Hallo,
wir haben das mal für FE-User gemacht, das ganze via EID eingebunden.
-------------------
<?php
class Tx_Fo_Eid_Index {
const allowedUsergroup = 1;
const allowedPid = 155;
public function main() {
$action = t3lib_div::_GP('action');
try {
$out = '';
switch ($action) {
case 'login':
$out = $this->loginAction();
break;
default:
throw new Exception('No action
defined');
}
echo $out;
} catch (Exception $e) {
exit;
}
}
/**
* Check by a given username and password if
* a user is found which matches
*
* @return serialized array
*/
protected function loginAction() {
$username = t3lib_div::_GET('username');
$password = t3lib_div::_GET('password');
if (empty($username) || empty($password)) {
throw new UnexpectedValueException('Username or
password not given');
}
tslib_eidtools::connectDB();
$userRecord = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'*',
'fe_users',
'disable=0 AND (username=' .
$GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' OR email=' .
$GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' ) AND pid=' .
(int)self::allowedPid
);
if (!is_array($userRecord)) {
throw new Exception('User with username not found');
}
// check usergroup
if (!t3lib_div::inList($userRecord['usergroup'],
self::allowedUsergroup)) {
throw new Exception('Usergroup is wrong');
}
// compare password
$validPassword = $this->compareUserRecordWithPassword($userRecord,
$password);
if ($validPassword) {
return serialize($userRecord);
} else {
throw new Exception('No valid password');
}
}
/**
* Check password of user with a given one
*
* @param array $userRecord
* @param string $password
* @return boolean
*/
private function compareUserRecordWithPassword(array $userRecord,
$password) {
t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords',
'classes/salts/class.tx_saltedpasswords_salts_factory.php'));
$this->objInstanceSaltedPW =
tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'],
'FE');
if (!is_object($this->objInstanceSaltedPW)) {
$isValid = md5($password) == $userRecord['password'];
return $isValid;
}
$validPassword = $this->objInstanceSaltedPW->checkPassword($password,
$userRecord['password']);
return $validPassword;
}
}
$resolver = t3lib_div::makeInstance('Tx_Fo_Eid_Index');
$resolver->main();
?>
------------
tx_saltedpasswords_salts_factory::getSaltingInstance => BE statt FE
sollte funktionieren.
IP-Sperren usw sollte natürlich auch noch gemacht werden
lg georg
_______________________________________________
TYPO3-german mailing list
TYPO3-german@lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-german
