You are here

Home » API reference » CAS 6.3 » cas.module

function _cas_allow_check_for_login in CAS 6.3

Same name and namespace in other branches
  1. 5.4 cas.module \_cas_allow_check_for_login()
  2. 5.3 cas.module \_cas_allow_check_for_login()
  3. 6.2 cas.module \_cas_allow_check_for_login()
  4. 7 cas.module \_cas_allow_check_for_login()

Determine if we should automatically check if the user is authenticated.

This implements part of the CAS gateway feature.

Return value

TRUE if we should query the CAS server to see if the user is already authenticated, FALSE otherwise.

See also

phpCAS::checkAuthentication()

1 call to _cas_allow_check_for_login()
cas_init in ./cas.module
Implementation of hook_init().

File

./cas.module, line 719
Enables users to authenticate via a Central Authentication Service (CAS) Cas will currently work if the auto registration is turned on and will create user accounts automatically.

Code

function _cas_allow_check_for_login() {
  if (!variable_get('cas_check_first', 0)) {

    // The user has disabled the feature.
    return FALSE;
  }

  // Check to see if we already have.
  if (!empty($_COOKIE['cas_login_checked'])) {
    return FALSE;
  }

  // Check to see if we've got a search bot.
  if (isset($_SERVER['HTTP_USER_AGENT'])) {
    $crawlers = array(
      'Google',
      'msnbot',
      'Rambler',
      'Yahoo',
      'AbachoBOT',
      'accoona',
      'AcoiRobot',
      'ASPSeek',
      'CrocCrawler',
      'Dumbot',
      'FAST-WebCrawler',
      'GeonaBot',
      'Gigabot',
      'Lycos',
      'MSRBOT',
      'Scooter',
      'AltaVista',
      'IDBot',
      'eStyle',
      'Scrubby',
      'gsa-crawler',
    );

    // Return on the first find.
    foreach ($crawlers as $c) {
      if (stripos($_SERVER['HTTP_USER_AGENT'], $c) !== FALSE) {
        return FALSE;
      }
    }
  }

  // Do not force login for XMLRPC, Cron, or Drush.
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'xmlrpc.php')) {
    return FALSE;
  }
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'cron.php')) {
    return FALSE;
  }
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'drush')) {
    return FALSE;
  }
  if (!empty($_SERVER['argv'][0]) && stristr($_SERVER['argv'][0], 'drush')) {
    return FALSE;
  }

  // Test against exclude pages.
  if ($pages = variable_get('cas_exclude', CAS_EXCLUDE)) {
    $path = drupal_get_path_alias($_GET['q']);
    if (drupal_match_path($path, $pages)) {
      return FALSE;
    }
  }
  return TRUE;
}