diff options
author | Luke Shumaker <LukeShu@sbcglobal.net> | 2012-08-04 20:06:44 -0700 |
---|---|---|
committer | Luke Shumaker <LukeShu@sbcglobal.net> | 2012-08-04 20:06:44 -0700 |
commit | b0782a625d50c6fce4da50d5c604f5cc4f128b43 (patch) | |
tree | 5a1570d3ef160f2858e7feb8625d7dfaddecf522 /Simple-UM-Login.php | |
parent | cc63226762c39c22340b830a4daea6d4b3a55e21 (diff) |
initial fork of simple-ldap-pluginHEADsimple-um-login
Diffstat (limited to 'Simple-UM-Login.php')
-rw-r--r-- | Simple-UM-Login.php | 166 |
1 files changed, 166 insertions, 0 deletions
diff --git a/Simple-UM-Login.php b/Simple-UM-Login.php new file mode 100644 index 0000000..bd73711 --- /dev/null +++ b/Simple-UM-Login.php @@ -0,0 +1,166 @@ +<?php +/* Plugin Name: Simple UM Login + * Plugin URI: http://mckenzierobotics.org + * Description: Authenticates Wordpress usernames against UM. + * Version: 1.4.0.5.1 + * Author: Luke Shumaker, based on work by Clifton H. Griffin II + * Author URI: http://lukeshu.ath.cx + */ +require_once(dirname(__FILE__).'/umClient.php'); +require_once( ABSPATH . WPINC . '/registration.php'); + +// Admin +function simpleum_menu() { + include 'Simple-UM-Login-Admin.php'; +} + +function simpleum_admin_actions() { + add_options_page("Simple UM Login", "Simple UM Login", 10, "simple-um-login", "simpleum_menu"); +} + +function simpleum_activation_hook() { + // Store settings + add_option("simpleum_url", "http://um.mydomain.local"); + + // Version 1.3 + add_option("simpleum_login_mode", "mode_normal"); + add_option("simpleum_group", ""); + add_option("simpleum_account_type", "Contributor"); + + // Version 1.3.0.2 + add_option("simpleum_security_mode", "security_low"); +} + +// Add the menu +add_action('admin_menu', 'simpleum_admin_actions'); + +// Add filter +add_filter('authenticate', 'sul_authenticate', 1, 3); + +// Authenticate function +function sul_authenticate($user, $username, $password) { + if ( is_a($user, 'WP_User') ) { return $user; } + + // Failed, should we let it continue to lower priority authenticate methods? + if(get_option("simpleum_security_mode") == "security_high") { + remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3); + } + + if ( empty($username) || empty($password) ) { + $error = new WP_Error(); + + if ( empty($username) ) + $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.')); + + if ( empty($password) ) + $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.')); + + return $error; + } + + $uminfo = sul_get_user($username, $password); + if (is_array($uminfo)) { + $user = get_userdatabylogin($username); + if ( !$user || (strtolower($user->user_login) != strtolower($username)) ) { + // No existing WP user, can we create? + switch(get_option('simpleum_login_mode')) { + case "mode_create_all": + $new_user_id = sul_create_wp_user($uminfo); + if (!is_a($new_user_id, 'WP_Error')) { + //It worked + return new WP_User($new_user_id); + } else { + do_action( 'wp_login_failed', $username ); + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message())); + } + break; + case "mode_create_group": + if (sul_is_in_group($uminfo)) { + $new_user_id = sul_create_wp_user($uminfo); + if(!is_a($new_user_id, 'WP_Error')) { + //It worked + return new WP_User($new_user_id); + } else { + do_action( 'wp_login_failed', $username ); + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed and you are in the correct group but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message())); + } + } else { + do_action( 'wp_login_failed', $username ); + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM Login credentials are correct and user creation is allowed but UM user was not in correct UM group.')); + } + break; + default: + do_action( 'wp_login_failed', $username ); + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login mode does not permit account creation.')); + } + } else { + // Wordpress user exists, should we check group membership? + if (get_option('simpleum_login_mode') == "mode_create_group") { + if (sul_is_in_group($uminfo)) { + return new WP_User($user->ID); + } else { + do_action( 'wp_login_failed', $username ); + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials were correct but user is not in the correct group.')); + } + } else { + // Otherwise, we're ready to return the user + return new WP_User($user->ID); + } + } + } else { + return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login could not authenticate your credentials. The security settings do not permit trying the Wordpress user database as a fallback.')); + } +} + +function sul_get_user($username, $password) { + $cookiejar = tempnam(dirname(__FILE__).'/tmp', 'jar'); + $umclient = new umClient(get_option('simpleum_url'), $cookiejar); + $result = $umclient->get_userinfo($username, $password); + unlink($cookiejar); + return $result; +} + +function sul_is_in_group($userinfo) { + // TODO + return true; +} + +function sul_create_wp_user($userinfo) { + $result = 0; + + $userData = array( + 'user_pass' => microtime(), + 'user_login' => $userinfo['username'], + 'user_nicename' => sanitize_title($userinfo['firstname'].' '.$userinfo['lastname']), + 'user_email' => $userinfo['email'], + 'display_name' => $userinfo['firstname'].' '.$userinfo['lastname'], + 'first_name' => $userinfo['firstname'], + 'last_name' => $userinfo['lastname'], + 'role' => strtolower(get_option('simpleum_account_type')) + ); + + $result = wp_insert_user($userData); + return $result; +} + +//Temporary fix for e-mail exists bug +if ( !function_exists('get_user_by_email') ) : +/** + * Retrieve user info by email. + * + * @since 2.5 + * + * @param string $email User's email address + * @return bool|object False on failure, User DB row object + */ +function get_user_by_email($email) { + if(strlen($email) == 0 || empty($email) || $email == "" || strpos($email, "@") == false) { + return false; + } else { + return get_user_by('email', $email); + } +} +endif; + +register_activation_hook( __FILE__, 'simpleum_activation_hook' ); +?> |