Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Fix API Auth form some server+php configs
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdujeu
cdujeu committed Feb 2, 2015
1 parent 5f64091 commit f0807ef
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions core/src/plugins/authfront.http_basic/class.BasicHttpAuthFrontend.php
View file
Expand Up @@ -27,6 +27,26 @@ function tryToLogUser(&$httpVars, $isLast = false){

$localHttpLogin = $_SERVER["PHP_AUTH_USER"];
$localHttpPassw = $_SERVER['PHP_AUTH_PW'];

// mod_php
if (isset($_SERVER['PHP_AUTH_USER'])) {
$localHttpLogin = $_SERVER['PHP_AUTH_USER'];
$localHttpPassw = $_SERVER['PHP_AUTH_PW'];

// most other servers
} elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) {
if (strpos(strtolower($_SERVER['HTTP_AUTHORIZATION']),'basic')===0){
list($localHttpLogin,$localHttpPassw) = explode(':',base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}
// Sometimes prepend a REDIRECT
} elseif (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {

if (strpos(strtolower($_SERVER['REDIRECT_HTTP_AUTHORIZATION']),'basic')===0){
list($localHttpLogin,$localHttpPassw) = explode(':',base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
}

}

if($isLast && empty($localHttpLogin)){
header('WWW-Authenticate: Basic realm="Pydio API"');
header('HTTP/1.0 401 Unauthorized');
Expand Down

0 comments on commit f0807ef

Please sign in to comment.