viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 23:16:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

dev

Browse Source
This commit is contained in:
Yuri Kuznetsov
2020-07-08 17:30:25 +03:00
parent 75386b4355
commit f8f7c4fbff
3 changed files with 25 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
application/Espo/Core/Api/Auth.php
View File

@@ -93,10 +93,8 @@ class Auth
list($username, $password) = $this->decodeAuthorizationString($request->getHeader('Espo-Authorization'));
} else if ($request->hasHeader('X-Hmac-Authorization')) {
$authenticationMethod = 'Hmac';
$username = $this->decodeAuthorizationString($request->getHeader('X-Hmac-Authorization'))[0];
} else if ($request->hasHeader('X-Api-Key')) {
$authenticationMethod = 'ApiKey';
$username = $request->getHeader('X-Api-Key');
}
if (!$authenticationMethod) {
@@ -115,33 +113,33 @@ class Auth
}
if (!$username) {
$espoCgiAuth = $request->getHeader('Http-Espo-Cgi-Auth') ?? $request->getHeader('Redirect-Http-Espo-Cgi-Auth');
$cgiAuthString = $request->getHeader('Http-Espo-Cgi-Auth') ?? $request->getHeader('Redirect-Http-Espo-Cgi-Auth');
if ($cgiAuthString) {
list($username, $password) = $this->decodeAuthorizationString(substr($cgiAuthString, 6));
}
}
}
$hasAuthData = $username || $authenticationMethod;
if (!$this->authRequired) {
if (!$this->isEntryPoint) {
if ($username && $password) {
try {
$isAuthenticated = $this->auth->login($username, $password, $request);
} catch (Exception $e) {
$this->processException($response, $e);
return;
}
if ($isAuthenticated) {
$this->resolve();
return;
}
if (!$this->isEntryPoint && $hasAuthData) {
try {
$isAuthenticated = $this->auth->login($username, $password, $request, $authenticationMethod);
} catch (Exception $e) {
$this->processException($response, $e);
return;
}
if ($isAuthenticated) {
$this->resolve();
return;
}
}
$this->resolveUseNoAuth();
return;
}
if ($username) {
if ($hasAuthData) {
try {
$authResult = $this->auth->login($username, $password, $request, $authenticationMethod);
} catch (Exception $e) {

2
application/Espo/Core/Application.php
View File

@@ -205,7 +205,7 @@ class Application
$apiAuth->process($requestWrapped, $responseWrapped);
if (!$apiAuth->isResolved()) {
$requestWrapped->getResponse();
return $responseWrapped->getResponse();
}
if ($apiAuth->isResolvedUseNoAuth()) {
$this->setupSystemUser();

14
application/Espo/Core/Utils/Auth.php
View File

@@ -137,12 +137,12 @@ class Auth
}
/**
* Process a username and password check.
* Process a credentials check.
*
* @return Status and additional data. NULL if failed.
*/
public function login(
string $username, ?string $password = null, Request $request, ?string $authenticationMethod = null
?string $username, ?string $password = null, Request $request, ?string $authenticationMethod = null
) : ?array {
$isByTokenOnly = false;
@@ -208,7 +208,9 @@ class Auth
}
if ($isByTokenOnly && !$authToken) {
$GLOBALS['log']->info("AUTH: Trying to login as user '{$username}' by token but token is not found.");
if ($username) {
$GLOBALS['log']->info("AUTH: Trying to login as user '{$username}' by token but token is not found.");
}
return null;
}
@@ -450,7 +452,7 @@ class Auth
}
protected function createAuthLogRecord(
string $username, ?User $user, Request $request, ?string $authenticationMethod = null
?string $username, ?User $user, Request $request, ?string $authenticationMethod = null
) : ?AuthLogRecord {
if ($username === '**logout') return null;
@@ -458,6 +460,10 @@ class Auth
$requestUrl = $request->getUri()->getScheme() . '://' . $request->getUri()->getHost() . $request->getUri()->getPath();
if (!$username && $user) {
$username = $user->get('userName');
}
$authLogRecord->set([
'username' => $username,
'ipAddress' => $request->getServerParam('REMOTE_ADDR'),