summaryrefslogtreecommitdiff
path: root/Simple-UM-Login.php
diff options
context:
space:
mode:
authorLuke Shumaker <LukeShu@sbcglobal.net>2012-08-04 20:06:44 -0700
committerLuke Shumaker <LukeShu@sbcglobal.net>2012-08-04 20:06:44 -0700
commitb0782a625d50c6fce4da50d5c604f5cc4f128b43 (patch)
tree5a1570d3ef160f2858e7feb8625d7dfaddecf522 /Simple-UM-Login.php
parentcc63226762c39c22340b830a4daea6d4b3a55e21 (diff)
initial fork of simple-ldap-pluginHEADsimple-um-login
Diffstat (limited to 'Simple-UM-Login.php')
-rw-r--r--Simple-UM-Login.php166
1 files changed, 166 insertions, 0 deletions
diff --git a/Simple-UM-Login.php b/Simple-UM-Login.php
new file mode 100644
index 0000000..bd73711
--- /dev/null
+++ b/Simple-UM-Login.php
@@ -0,0 +1,166 @@
+<?php
+/* Plugin Name: Simple UM Login
+ * Plugin URI: http://mckenzierobotics.org
+ * Description: Authenticates Wordpress usernames against UM.
+ * Version: 1.4.0.5.1
+ * Author: Luke Shumaker, based on work by Clifton H. Griffin II
+ * Author URI: http://lukeshu.ath.cx
+ */
+require_once(dirname(__FILE__).'/umClient.php');
+require_once( ABSPATH . WPINC . '/registration.php');
+
+// Admin
+function simpleum_menu() {
+ include 'Simple-UM-Login-Admin.php';
+}
+
+function simpleum_admin_actions() {
+ add_options_page("Simple UM Login", "Simple UM Login", 10, "simple-um-login", "simpleum_menu");
+}
+
+function simpleum_activation_hook() {
+ // Store settings
+ add_option("simpleum_url", "http://um.mydomain.local");
+
+ // Version 1.3
+ add_option("simpleum_login_mode", "mode_normal");
+ add_option("simpleum_group", "");
+ add_option("simpleum_account_type", "Contributor");
+
+ // Version 1.3.0.2
+ add_option("simpleum_security_mode", "security_low");
+}
+
+// Add the menu
+add_action('admin_menu', 'simpleum_admin_actions');
+
+// Add filter
+add_filter('authenticate', 'sul_authenticate', 1, 3);
+
+// Authenticate function
+function sul_authenticate($user, $username, $password) {
+ if ( is_a($user, 'WP_User') ) { return $user; }
+
+ // Failed, should we let it continue to lower priority authenticate methods?
+ if(get_option("simpleum_security_mode") == "security_high") {
+ remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
+ }
+
+ if ( empty($username) || empty($password) ) {
+ $error = new WP_Error();
+
+ if ( empty($username) )
+ $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
+
+ if ( empty($password) )
+ $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
+
+ return $error;
+ }
+
+ $uminfo = sul_get_user($username, $password);
+ if (is_array($uminfo)) {
+ $user = get_userdatabylogin($username);
+ if ( !$user || (strtolower($user->user_login) != strtolower($username)) ) {
+ // No existing WP user, can we create?
+ switch(get_option('simpleum_login_mode')) {
+ case "mode_create_all":
+ $new_user_id = sul_create_wp_user($uminfo);
+ if (!is_a($new_user_id, 'WP_Error')) {
+ //It worked
+ return new WP_User($new_user_id);
+ } else {
+ do_action( 'wp_login_failed', $username );
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message()));
+ }
+ break;
+ case "mode_create_group":
+ if (sul_is_in_group($uminfo)) {
+ $new_user_id = sul_create_wp_user($uminfo);
+ if(!is_a($new_user_id, 'WP_Error')) {
+ //It worked
+ return new WP_User($new_user_id);
+ } else {
+ do_action( 'wp_login_failed', $username );
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed and you are in the correct group but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message()));
+ }
+ } else {
+ do_action( 'wp_login_failed', $username );
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM Login credentials are correct and user creation is allowed but UM user was not in correct UM group.'));
+ }
+ break;
+ default:
+ do_action( 'wp_login_failed', $username );
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login mode does not permit account creation.'));
+ }
+ } else {
+ // Wordpress user exists, should we check group membership?
+ if (get_option('simpleum_login_mode') == "mode_create_group") {
+ if (sul_is_in_group($uminfo)) {
+ return new WP_User($user->ID);
+ } else {
+ do_action( 'wp_login_failed', $username );
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials were correct but user is not in the correct group.'));
+ }
+ } else {
+ // Otherwise, we're ready to return the user
+ return new WP_User($user->ID);
+ }
+ }
+ } else {
+ return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login could not authenticate your credentials. The security settings do not permit trying the Wordpress user database as a fallback.'));
+ }
+}
+
+function sul_get_user($username, $password) {
+ $cookiejar = tempnam(dirname(__FILE__).'/tmp', 'jar');
+ $umclient = new umClient(get_option('simpleum_url'), $cookiejar);
+ $result = $umclient->get_userinfo($username, $password);
+ unlink($cookiejar);
+ return $result;
+}
+
+function sul_is_in_group($userinfo) {
+ // TODO
+ return true;
+}
+
+function sul_create_wp_user($userinfo) {
+ $result = 0;
+
+ $userData = array(
+ 'user_pass' => microtime(),
+ 'user_login' => $userinfo['username'],
+ 'user_nicename' => sanitize_title($userinfo['firstname'].' '.$userinfo['lastname']),
+ 'user_email' => $userinfo['email'],
+ 'display_name' => $userinfo['firstname'].' '.$userinfo['lastname'],
+ 'first_name' => $userinfo['firstname'],
+ 'last_name' => $userinfo['lastname'],
+ 'role' => strtolower(get_option('simpleum_account_type'))
+ );
+
+ $result = wp_insert_user($userData);
+ return $result;
+}
+
+//Temporary fix for e-mail exists bug
+if ( !function_exists('get_user_by_email') ) :
+/**
+ * Retrieve user info by email.
+ *
+ * @since 2.5
+ *
+ * @param string $email User's email address
+ * @return bool|object False on failure, User DB row object
+ */
+function get_user_by_email($email) {
+ if(strlen($email) == 0 || empty($email) || $email == "" || strpos($email, "@") == false) {
+ return false;
+ } else {
+ return get_user_by('email', $email);
+ }
+}
+endif;
+
+register_activation_hook( __FILE__, 'simpleum_activation_hook' );
+?>