OTK_PNG, false); + } else if($username != $msg["username"]) { + msg_send($cl_queue, MSG_GET_OTK_PNG, false); + } else { + global $BASE_DIR; + $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb"); + $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png")); + fclose($hand); + unlink("$BASE_DIR/authserver/authd/otks/$otk.png"); + $sql = "update users set users_otk='' where users_username='$username'"; + $dbo->query($sql); + error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk "); + msg_send($cl_queue, MSG_GET_OTK_PNG, $data); + } + } + + break; + case MSG_SYNC_TOKEN: + if(!isset($msg["username"])) { + msg_send($cl_queue, MSG_SYNC_TOKEN, false); + } else { + $tokenone = $msg["tokenone"]; + $tokentwo = $msg["tokentwo"]; + + msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo)); + } + + break; + case MSG_GET_TOKEN_TYPE: + if(!isset($msg["username"])) { + msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false); + } else { + msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"])); + } break; case MSG_ADD_USER_TOKEN: echo "Call to add user token\n"; if(!isset($msg["username"])) { msg_send($cl_queue, MSG_ADD_USER_TOKEN, false); } else { - $username = $msg["username"]; + global $BASE_DIR; + $username = $msg["username"]; + $tokentype="TOTP"; + if(isset($msg["tokentype"])) { + $tokentype=$msg["tokentype"]; + } + $hexkey = ""; + if(isset($msg["hexkey"])) { + $hexkey = $msg["hexkey"]; + } global $myga; - msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->setUser($username)); + $myga->setUser($username, $tokentype, "", $hexkey); + + $url = $myga->createUrl($username); + if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks"); + $otk = generateRandomString(); + system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png $url"); + + $sql = "update users set users_otk='$otk' where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + + msg_send($cl_queue, MSG_ADD_USER_TOKEN, true); } break; case MSG_DELETE_USER: @@ -65,7 +202,24 @@ if($pid == -1) { } else { $username = $msg["username"]; global $myga; - msg_send($cl_queue, MSG_DELETE_USER, $myga->deleteUser($username)); + + $sql = "select users_otk from users where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $otkid = ""; + foreach($res as $row) { + $otkid = $row["users_otk"]; + } + if($otkid!="") { + unlink("otks/$otkid.png"); + } + + + $sql = "delete from users where users_username='$username'"; + $dbo = getDatabase(); + $dbo->query($sql); + + msg_send($cl_queue, MSG_DELETE_USER, true); } break; case MSG_AUTH_USER_PASSWORD: @@ -103,23 +257,29 @@ if($pid == -1) { break; case MSG_SET_USER_PASSWORD: - echo "Call to set user pass\n"; + echo "how on earth is that happening Call to set user pass, wtf?\n"; // TODO + print_r($msg); if(!isset($msg["username"])) { msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); + echo "in break 1\n"; break; } if(!isset($msg["password"])) { msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); + echo "in break 1\n"; break; } $username = $msg["username"]; $password = $msg["password"]; - $pass = hash('sha512', $password); + echo "would set pass for $username, to $password\n"; + if($password == "") $pass = ""; + else $pass = hash('sha512', $password); $dbo = getDatabase(); + echo "in set user pass for $username, $pass\n"; $sql = "update users set users_password='$pass' where users_username='$username'"; $dbo->query($sql); @@ -145,7 +305,6 @@ if($pid == -1) { $username = $msg["username"]; $realname = $msg["realname"]; $sql = "update users set users_realname='$realname' where users_username='$username'"; - echo "sql: $sql\n"; $dbo = getDatabase(); $dbo->query($sql); @@ -167,7 +326,10 @@ if($pid == -1) { } global $myga; - msg_send($cl_queue, MSG_SET_USER_TOKEN, $myga->setUserKey($username, $passcode)); + $username = $msg["username"]; + $token = $msg["tokenstring"]; + $return = $myga->setUserKey($username, $token); + msg_send($cl_queue, MSG_SET_USER_TOKEN, $return); // TODO now set token break; @@ -213,6 +375,12 @@ if($pid == -1) { } else { $users[$i]["hastoken"] = false; } + + if($row["users_otk"]!="") { + $users[$i]["otk"] = $row["users_otk"]; + } else { + $users[$i]["otk"] = ""; + } $i++; } msg_send($cl_queue, MSG_GET_USERS, $users);