Download
HTTP Authentication plugin for WordPress MU (2.92 KB)
Source
Code mélangé de Daniel Westermann-Clark et Simon Wilkinson.
Code
-
< ?php
-
/*
-
Plugin Name: HTTP Authentication MU
-
Version: 2.0.1
-
Plugin URI: http://dev.webadmin.ufl.edu/~dwc/2008/04/16/http-authentication-20/
-
Description: Authenticate users using basic HTTP authentication (<code>REMOTE_USER). This plugin assumes users are externally authenticated, as with <a href="http://www.gatorlink.ufl.edu/">GatorLink</a>. Patched for Wordpress MU by <a href="http://orthrus.blogspot.com/">Simon Wilkinson</a> and <a href="http://www.cyann.net/">Flavien Scheurer</a>.
-
Author: Daniel Westermann-Clark
-
Author URI: http://dev.webadmin.ufl.edu/~dwc/
-
*/
-
-
if (! class_exists('HTTPAuthenticationPlugin')) {
-
class HTTPAuthenticationPlugin {
-
function HTTPAuthenticationPlugin() {
-
if (isset($_GET['activate']) and $_GET['activate'] == 'true') {
-
add_action('init', array(&$this, 'initialize_options'));
-
}
-
add_action('admin_menu', array(&$this, 'add_options_page'));
-
add_action('wp_authenticate', array(&$this, 'authenticate'), 10, 2);
-
add_filter('check_password', array(&$this, 'skip_password_check'), 10, 4);
-
add_action('wp_logout', array(&$this, 'logout'));
-
add_action('lost_password', array(&$this, 'disable_function'));
-
add_action('retrieve_password', array(&$this, 'disable_function'));
-
add_action('password_reset', array(&$this, 'disable_function'));
-
add_action('check_passwords', array(&$this, 'generate_password'), 10, 3);
-
add_filter('show_password_fields', array(&$this, 'disable_password_fields'));
-
}
-
-
-
/*************************************************************
-
* Plugin hooks
-
*************************************************************/
-
-
/*
-
* Add options for this plugin to the database.
-
*/
-
function initialize_options() {
-
if (current_user_can('manage_options')) {
-
add_site_option('http_authentication_logout_uri', get_option('home'), 'The URI to which the user is redirected when she chooses "Logout".');
-
add_site_option('http_authentication_auto_create_user', false, 'Should a new user be created automatically if not already in the WordPress database?');
-
add_site_option('http_authentication_auto_create_email_domain', '', 'The domain to use for the email address of an automatically created user.');
-
}
-
}
-
-
/*
-
* Add an options pane for this plugin.
-
*/
-
function add_options_page() {
-
if (function_exists('add_options_page')) {
-
add_options_page('HTTP Authentication', 'HTTP Authentication', 9, __FILE__, array(&$this, '_display_options_page'));
-
}
-
}
-
-
/*
-
* If the REMOTE_USER evironment is set, use it as the username.
-
* This assumes that you have externally authenticated the user.
-
*/
-
function authenticate($username, $password) {
-
if (empty($_SERVER['REMOTE_USER'])) {
-
die('No REMOTE_USER found; please check your external authentication configuration');
-
}
-
-
// Fake WordPress into authenticating by overriding the credentials
-
$username = strtolower($_SERVER['REMOTE_USER']);
-
$password = $this->_get_password();
-
-
// Create new users automatically, if configured
-
$user = get_userdatabylogin($username);
-
if (! $user or $user->user_login != $username) {
-
if ((bool) get_site_option('http_authentication_auto_create_user')) {
-
$this->_create_user($username);
-
}
-
else {
-
// Bail out to avoid showing the login form
-
die("User $username does not exist in the WordPress database. Maybe user auto creation is not activated.");
-
}
-
}
-
}
-
-
/*
-
* Skip the password check, since we've externally authenticated.
-
*/
-
function skip_password_check($check, $password, $hash, $user_id) {
-
return true;
-
}
-
-
/*
-
* Logout the user by redirecting them to the logout URI.
-
*/
-
function logout() {
-
header('Location: ' . get_site_option('http_authentication_logout_uri'));
-
exit();
-
}
-
-
/*
-
* Generate a password for the user. This plugin does not
-
* require the user to enter this value, but we want to set it
-
* to something nonobvious.
-
*/
-
function generate_password($username, $password1, $password2) {
-
$password1 = $password2 = $this->_get_password();
-
}
-
-
/*
-
* Used to disable certain display elements, e.g. password
-
* fields on profile screen.
-
*/
-
function disable_password_fields($show_password_fields) {
-
return false;
-
}
-
-
/*
-
* Used to disable certain login functions, e.g. retrieving a
-
* user's password.
-
*/
-
function disable_function() {
-
die('Disabled');
-
}
-
-
-
/*************************************************************
-
* Functions
-
*************************************************************/
-
-
/*
-
* Generate a random password.
-
*/
-
function _get_password($length = 10) {
-
return substr(md5(uniqid(microtime())), 0, $length);
-
}
-
-
/*
-
* Create a new WordPress account for the specified username.
-
*/
-
function _create_user($username) {
-
$password = $this->_get_password();
-
$email_domain = get_site_option('http_authentication_auto_create_email_domain');
-
-
require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
-
-
if (strpos($username, '@') !== FALSE) {
-
$email = $username;
-
} else {
-
$email = $username . '@' . $email_domain;
-
}
-
-
// Use Apache header if defined for email.
-
if (!empty($_SERVER['HTTP_MAIL']))
-
$email = strtolower($_SERVER['HTTP_MAIL']);
-
-
// Fill user_details array.
-
$user_details['user_login'] = $username;
-
$user_details['user_email'] = $email;
-
$user_details['user_pass'] = $password;
-
$user_details['nickname'] = $username;
-
// Use some Apache headers if defined for the remaining user details.
-
if (!empty($_SERVER['HTTP_REGISTEREDNAME']))
-
$user_details['display_name'] = $_SERVER['HTTP_REGISTEREDNAME'];
-
if (!empty($_SERVER['HTTP_GIVENNAME']))
-
$user_details['first_name'] = $_SERVER['HTTP_GIVENNAME'];
-
if (!empty($_SERVER['HTTP_SN']))
-
$user_details['last_name'] = $_SERVER['HTTP_SN'];
-
-
// Create the user with all the available details.
-
$userid = wp_insert_user($user_details);
-
-
do_action('wpmu_activate_user', $user_id, $password);
-
-
}
-
-
/*
-
* Display the options for this plugin.
-
*/
-
function _display_options_page() {
-
if(is_site_admin() == false) {
-
wp_die( __('<p>You do not have permission to access this page.</p>') );
-
}
-
-
if ($_POST['httpOptionsSave']) {
-
update_site_option('http_authentication_logout_uri', $_POST['http_authentication_logout_uri']);
-
update_site_option('http_authentication_auto_create_user', $_POST['http_authentication_auto_create_user']);
-
update_site_option('http_authentication_auto_create_email_domain', $_POST['http_authentication_auto_create_email_domain']);
-
?>
-
<div id="message" class="updated fade"><p>< ?php _e('Options saved!'); ?></p></div>< ?php
-
}
-
$logout_uri = get_site_option('http_authentication_logout_uri');
-
$auto_create_user = (bool) get_site_option('http_authentication_auto_create_user');
-
$auto_create_email_domain = get_site_option('http_authentication_auto_create_email_domain');
-
?>
-
<div class="wrap">
-
<h2>HTTP Authentication Options</h2>
-
<form method="post">
-
<input type="hidden" name="action" value="update" />
-
<input type="hidden" name="page_options" value="http_authentication_logout_uri,http_authentication_auto_create_user,http_authentication_auto_create_email_domain" />
-
< ?php if (function_exists('wp_nonce_field')): wp_nonce_field('update-options'); endif; ?>
-
-
<table class="form-table">
-
<tr valign="top">
-
<th scope="row"><label for="http_authentication_logout_uri">Logout URI</label></th>
-
<td>
-
<input type="text" name="http_authentication_logout_uri" id="http_authentication_logout_uri" value="<?php echo htmlspecialchars($logout_uri) ?/>" size="50" /><br />
-
Default is <code>< ?php echo htmlspecialchars(get_settings('home')); ?></code>; override to e.g. remove a cookie.
-
</td>
-
</tr>
-
<tr valign="top">
-
<th scope="row"><label for="http_authentication_auto_create_user">Automatically create accounts?</label></th>
-
<td>
-
<input type="checkbox" name="http_authentication_auto_create_user" id="http_authentication_auto_create_user"<?php if ($auto_create_user) echo ' checked="checked"' ?/> value="1" /><br />
-
Should a new user be created automatically if not already in the WordPress database?<br />
-
Created users will obtain the role defined under "New User Default Role" on the <a href="options-general.php">General Options</a> page.
-
</td>
-
</tr>
-
<tr valign="top">
-
<th scope="row"><label for="http_authentication_auto_create_email_domain">Email address domain</label></th>
-
<td>
-
<input type="text" name="http_authentication_auto_create_email_domain" id="http_authentication_auto_create_email_domain" value="<?php echo htmlspecialchars($auto_create_email_domain) ?/>" size="50" /><br />
-
When a new user logs in, this domain is used for the initial email address on their account. The user can change his or her email address by editing their profile.
-
</td>
-
</tr>
-
</table>
-
<p class="submit">
-
<input type="submit" name="httpOptionsSave" value="Save Changes" />
-
</p>
-
</form>
-
</div>
-
< ?php
-
}
-
}
-
}
-
-
// Load the plugin hooks, etc.
-
$http_authentication_plugin = new HTTPAuthenticationPlugin();
-
?>

0 commentaires à “WordPress MU: plugin d’authentification HTTP”
Laisser un commentaire