You are here

Home » API reference » Secure Site 6.2 » securesite.inc

function _securesite_digest_auth in Secure Site 6.2

Same name and namespace in other branches
  1. 7.2 securesite.inc \_securesite_digest_auth()

Perform digest authentication.

1 string reference to '_securesite_digest_auth'
_securesite_boot in ./securesite.inc
Boot with selected authentication mechanism.

File

./securesite.inc, line 69
Secure Site log-in functions.

Code

function _securesite_digest_auth($edit) {
  global $user;
  $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
  $header = _securesite_digest_validate($status, array(
    'data' => $_SERVER['PHP_AUTH_DIGEST'],
    'method' => $_SERVER['REQUEST_METHOD'],
    'uri' => request_uri(),
    'realm' => $realm,
  ));
  $account = user_load(array(
    'name' => $edit['name'],
    'status' => 1,
  ));
  if (empty($account->uid)) {

    // Not a registered user. See if we have guest user credentials.
    switch ($status) {
      case 1:
        drupal_set_header('HTTP/1.1 400 Bad Request');
        _securesite_dialog(array_pop(variable_get('securesite_type', array(
          SECURESITE_BASIC,
        ))));
        break;
      case 0:

        // Password is correct. Log user in.
        drupal_set_header($header);
        $edit['pass'] = variable_get('securesite_guest_pass', '');
      default:
        _securesite_guest_login($edit);
        break;
    }
  }
  else {
    switch ($status) {
      case 0:

        // Password is correct. Log user in.
        drupal_set_header($header);
        _securesite_user_login($edit, $account);
        break;
      case 2:

        // Password not stored. Request credentials using next most secure authentication method.
        $mechanism = _securesite_mechanism();
        $types = variable_get('securesite_type', array(
          SECURESITE_BASIC,
        ));
        rsort($types);
        foreach ($types as $type) {
          if ($type < $mechanism) {
            break;
          }
        }
        watchdog('user', 'Secure log-in failed for %user.', array(
          '%user' => $edit['name'],
        ));
        drupal_set_message(t('Secure log-in failed. Please try again.'), 'error');
        _securesite_dialog($type);
        break;
      case 1:
        drupal_set_header('HTTP/1.1 400 Bad Request');
      default:

        // Authentication failed. Request credentials using most secure authentication method.
        watchdog('user', 'Log-in attempt failed for %user.', array(
          '%user' => $edit['name'],
        ));
        drupal_set_message(t('Unrecognized user name and/or password.'), 'error');
        _securesite_dialog(array_pop(variable_get('securesite_type', array(
          SECURESITE_BASIC,
        ))));
        break;
    }
  }
}