Authentication backends refactoring

author: Frédéric Guillot <fred@kanboard.net> 2014-08-16 13:59:37 -0700
committer: Frédéric Guillot <fred@kanboard.net> 2014-08-16 13:59:37 -0700
commit: 925b0ba2e56117e3bbe2947d7938ed35815efa1a (patch)
tree: 7c6f47dcaffa9bb03cbd0c807849fcbb82be3e1c /app/Model/Ldap.php
parent: 498408d5075cf0060e0f53e58261e6537e0f6080 (diff)
1 files changed, 0 insertions, 104 deletions
diff --git a/app/Model/Ldap.php b/app/Model/Ldap.php
deleted file mode 100644
index 007f7171..00000000
--- a/app/Model/Ldap.php
+++ /dev/null
@@ -1,104 +0,0 @@
-<?php
-
-namespace Model;
-
-/**
- * LDAP model
- *
- * @package  model
- * @author   Frederic Guillot
- */
-class Ldap extends Base
-{
-    /**
-     * Authenticate a user
-     *
-     * @access public
-     * @param  string  $username  Username
-     * @param  string  $password  Password
-     * @return null|boolean
-     */
-    public function authenticate($username, $password)
-    {
-        if (! function_exists('ldap_connect')) {
-            die('The PHP LDAP extension is required');
-        }
-
-        // Skip SSL certificate verification
-        if (! LDAP_SSL_VERIFY) {
-            putenv('LDAPTLS_REQCERT=never');
-        }
-
-        $ldap = ldap_connect(LDAP_SERVER, LDAP_PORT);
-
-        if (! is_resource($ldap)) {
-            die('Unable to connect to the LDAP server: "'.LDAP_SERVER.'"');
-        }
-
-        ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
-        ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
-
-        if (! @ldap_bind($ldap, LDAP_USERNAME, LDAP_PASSWORD)) {
-            die('Unable to bind to the LDAP server: "'.LDAP_SERVER.'"');
-        }
-
-        $sr = @ldap_search($ldap, LDAP_ACCOUNT_BASE, sprintf(LDAP_USER_PATTERN, $username), array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL));
-
-        if ($sr === false) {
-            return false;
-        }
-
-        $info = ldap_get_entries($ldap, $sr);
-
-        // User not found
-        if (count($info) == 0 || $info['count'] == 0) {
-            return false;
-        }
-
-        if (@ldap_bind($ldap,  $info[0]['dn'], $password)) {
-            return $this->create($username, $info[0][LDAP_ACCOUNT_FULLNAME][0], $info[0][LDAP_ACCOUNT_EMAIL][0]);
-        }
-
-        return false;
-    }
-
-    /**
-     * Create automatically a new local user after the LDAP authentication
-     *
-     * @access public
-     * @param  string  $username  Username
-     * @param  string  $name      Name of the user
-     * @param  string  $email       Email address
-     * @return bool
-     */
-    public function create($username, $name, $email)
-    {
-        $user = $this->user->getByUsername($username);
-
-        // There is an existing user account
-        if ($user) {
-
-            if ($user['is_ldap_user'] == 1) {
-
-                // LDAP user already created
-                return true;
-            }
-            else {
-
-                // There is already a local user with that username
-                return false;
-            }
-        }
-
-        // Create a LDAP user
-        $values = array(
-            'username' => $username,
-            'name' => $name,
-            'email' => $email,
-            'is_admin' => 0,
-            'is_ldap_user' => 1,
-        );
-
-        return $userModel->create($values);
-    }
-}
author	Frédéric Guillot <fred@kanboard.net>	2014-08-16 13:59:37 -0700
committer	Frédéric Guillot <fred@kanboard.net>	2014-08-16 13:59:37 -0700
commit	925b0ba2e56117e3bbe2947d7938ed35815efa1a (patch)
tree	7c6f47dcaffa9bb03cbd0c807849fcbb82be3e1c /app/Model/Ldap.php
parent	498408d5075cf0060e0f53e58261e6537e0f6080 (diff)