Migrate auth_realm from legacy config.
This commit is contained in:
Ben Banfield-Zanin
parent
13d445518d
commit
288f6b61cd
3 changed files with 10 additions and 12 deletions
|
|
@ -65,6 +65,8 @@ class Standard extends \Baikal\Model\Config {
|
|||
"cal_enabled" => true,
|
||||
"dav_auth_type" => "Digest",
|
||||
"admin_passwordhash" => "",
|
||||
// While not editable as will change admin & any existing user passwords,
|
||||
// could be set to different value when migrating from legacy config
|
||||
"auth_realm" => "BaikalDAV",
|
||||
"base_uri" => ""
|
||||
];
|
||||
|
|
@ -146,7 +148,7 @@ class Standard extends \Baikal\Model\Config {
|
|||
if ($sProp === "admin_passwordhash" && $sValue !== "") {
|
||||
parent::set(
|
||||
"admin_passwordhash",
|
||||
\BaikalAdmin\Core\Auth::hashAdminPassword($sValue)
|
||||
\BaikalAdmin\Core\Auth::hashAdminPassword($sValue, $this->aData["auth_realm"])
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -55,6 +55,10 @@ class Initialize extends \Flake\Core\Controller {
|
|||
$this->oModel->set('invite_from', defined("BAIKAL_INVITE_FROM") ? BAIKAL_INVITE_FROM : "");
|
||||
$this->oModel->set('dav_auth_type', BAIKAL_DAV_AUTH_TYPE);
|
||||
}
|
||||
if (file_exists(PROJECT_PATH_SPECIFIC . "config.system.php")) {
|
||||
require_once PROJECT_PATH_SPECIFIC . "config.system.php";
|
||||
$this->oModel->set('auth_realm', BAIKAL_AUTH_REALM);
|
||||
}
|
||||
|
||||
$this->oForm = $this->oModel->formForThisModelInstance([
|
||||
"close" => false
|
||||
|
|
|
|||
|
|
@ -48,12 +48,13 @@ class Auth {
|
|||
$sUser = \Flake\Util\Tools::POST("login");
|
||||
$sPass = \Flake\Util\Tools::POST("password");
|
||||
|
||||
$sPassHash = self::hashAdminPassword($sPass);
|
||||
try {
|
||||
$config = Yaml::parseFile(PROJECT_PATH_CONFIG . "baikal.yaml");
|
||||
} catch (\Exception $e) {
|
||||
error_log('Error reading baikal.yaml file : ' . $e->getMessage());
|
||||
return false;
|
||||
}
|
||||
$sPassHash = self::hashAdminPassword($sPass, $config['system']['auth_realm']);
|
||||
if ($sUser === "admin" && $sPassHash === $config['system']['admin_passwordhash']) {
|
||||
$_SESSION["baikaladminauth"] = md5($config['system']['admin_passwordhash']);
|
||||
|
||||
|
|
@ -67,16 +68,7 @@ class Auth {
|
|||
unset($_SESSION["baikaladminauth"]);
|
||||
}
|
||||
|
||||
static function hashAdminPassword($sPassword) {
|
||||
try {
|
||||
$config = Yaml::parseFile(PROJECT_PATH_CONFIG . "baikal.yaml");
|
||||
} catch (\Exception $e) {
|
||||
error_log('Error reading baikal.yaml file : ' . $e->getMessage());
|
||||
}
|
||||
|
||||
# Fallback to default value; useful when initializing App, as all constants are not set yet
|
||||
$sAuthRealm = $config['system']['auth_realm'] ?? "BaikalDAV";
|
||||
|
||||
static function hashAdminPassword($sPassword, $sAuthRealm) {
|
||||
return hash('sha256', 'admin:' . $sAuthRealm . ':' . $sPassword);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue