Auth is almost complete

This commit is contained in:
flash 2015-04-24 19:31:09 +00:00
parent 3229dc1108
commit c70c7e058a
7 changed files with 73 additions and 20 deletions

View file

@ -77,6 +77,10 @@ class Users {
// Log a user in // Log a user in
public static function login($username, $password, $remember = false) { public static function login($username, $password, $remember = false) {
// Check if authentication is disallowed
if(Configuration::getConfig('lock_authentication'))
return [0, 'AUTH_LOCKED'];
// Check if the user that's trying to log in actually exists // Check if the user that's trying to log in actually exists
if(!$uid = self::userExists($username, false)) if(!$uid = self::userExists($username, false))
return [0, 'USER_NOT_EXIST']; return [0, 'USER_NOT_EXIST'];
@ -145,6 +149,10 @@ class Users {
// Register user // Register user
public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) { public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) {
// Check if authentication is disallowed
if(Configuration::getConfig('lock_authentication'))
return [0, 'AUTH_LOCKED'];
// Check if registration is even enabled // Check if registration is even enabled
if(Configuration::getConfig('disable_registration')) if(Configuration::getConfig('disable_registration'))
return [0, 'DISABLED']; return [0, 'DISABLED'];
@ -182,18 +190,6 @@ class Users {
if(strlen($username) > 16) if(strlen($username) > 16)
return [0, 'NAME_TOO_LONG']; return [0, 'NAME_TOO_LONG'];
// Password too short
if(strlen($password) < 8)
return [0, 'PASS_TOO_SHORT'];
// Password too long
if(strlen($password) > 256)
return [0, 'PASS_TOO_LONG'];
// Passwords do not match
if($password != $confirmpass)
return [0, 'PASS_NOT_MATCH'];
// Check if the given email address is formatted properly // Check if the given email address is formatted properly
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) if(!filter_var($email, FILTER_VALIDATE_EMAIL))
return [0, 'INVALID_EMAIL']; return [0, 'INVALID_EMAIL'];
@ -202,6 +198,14 @@ class Users {
if(!Main::checkMXRecord($email)) if(!Main::checkMXRecord($email))
return [0, 'INVALID_MX']; return [0, 'INVALID_MX'];
// Check password entropy
if(Main::pwdEntropy($password) < Configuration::getConfig('min_entropy'))
return [0, 'PASS_TOO_SHIT'];
// Passwords do not match
if($password != $confirmpass)
return [0, 'PASS_NOT_MATCH'];
// Set a few variables // Set a few variables
$usernameClean = Main::cleanString($username, true); $usernameClean = Main::cleanString($username, true);
$emailClean = Main::cleanString($email, true); $emailClean = Main::cleanString($email, true);
@ -257,6 +261,10 @@ class Users {
// Check if a user exists and then resend the activation e-mail // Check if a user exists and then resend the activation e-mail
public static function resendActivationMail($username, $email) { public static function resendActivationMail($username, $email) {
// Check if authentication is disallowed
if(Configuration::getConfig('lock_authentication'))
return [0, 'AUTH_LOCKED'];
// Clean username string // Clean username string
$usernameClean = Main::cleanString($username, true); $usernameClean = Main::cleanString($username, true);
$emailClean = Main::cleanString($email, true); $emailClean = Main::cleanString($email, true);

View file

@ -8,7 +8,7 @@
namespace Sakura; namespace Sakura;
// Define Sakura version // Define Sakura version
define('SAKURA_VERSION', '20150421'); define('SAKURA_VERSION', '20150424');
// Define Sakura Path // Define Sakura Path
define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__))); define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));
@ -60,6 +60,7 @@ $renderData = array(
'recaptcha_enable' => Configuration::getConfig('recaptcha'), 'recaptcha_enable' => Configuration::getConfig('recaptcha'),
'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL), 'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL),
'disableregister' => Configuration::getConfig('disable_registration'), 'disableregister' => Configuration::getConfig('disable_registration'),
'lockauth' => Configuration::getConfig('lock_authentication'),
'requireregcodes' => Configuration::getConfig('require_registration_code'), 'requireregcodes' => Configuration::getConfig('require_registration_code'),
'requireactiveate' => Configuration::getConfig('require_activation'), 'requireactiveate' => Configuration::getConfig('require_activation'),
'sitename' => Configuration::getConfig('sitename') 'sitename' => Configuration::getConfig('sitename')

View file

@ -17,7 +17,7 @@
<!-- JS --> <!-- JS -->
<script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js?s={{ php.time }}"></script> <script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js?s={{ php.time }}"></script>
<script type="text/javascript"> <script type="text/javascript">
{% if not user.checklogin %} {% if not user.checklogin and not sakura.lockauth %}
// Setting the shit so clicking the login link doesn't redirect to /login // Setting the shit so clicking the login link doesn't redirect to /login
function initHeaderLoginForm() { function initHeaderLoginForm() {
@ -45,7 +45,7 @@
} }
{% else %} {% elseif user.checklogin %}
// Prepare header logout stuff // Prepare header logout stuff
function initHeaderLoginForm() { function initHeaderLoginForm() {
@ -74,7 +74,7 @@
// Login form under header and ajax logout // Login form under header and ajax logout
initHeaderLoginForm(); initHeaderLoginForm();
{% if php.self == '/authenticate.php' %} {% if php.self == '/authenticate.php' and not sakura.lockauth %}
// AJAX Form Submission // AJAX Form Submission
var forms = { var forms = {
{% if not auth.changingPass %} {% if not auth.changingPass %}
@ -131,10 +131,14 @@
<a class="menu-item avatar" href="//{{ sakura.urls.main }}/u/{{ user.data.id }}" title="View and edit your own profile" style="background-image: url('//{{ sakura.urls.main }}/a/{{ user.data.id }}'); width: auto; color: {{ user.rank.colour }}; font-weight: 700;">{{ user.data.username }}</a> <a class="menu-item avatar" href="//{{ sakura.urls.main }}/u/{{ user.data.id }}" title="View and edit your own profile" style="background-image: url('//{{ sakura.urls.main }}/a/{{ user.data.id }}'); width: auto; color: {{ user.rank.colour }}; font-weight: 700;">{{ user.data.username }}</a>
<a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a> <a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a>
<a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a> <a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a>
{% else %}
{% if sakura.lockauth %}
<div class="menu-item" style="padding-left: 10px; padding-right: 10px;">Authentication is locked</div>
{% else %} {% else %}
<a class="menu-item" id="headerLoginLink" href="//{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a> <a class="menu-item" id="headerLoginLink" href="//{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a>
<a class="menu-item" href="//{{ sakura.urls.main }}/register" title="Create an account">Register</a> <a class="menu-item" href="//{{ sakura.urls.main }}/register" title="Create an account">Register</a>
{% endif %} {% endif %}
{% endif %}
</div> </div>
<div class="menu-mob"> <div class="menu-mob">
<a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a> <a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a>

View file

@ -1,4 +1,7 @@
{% include 'global/header.tpl' %} {% include 'global/header.tpl' %}
{% if sakura.lockauth %}
<h1 class="stylised" style="line-height: 1.8em; text-align: center;">Authentication is currently disallowed, try again later.</h1>
{% else %}
<div class="loginPage"> <div class="loginPage">
{% if auth.redirect == sakura.urls.chat %}<h1 class="stylised" style="line-height: 1.8em; text-align: center;">You need to be logged in to use the chat.</h1>{% endif %} {% if auth.redirect == sakura.urls.chat %}<h1 class="stylised" style="line-height: 1.8em; text-align: center;">You need to be logged in to use the chat.</h1>{% endif %}
<div class="loginCont"> <div class="loginCont">
@ -55,7 +58,7 @@
<input class="inputStyling" type="submit" name="submit" value="Request Password" /> <input class="inputStyling" type="submit" name="submit" value="Request Password" />
</div> </div>
<div class="subLinks centreAlign"> <div class="subLinks centreAlign">
If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>. If you lost access to the e-mail address you registered with then there's not much we can do, it's your own responsibility to keep track of it and attaching a working one to your account.
</div> </div>
</form> </form>
</div> </div>
@ -179,7 +182,7 @@
<input class="inputStyling" type="submit" name="submit" value="Request Activation" /> <input class="inputStyling" type="submit" name="submit" value="Request Activation" />
</div> </div>
<div class="subLinks centreAlign"> <div class="subLinks centreAlign">
If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>. Read the footnote on the Lost Password form.
</div> </div>
</form> </form>
</div> </div>
@ -187,4 +190,5 @@
</div> </div>
<div class="clear"></div> <div class="clear"></div>
</div> </div>
{% endif %}
{% include 'global/footer.tpl' %} {% include 'global/footer.tpl' %}

View file

@ -10,12 +10,17 @@
<li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li> <li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li>
</ul> </ul>
<div class="clear"></div> <div class="clear"></div>
{% else %}
{% if sakura.lockauth %}
<div class="head">Whoops!</div>
You caught the site at the wrong moment! Right now registration <i>and</i> logging in is disabled for unspecified reasons. Sorry for the inconvenience but please try again later!
{% else %} {% else %}
<div class="head">Welcome!</div> <div class="head">Welcome!</div>
Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go? Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go?
<a class="button registerbutton" href="/register">Register!</a> <a class="button registerbutton" href="/register">Register!</a>
<a class="button loginbutton" href="/login">Login</a> <a class="button loginbutton" href="/login">Login</a>
{% endif %} {% endif %}
{% endif %}
<div class="head">Stats</div> <div class="head">Stats</div>
We have <b>{{ stats.userCount }}</b>, We have <b>{{ stats.userCount }}</b>,
<b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user, <b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user,

10
content/status-catch.html Normal file
View file

@ -0,0 +1,10 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Status Catcher</title>
</head>
<body>
This page is here so the status page doesn't give a 403 to the user when checking.
</body>
</html>

View file

@ -134,6 +134,7 @@ if(isset($_REQUEST['mode'])) {
// Array containing "human understandable" messages // Array containing "human understandable" messages
$messages = [ $messages = [
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).', 'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).',
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.' 'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.'
@ -157,6 +158,7 @@ if(isset($_REQUEST['mode'])) {
// Array containing "human understandable" messages // Array containing "human understandable" messages
$messages = [ $messages = [
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.', 'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
'INCORRECT_PASSWORD' => 'The password you entered was invalid.', 'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
'DEACTIVATED' => 'Your account is deactivated.', 'DEACTIVATED' => 'Your account is deactivated.',
@ -199,6 +201,7 @@ if(isset($_REQUEST['mode'])) {
// Array containing "human understandable" messages // Array containing "human understandable" messages
$messages = [ $messages = [
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
'DISABLED' => 'Registration is currently disabled.', 'DISABLED' => 'Registration is currently disabled.',
'INVALID_REG_KEY' => 'The given registration code was invalid.', 'INVALID_REG_KEY' => 'The given registration code was invalid.',
'TOS' => 'You are required to agree to the Terms of Service.', 'TOS' => 'You are required to agree to the Terms of Service.',
@ -206,8 +209,7 @@ if(isset($_REQUEST['mode'])) {
'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.', 'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.',
'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.', 'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.',
'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.', 'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.',
'PASS_TOO_SHORT' => 'Your password is too short, it must be at least 8 characters.', 'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.',
'PASS_TOO_LONG' => 'A password longer than 256 characters? Seriously?',
'PASS_NOT_MATCH' => 'Passwords do not match.', 'PASS_NOT_MATCH' => 'Passwords do not match.',
'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.', 'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.',
'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.', 'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.',
@ -301,5 +303,24 @@ if(isset($_REQUEST['pw']) && $_REQUEST['pw']) {
} }
// Check if the user is already logged in
if(Users::checkLogin()) {
// Add page specific things
$renderData['page'] = [
'title' => 'Authentication',
'redirect' => (
isset($_SERVER['HTTP_REFERER']) ?
$_SERVER['HTTP_REFERER'] :
'/'
),
'message' => 'You are already logged in, log out to access this page.'
];
print Templates::render('errors/information.tpl', $renderData);
exit;
}
// Print page contents // Print page contents
print Templates::render('main/authenticate.tpl', $renderData); print Templates::render('main/authenticate.tpl', $renderData);