khanat-code-old/code/web/api/common/auth.php
2014-06-01 19:52:54 +00:00

153 lines
5 KiB
PHP

<?php
/* Copyright (C) 2009 Winch Gate Property Limited
*
* This file is part of ryzom_api.
* ryzom_api is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* ryzom_api is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with ryzom_api. If not, see <http://www.gnu.org/licenses/>.
*/
function ryzom_app_authenticate(&$user, $ask_login=true, $welcome_message='', $webprivs=true) {
$name = ryzom_get_param('name');
$urluser = ryzom_get_param('user'); // user serialization send by auth server
$urlusercheksum = ryzom_get_param('checksum'); // user serialization checksum
$authkey = ryzom_get_param('authkey'); // InGame authkey
$lang = ryzom_get_param('lang');
$cid = intval(ryzom_get_param('cid'));
$is_auth_ingame = false;
// we have to set the $user['lang'] even for anonymous user or we cannot display the test in the right langage
if($lang == '') {
if (!isset($_SESSION['lang'])) {
$l = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2):'en';
if ($l=='fr'||$l=='en'||$l=='de'||$l=='ru'||$l=='es')
$lang = $l;
else
$lang = 'en';
} else
$lang = $_SESSION['lang'];
}
if ($lang!='fr'&&$lang!='en'&&$lang!='de'&&$lang!='ru'&&$lang!='es')
$lang = 'en';
$user['message'] = '';
$user['lang'] = $lang;
$user['groups'] = array();
if ((isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Ryzom')) || ryzom_get_param('ig'))
$user['ig'] = true;
else
$user['ig'] = false;
if (isset($_SESSION['user'])) {
if (ryzom_get_param('action') == 'logout')
unset($_SESSION['user']);
else {
$_SESSION['user']['ig'] = $user['ig'];
define('RYZOM_IG', $user['ig']);
$user = $_SESSION['user'];
return true;
}
}
if ($urluser && $urlusercheksum) {
// Check $authuser (used to test app from another server ingame)
if (hash_hmac('sha1', $urluser, RYAPI_AUTH_KEY) == $urlusercheksum) {
$ig = $user['ig'];
$user = array_merge($user, unserialize(base64_decode($urluser)));
$user['ig'] = $ig;
if (!isset($user['groups']))
$user['groups'] = array();
define('RYZOM_IG', $user['ig']);
$_SESSION['user'] = $user;
return true;
}
}
if ($user['ig']) {
// Ingame
$shardid = ryzom_get_param('shardid');
$error_message = '';
if (ryzom_authenticate_ingame($shardid, $cid, $name, $authkey) || ryzom_authenticate_with_session($name, $cid, $error_message)) {
$is_auth_ingame = true;
}
} else {
// Outgame or bad ingame auth (external server) : Use session
$error_message = '';
if (!ryzom_authenticate_with_session($name, $cid, $error_message)) {
define('RYZOM_IG', false);
if ($ask_login) {
if ($error_message)
$c = '<h3>'._t($error_message).'</h3>';
else
$c = '';
if (!$welcome_message)
$welcome_message = '<span style="font-size:11pt; color: #AAAAFF">The application <strong style="color: #99FFFF">'._t(APP_NAME).'</strong> require authentication. Please enter your credentials</span>';
$c .= '<div style="text-align: center">'.$welcome_message.'</div><br />';
if ($user['message'])
$c .= '<div style="text-align: center"><strong style="color: #FF5555">'._t($user['message']).'</strong></div><br />';
$c .= ryzom_render_login_form($name, false);
echo ryzom_app_render(_t('app_'.APP_NAME), $c);
exit;
}
return false;
}
}
$_SESSION['lang'] = $lang;
define('RYZOM_IG', $user['ig']);
// get user informations
$ig = $user['ig'];
$user = ryzom_user_get_info($cid, $webprivs, RYAPI_USE_PLAYER_STATS);
if (isset($user['creation_date']))
$user['id'] = ryzom_get_user_id($cid, $user['char_name'], $user['creation_date'], $user);
$user['gender'] = ryzom_get_user_gender($user['id']);
$user['ig'] = $ig;
$user['lang'] = $_SESSION['lang'];
if (!isset($user['groups']))
$user['groups'] = array();
if ($is_auth_ingame && $user['last_played_date'] != '0')
$user['auth_ig'] = true;
else
$user['auth_ig'] = false;
if (!isset($_SESSION['translater_mode']) || ryzom_get_param('translate_this') == '0')
$_SESSION['translater_mode'] = false;
// Set/unset translation mode
if (in_array('WTRS', $user['groups']) && ryzom_get_param('translate_this') == '1')
$_SESSION['translater_mode'] = true;
$user['translation_mode'] = $_SESSION['translater_mode'];
// $user['after_merge'] = $user['uid'] >= 671686;
ryzom_unset_url_param('translate_this');
if (isset($user['last_played_date']))
$_SESSION['last_played_date'] = $user['last_played_date'];
// don't send this informations to external apps
unset($user['last_played_date']);
unset($user['creation_date']);
return true;
}
?>