summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--index.php3
-rw-r--r--lib/rssaction.php34
2 files changed, 36 insertions, 1 deletions
diff --git a/index.php b/index.php
index 5f9a048f2..69c0bc1b2 100644
--- a/index.php
+++ b/index.php
@@ -165,7 +165,8 @@ function main()
if (!$user && common_config('site', 'private') &&
!in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
- 'recoverpassword', 'api', 'doc', 'register'))) {
+ 'recoverpassword', 'api', 'doc', 'register')) &&
+ !preg_match('/rss$/', $action)) {
common_redirect(common_local_url('login'));
return;
}
diff --git a/lib/rssaction.php b/lib/rssaction.php
index fe3fd6f4a..dceabcbec 100644
--- a/lib/rssaction.php
+++ b/lib/rssaction.php
@@ -96,6 +96,28 @@ class Rss10Action extends Action
{
// Parent handling, including cache check
parent::handle($args);
+
+ if (common_config('site', 'private')) {
+ if (!isset($_SERVER['PHP_AUTH_USER'])) {
+
+ # This header makes basic auth go
+ header('WWW-Authenticate: Basic realm="Laconica RSS"');
+
+ # If the user hits cancel -- bam!
+ $this->show_basic_auth_error();
+ return;
+ } else {
+ $nickname = $_SERVER['PHP_AUTH_USER'];
+ $password = $_SERVER['PHP_AUTH_PW'];
+
+ if (!common_check_user($nickname, $password)) {
+ # basic authentication failed
+ $this->show_basic_auth_error();
+ return;
+ }
+ }
+ }
+
// Get the list of notices
if (empty($this->tag)) {
$this->notices = $this->getNotices($this->limit);
@@ -105,6 +127,18 @@ class Rss10Action extends Action
$this->showRss();
}
+ function show_basic_auth_error()
+ {
+ header('HTTP/1.1 401 Unauthorized');
+ header('Content-Type: application/xml; charset=utf-8');
+ $this->startXML();
+ $this->elementStart('hash');
+ $this->element('error', null, 'Could not authenticate you.');
+ $this->element('request', null, $_SERVER['REQUEST_URI']);
+ $this->elementEnd('hash');
+ $this->endXML();
+ }
+
/**
* Get the notices to output in this stream
*