diff options
author | Craig Andrews <candrews@integralblue.com> | 2009-07-22 10:25:22 -0400 |
---|---|---|
committer | Craig Andrews <candrews@integralblue.com> | 2009-07-22 10:25:22 -0400 |
commit | a54b809778d2f281bebe5d7bc169097294cb183e (patch) | |
tree | 3a36396653316c9ba2a33d3e5d71ee418363c0dc | |
parent | 684fc5d002998abd352f4e1c00c1a9a77cd91e53 (diff) | |
parent | 1aea5989776e75f3b7af236049d511a28c3f1ff7 (diff) |
Merge commit 'jeff-themovie/private-rss' into 0.8.x
-rw-r--r-- | index.php | 3 | ||||
-rw-r--r-- | lib/common.php | 2 | ||||
-rw-r--r-- | lib/rssaction.php | 37 |
3 files changed, 40 insertions, 2 deletions
@@ -165,7 +165,8 @@ function main() if (!$user && common_config('site', 'private') && !in_array($action, array('login', 'openidlogin', 'finishopenidlogin', - 'recoverpassword', 'api', 'doc', 'register'))) { + 'recoverpassword', 'api', 'doc', 'register')) && + !preg_match('/rss$/', $action)) { common_redirect(common_local_url('login')); return; } diff --git a/lib/common.php b/lib/common.php index 9d7954fa9..764c5a077 100644 --- a/lib/common.php +++ b/lib/common.php @@ -19,7 +19,7 @@ if (!defined('LACONICA')) { exit(1); } -define('LACONICA_VERSION', '0.8.1dev'); +define('LACONICA_VERSION', '0.9.0dev'); define('AVATAR_PROFILE_SIZE', 96); define('AVATAR_STREAM_SIZE', 48); diff --git a/lib/rssaction.php b/lib/rssaction.php index 9898894ed..6c982705e 100644 --- a/lib/rssaction.php +++ b/lib/rssaction.php @@ -97,6 +97,31 @@ class Rss10Action extends Action { // Parent handling, including cache check parent::handle($args); + + if (common_config('site', 'private')) { + if (!isset($_SERVER['PHP_AUTH_USER'])) { + + # This header makes basic auth go + header('WWW-Authenticate: Basic realm="Laconica RSS"'); + + # If the user hits cancel -- bam! + $this->show_basic_auth_error(); + return; + } else { + $nickname = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + + if (!common_check_user($nickname, $password)) { + # basic authentication failed + list($proxy, $ip) = common_client_ip(); + + common_log(LOG_WARNING, "Failed RSS auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); + $this->show_basic_auth_error(); + return; + } + } + } + // Get the list of notices if (empty($this->tag)) { $this->notices = $this->getNotices($this->limit); @@ -106,6 +131,18 @@ class Rss10Action extends Action $this->showRss(); } + function show_basic_auth_error() + { + header('HTTP/1.1 401 Unauthorized'); + header('Content-Type: application/xml; charset=utf-8'); + $this->startXML(); + $this->elementStart('hash'); + $this->element('error', null, 'Could not authenticate you.'); + $this->element('request', null, $_SERVER['REQUEST_URI']); + $this->elementEnd('hash'); + $this->endXML(); + } + /** * Get the notices to output in this stream * |