function account_sync_validate_login in Account Sync 7.2
Same name and namespace in other branches
- 6 account_sync_sso/account_sync_sso.module \account_sync_validate_login()
Run validation / authentication on the login url.
1 call to account_sync_validate_login()
- account_sync_sso_login in account_sync_sso/
account_sync_sso.module - Login the specified user.
File
- account_sync_sso/
account_sync_sso.module, line 106 - Handle single sign-on functionality for the account sync module
Code
function account_sync_validate_login($username, $timestamp, $hashed_pass) {
global $drupal_hash_salt;
// Expiration of the timestamp, in seconds.
$delay = 120;
$now = time();
if ($now - 120 > $timestamp) {
watchdog('account_sync', 'Timestamp expired on login for %username', array(
'%username' => $username,
));
return drupal_access_denied();
}
$account = user_load_by_name($username);
if (!$account) {
watchdog('account_sync', 'Account %username does not exist', array(
'%username' => $username,
));
return drupal_access_denied();
}
$orig_salt = $drupal_hash_salt;
$drupal_hash_salt = variable_get('account_sync_server_key');
if (account_sync_user_pass_rehash($account->pass, $timestamp, variable_get('account_sync_server_key', '')) != $hashed_pass) {
watchdog('account_sync', 'Password hash does not match for account %username', array(
'%username' => $username,
));
$drupal_hash_salt = $orig_salt;
return drupal_access_denied();
}
$drupal_hash_salt = $orig_salt;
if (!user_access('sync account', $account)) {
watchdog('account_sync', 'User %username does not have permission to use SSO', array(
'%username' => $username,
));
return drupal_access_denied();
}
return $account;
}