Skip to content

Commit

Permalink
#275 extract login logic to separate classes
Browse files Browse the repository at this point in the history
  • Loading branch information
gruberroland committed Feb 14, 2024
1 parent 72db1da commit 5176c0a
Show file tree
Hide file tree
Showing 5 changed files with 60 additions and 15 deletions.
20 changes: 17 additions & 3 deletions lam/docs/manual-sources/chapter-installation.xml
Original file line number Diff line number Diff line change
Expand Up @@ -611,9 +611,23 @@
<section>
<title>8.6 -&gt; 8.7</title>

<para>LAM Pro: Self service profiles that were not saved for more than
3 years must be saved with LAM Pro 8.6 before upgrading to LAM Pro
8.7. </para>
<para>LAM Pro:</para>

<itemizedlist>
<listitem>
<para>Self service profiles that were not saved with a LAM version
of the past 3 years must be saved with LAM Pro 8.6 before
upgrading to LAM Pro 8.7.</para>
</listitem>

<listitem>
<para>Self service profiles that have enabled "HTTP
authentication" need to be reconfigured. Open the self service
profile, select "HTTP authentication" as "Authentication method"
(first tab, server settings) and save the self service
profile.</para>
</listitem>
</itemizedlist>
</section>

<section>
Expand Down
11 changes: 6 additions & 5 deletions lam/docs/manual-sources/chapter-selfService.xml
Original file line number Diff line number Diff line change
Expand Up @@ -195,12 +195,13 @@
</row>

<row>
<entry>HTTP authentication</entry>
<entry>Authentication method</entry>

<entry>You can enable HTTP authentication for your users. This
way the web server is responsible to authenticate your users.
LAM will use the given user name + password for the LDAP login.
To setup HTTP authentication in Apache please see this <ulink
<entry>The default method is user and password login. You can
also enable HTTP authentication for your users. This way the web
server is responsible to authenticate your users. LAM will use
the given user name + password for the LDAP login. To setup HTTP
authentication in Apache please see this <ulink
url="http://httpd.apache.org/docs/2.2/howto/auth.html">link</ulink>.</entry>
</row>

Expand Down
Binary file modified lam/docs/manual-sources/images/conf4.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
3 changes: 3 additions & 0 deletions lam/help/help.inc
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,9 @@ $helpArray = [
"225" => ["Headline" => _('Base URL'),
"Text" => _("Please enter the base URL of your webserver (e.g. https://www.example.com). This is used to generate links in emails.")
],
"226" => ["Headline" => _("Authentication method"),
"Text" => _("Please select how users authenticate at the login screen.")
],
"230" => ["Headline" => _("Profile management") . " - " . _("Add profile"),
"Text" => _("Please enter the name of the new profile and the password to change its settings. Profile names may contain letters, numbers and -/_.")
],
Expand Down
41 changes: 34 additions & 7 deletions lam/lib/selfService.inc
Original file line number Diff line number Diff line change
Expand Up @@ -682,8 +682,10 @@ class selfServiceProfile {
/** LDAP search attribute */
public $searchAttribute;

/** HTTP authentication */
public $httpAuthentication;
/**
* @var string|null login handler ID
*/
public ?string $loginHandler = SelfServiceUserPasswordLoginHandler::ID;

/** header for self service pages */
public $pageHeader;
Expand Down Expand Up @@ -821,7 +823,7 @@ class selfServiceProfile {
$this->useForAllOperations = false;
$this->searchAttribute = "uid";
$this->additionalLDAPFilter = '';
$this->httpAuthentication = false;
$this->loginHandler = '';
$this->pageHeader = '<p><a href="https://www.ldap-account-manager.org/" target="new_window"><img alt="help" class="align-middle" src="../../graphics/logo24.png" style="height:24px; width:24px" /> LDAP Account Manager </a></p><p>&nbsp;</p>';
$this->additionalCSS = '';
$this->baseColor = '#fffde2';
Expand Down Expand Up @@ -921,10 +923,10 @@ class selfServiceProfile {
* @return SelfServiceLoginHandler handler
*/
public function getLoginHandler(): SelfServiceLoginHandler {
if ($this->httpAuthentication) {
return new SelfServiceHttpAuthLoginHandler($this);
}
return new SelfServiceUserPasswordLoginHandler($this);
return match ($this->loginHandler) {
SelfServiceHttpAuthLoginHandler::ID => new SelfServiceHttpAuthLoginHandler($this),
default => new SelfServiceUserPasswordLoginHandler($this),
};
}

}
Expand Down Expand Up @@ -990,6 +992,13 @@ class SelfServiceLdapConnection {
*/
interface SelfServiceLoginHandler {

/**
* Returns a unique ID for the handler.
*
* @return string ID
*/
function getId(): string;

/**
* Adds necessary fields to the login dialog (e.g. user + password).
*
Expand Down Expand Up @@ -1018,6 +1027,8 @@ interface SelfServiceLoginHandler {
*/
class SelfServiceUserPasswordLoginHandler implements SelfServiceLoginHandler {

public const ID = "user_password";

private selfServiceProfile $profile;

/**
Expand All @@ -1029,6 +1040,13 @@ class SelfServiceUserPasswordLoginHandler implements SelfServiceLoginHandler {
$this->profile = $profile;
}

/**
* @inheritDoc
*/
function getId(): string {
return self::ID;
}

/**
* @inheritDoc
*/
Expand Down Expand Up @@ -1070,6 +1088,8 @@ class SelfServiceUserPasswordLoginHandler implements SelfServiceLoginHandler {
*/
class SelfServiceHttpAuthLoginHandler implements SelfServiceLoginHandler {

public const ID = "http_auth";

private selfServiceProfile $profile;

/**
Expand All @@ -1081,6 +1101,13 @@ class SelfServiceHttpAuthLoginHandler implements SelfServiceLoginHandler {
$this->profile = $profile;
}

/**
* @inheritDoc
*/
function getId(): string {
return self::ID;
}

/**
* @inheritDoc
*/
Expand Down

0 comments on commit 5176c0a

Please sign in to comment.