Partial update to Private Key update

data/tables.sql

@@ -72,7 +72,9 @@ CREATE TABLE `sc_users` (
   `email` varchar(50) NOT NULL default '',
   `homepage` varchar(255) default NULL,
   `uContent` text,
-  PRIMARY KEY  (`uId`)
+  `privateKey` varchar(32) NOT NULL,
+  PRIMARY KEY  (`uId`),
+  UNIQUE KEY `privateKey` (`privateKey`)
 ) CHARACTER SET utf8 COLLATE utf8_general_ci ;
 
 -- --------------------------------------------------------
@@ -182,4 +184,4 @@ CREATE TABLE `sc_votes` (
   UNIQUE KEY `bid_2` (`bId`,`uId`),
   KEY `bid` (`bId`),
   KEY `uid` (`uId`)
-) CHARACTER SET utf8 COLLATE utf8_general_ci ;
+) CHARACTER SET utf8 COLLATE utf8_general_ci ;

doc/ChangeLog

@@ -11,6 +11,7 @@ ChangeLog for SemantiScuttle
 - Implement patch #3059829: update FR_CA translation
 - Update php-gettext library to 1.0.10
 - api/posts/add respects the "replace" parameter now
+- Implement Feature Request #3164013 adding ability to log in vi private key
 
 
 0.97.1 - 2010-09-30

src/SemanticScuttle/Model/User.php

@@ -35,17 +35,20 @@ class SemanticScuttle_Model_User
     var $content;
     var $datetime;
     var $isAdmin;
+    var $privateKey;
 
     /**
      * Create a new user object
      *
-     * @param integer $id       User ID
+     * @param integer $id         User ID
-     * @param string  $username Username
+     * @param string  $username   Username
+     * @param string  $privateKey PrivateKey
      */
-    public function __construct($id, $username)
+    public function __construct($id, $username, $privateKey)
     {
         $this->id = $id;
         $this->username = $username;
+        $this->privateKey = $privateKey;
     }
 
     /**
@@ -68,6 +71,16 @@ class SemanticScuttle_Model_User
         return $this->username;
     }
 
+    /**
+     * Returns private key
+     *
+     * @return string private key
+     */
+    public function getPrivateKey()
+    {
+        return $this->privateKey;
+    }
+
     /**
      * Returns full user name as specified in the profile.
      *
@@ -182,4 +195,4 @@ class SemanticScuttle_Model_User
     }
 
 }
-?>
+?>

src/SemanticScuttle/Service/User.php

@@ -42,7 +42,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
     protected $fields = array(
         'primary'   =>  'uId',
         'username'  =>  'username',
-        'password'  =>  'password'
+        'password'  =>  'password',
+	'privatekey'=>  'privateKey'
     );
 
     protected $profileurl;
@@ -456,6 +457,45 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
         }
     }
 
+    /**
+     * Try to authenticate and login a user with
+     * private key.
+     *
+     * @param string  $privatekey Private Key
+     *
+     * @return boolean True if the user could be authenticated,
+     *                 false if not.
+     */
+    public function loginPK($privatekey)
+    {
+        $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('privatekey') .' = "'. $this->db->sql_escape($privatekey) .'"';
+
+        if (!($dbresult = $this->db->sql_query($query))) {
+            message_die(
+                GENERAL_ERROR,
+                'Could not get user',
+                '', __LINE__, __FILE__, $query, $this->db
+            );
+            return false;
+        }
+
+        $row = $this->db->sql_fetchrow($dbresult);
+        $this->db->sql_freeresult($dbresult);
+
+        if ($row) {
+            $id = $_SESSION[$this->getSessionKey()]
+                = $row[$this->getFieldName('primary')];
+            $cookie = $id .':'. md5($username.$password);
+            setcookie(
+                $this->cookiekey, $cookie,
+                time() + $this->cookietime, '/'
+            );
+            return true;
+        } else {
+            return false;
+        }
+    }
+
     function logout() {
         @setcookie($this->getCookiekey(), '', time() - 1, '/');
         unset($_COOKIE[$this->getCookiekey()]);

www/api/httpauth.inc.php

@@ -31,28 +31,37 @@ function authenticate()
 }
 
 if (!$userservice->isLoggedOn()) {
+	/* First check to see if a private key was sent */
+	if (isset($_POST['privatekey']) {
+		$login = $userservice->loginPK($_POST['privatekey']);
+		if ($login) {
+			$currentUser = $userservice->getCurrentObjectUser();
+			return;
+		} else {
+			/* is someone hacking? */
+			/* TODO: Track attempts */
+		}
+	}
+
 	/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
 	 ( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
 	if ((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
-        && isset($_SERVER['REMOTE_USER'])
+	&& isset($_SERVER['REMOTE_USER'])
-        && preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)
+	&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
-    ) {
+	        list($name, $password) = explode(':', base64_decode($matches[1]));
-        list($name, $password) = explode(':', base64_decode($matches[1]));
+		$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
-        $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+		$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
-        $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
 	}
 
-    if (!isset($_SERVER['PHP_AUTH_USER'])) {
+	if (!isset($_SERVER['PHP_AUTH_USER'])) {
-        authenticate();
+		authenticate();
-    } else {
+	} else {
-        $login = $userservice->login(
+		$login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
-            $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
+		if ($login) {
-        );
+			$currentUser = $userservice->getCurrentObjectUser();
-        if ($login) {
+		} else {
-            $currentUser = $userservice->getCurrentObjectUser();
+			authenticate();
-        } else {
+		}
-            authenticate();
+	}
-        }
-    }
 }
 ?>