diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-12-05 20:31:27 -0500 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-12-05 20:31:27 -0500 |
| commit | e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch) | |
| tree | abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Api/Auth.php | |
| parent | 346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff) | |
Rewrite of the authentication and authorization system
Diffstat (limited to 'app/Api/Auth.php')
| -rw-r--r-- | app/Api/Auth.php | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/app/Api/Auth.php b/app/Api/Auth.php index a084d6eb..0a911796 100644 --- a/app/Api/Auth.php +++ b/app/Api/Auth.php @@ -3,7 +3,6 @@ namespace Kanboard\Api; use JsonRPC\AuthenticationFailure; -use Symfony\Component\EventDispatcher\Event; /** * Base class @@ -24,15 +23,43 @@ class Auth extends Base */ public function checkCredentials($username, $password, $class, $method) { - $this->container['dispatcher']->dispatch('api.bootstrap', new Event); + $this->container['dispatcher']->dispatch('app.bootstrap'); - if ($username !== 'jsonrpc' && ! $this->authentication->hasCaptcha($username) && $this->authentication->authenticate($username, $password)) { + if ($this->isUserAuthenticated($username, $password)) { $this->checkProcedurePermission(true, $method); $this->userSession->initialize($this->user->getByUsername($username)); - } elseif ($username === 'jsonrpc' && $password === $this->config->get('api_token')) { + } elseif ($this->isAppAuthenticated($username, $password)) { $this->checkProcedurePermission(false, $method); } else { throw new AuthenticationFailure('Wrong credentials'); } } + + /** + * Check user credentials + * + * @access public + * @param string $username + * @param string $password + * @return boolean + */ + private function isUserAuthenticated($username, $password) + { + return $username !== 'jsonrpc' && + ! $this->userLocking->isLocked($username) && + $this->authenticationManager->passwordAuthentication($username, $password); + } + + /** + * Check administrative credentials + * + * @access public + * @param string $username + * @param string $password + * @return boolean + */ + private function isAppAuthenticated($username, $password) + { + return $username === 'jsonrpc' && $password === $this->config->get('api_token'); + } } |