You are here

function _cas_allow_check_for_login in CAS 7

Same name and namespace in other branches
  1. 5.4 cas.module \_cas_allow_check_for_login()
  2. 5.3 cas.module \_cas_allow_check_for_login()
  3. 6.3 cas.module \_cas_allow_check_for_login()
  4. 6.2 cas.module \_cas_allow_check_for_login()

Determine if we should automatically check if the user is authenticated.

This implements part of the CAS gateway feature.

Return value

TRUE if we should query the CAS server to see if the user is already authenticated, FALSE otherwise.

See also

phpCAS::checkAuthentication()

1 call to _cas_allow_check_for_login()
cas_init in ./cas.module
Implements hook_init().

File

./cas.module, line 805
Enables users to authenticate via a Central Authentication Service (CAS) Cas will currently work if the auto registration is turned on and will create user accounts automatically.

Code

function _cas_allow_check_for_login() {

  // Do not process in maintenance mode.
  if (variable_get('maintenance_mode', 0)) {
    return FALSE;
  }
  if (variable_get('cas_check_frequency', CAS_CHECK_NEVER) == CAS_CHECK_NEVER) {

    // The user has disabled the feature.
    return FALSE;
  }

  // Check to see if we've got a search bot.
  if (isset($_SERVER['HTTP_USER_AGENT'])) {
    $crawlers = array(
      'Google',
      'msnbot',
      'Rambler',
      'Yahoo',
      'AbachoBOT',
      'accoona',
      'AcoiRobot',
      'ASPSeek',
      'CrocCrawler',
      'Dumbot',
      'FAST-WebCrawler',
      'GeonaBot',
      'Gigabot',
      'Lycos',
      'MSRBOT',
      'Scooter',
      'AltaVista',
      'IDBot',
      'eStyle',
      'Scrubby',
      'gsa-crawler',
    );

    // Return on the first find.
    foreach ($crawlers as $c) {
      if (stripos($_SERVER['HTTP_USER_AGENT'], $c) !== FALSE) {
        return FALSE;
      }
    }
  }

  // Do not force login for XMLRPC, Cron, or Drush.
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'xmlrpc.php')) {
    return FALSE;
  }
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'cron.php')) {
    return FALSE;
  }
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'drush')) {
    return FALSE;
  }
  if (!empty($_SERVER['argv'][0]) && stristr($_SERVER['argv'][0], 'drush')) {
    return FALSE;
  }

  // Test against exclude pages.
  if ($pages = variable_get('cas_exclude', CAS_EXCLUDE)) {
    $path = drupal_get_path_alias($_GET['q']);
    if (drupal_match_path($path, $pages)) {
      return FALSE;
    }
  }
  return TRUE;
}