2007-12-12 16:29:16 +00:00
|
|
|
<?php
|
|
|
|
|
// Provides HTTP Basic authentication of a user, and sets two variables, sId and username,
|
|
|
|
|
// with the user's info.
|
|
|
|
|
|
|
|
|
|
function authenticate() {
|
2008-04-02 14:57:28 +00:00
|
|
|
header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
|
2007-12-12 16:29:16 +00:00
|
|
|
header('HTTP/1.0 401 Unauthorized');
|
2008-04-03 06:57:38 +00:00
|
|
|
|
2007-12-12 16:29:16 +00:00
|
|
|
die("Use of the API calls requires authentication.");
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-03 06:57:38 +00:00
|
|
|
|
|
|
|
|
/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
|
|
|
|
|
( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
|
|
|
|
|
if((!$_SERVER['PHP_AUTH_USER'] || !$_SERVER['PHP_AUTH_USER'])
|
|
|
|
|
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
|
|
|
|
|
list($name, $password) = explode(':', base64_decode($matches[1]));
|
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
|
|
|
|
|
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2007-12-12 16:29:16 +00:00
|
|
|
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
|
|
|
|
authenticate();
|
|
|
|
|
} else {
|
|
|
|
|
require_once('../header.inc.php');
|
|
|
|
|
$userservice =& ServiceFactory::getServiceInstance('UserService');
|
|
|
|
|
|
2008-04-03 06:57:38 +00:00
|
|
|
$login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
|
2007-12-12 16:29:16 +00:00
|
|
|
if (!$login) {
|
|
|
|
|
authenticate();
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-04-02 14:57:28 +00:00
|
|
|
?>
|
