diff options
Diffstat (limited to 'app/Auth/ApiAccessTokenAuth.php')
-rw-r--r-- | app/Auth/ApiAccessTokenAuth.php | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/app/Auth/ApiAccessTokenAuth.php b/app/Auth/ApiAccessTokenAuth.php new file mode 100644 index 00000000..12ab21a7 --- /dev/null +++ b/app/Auth/ApiAccessTokenAuth.php @@ -0,0 +1,119 @@ +<?php + +namespace Kanboard\Auth; + +use Kanboard\Core\Base; +use Kanboard\Core\Security\PasswordAuthenticationProviderInterface; +use Kanboard\Model\UserModel; +use Kanboard\User\DatabaseUserProvider; + +/** + * API Access Token Authentication Provider + * + * @package Kanboard\Auth + * @author Frederic Guillot + */ +class ApiAccessTokenAuth extends Base implements PasswordAuthenticationProviderInterface +{ + /** + * User properties + * + * @access protected + * @var array + */ + protected $userInfo = array(); + + /** + * Username + * + * @access protected + * @var string + */ + protected $username = ''; + + /** + * Password + * + * @access protected + * @var string + */ + protected $password = ''; + + /** + * Get authentication provider name + * + * @access public + * @return string + */ + public function getName() + { + return 'API Access Token'; + } + + /** + * Authenticate the user + * + * @access public + * @return boolean + */ + public function authenticate() + { + if (! isset($this->sessionStorage->scope) || $this->sessionStorage->scope !== 'API') { + $this->logger->debug(__METHOD__.': Authentication provider skipped because invalid scope'); + return false; + } + + $user = $this->db + ->table(UserModel::TABLE) + ->columns('id', 'password') + ->eq('username', $this->username) + ->eq('api_access_token', $this->password) + ->notNull('api_access_token') + ->eq('is_active', 1) + ->findOne(); + + if (! empty($user)) { + $this->userInfo = $user; + return true; + } + + return false; + } + + /** + * Get user object + * + * @access public + * @return \Kanboard\User\DatabaseUserProvider + */ + public function getUser() + { + if (empty($this->userInfo)) { + return null; + } + + return new DatabaseUserProvider($this->userInfo); + } + + /** + * Set username + * + * @access public + * @param string $username + */ + public function setUsername($username) + { + $this->username = $username; + } + + /** + * Set password + * + * @access public + * @param string $password + */ + public function setPassword($password) + { + $this->password = $password; + } +} |