forked from librenms/librenms
/
radius.inc.php
130 lines (102 loc) · 3.55 KB
/
radius.inc.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
<?php
use Dapphp\Radius\Radius;
use Phpass\PasswordHash;
$radius = new Radius($config['radius']['hostname'], $config['radius']['secret'], $config['radius']['suffix'], $config['radius']['timeout'], $config['radius']['port']);
function authenticate($username, $password)
{
global $config, $radius, $debug;
if (empty($username)) {
return 0;
} else {
if ($debug) {
$radius->SetDebug(true);
}
$rad = $radius->AccessRequest($username, $password);
if ($rad === true) {
adduser($username);
return 1;
} else {
return 0;
}
}
}
function reauthenticate($sess_id, $token)
{
return 0;
}
function passwordscanchange()
{
// not supported so return 0
return 0;
}
function changepassword()
{
// not supported so return 0
return 0;
}
function auth_usermanagement()
{
// not supported so return 0
return 1;
}
function adduser($username, $password, $level = 1, $email = '', $realname = '', $can_modify_passwd = 0, $description = '')
{
// Check to see if user is already added in the database
global $config;
if (!user_exists($username)) {
$hasher = new PasswordHash(8, false);
$encrypted = $hasher->HashPassword($password);
if ($config['radius']['default_level'] > 0) {
$level = $config['radius']['default_level'];
}
$userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'realname' => $realname, 'email' => $email, 'descr' => $description, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd), 'users');
if ($userid == false) {
return false;
} else {
foreach (dbFetchRows('select notifications.* from notifications where not exists( select 1 from notifications_attribs where notifications.notifications_id = notifications_attribs.notifications_id and notifications_attribs.user_id = ?) order by notifications.notifications_id desc', array($userid)) as $notif) {
dbInsert(array('notifications_id'=>$notif['notifications_id'],'user_id'=>$userid,'key'=>'read','value'=>1), 'notifications_attribs');
}
}
return $userid;
} else {
return false;
}
}
function user_exists($username)
{
return dbFetchCell('SELECT COUNT(*) FROM users WHERE username = ?', array($username), true);
}
function get_userlevel($username)
{
return dbFetchCell('SELECT `level` FROM `users` WHERE `username` = ?', array($username), true);
}
function get_userid($username)
{
return dbFetchCell('SELECT `user_id` FROM `users` WHERE `username` = ?', array($username), true);
}
function deluser($userid)
{
dbDelete('bill_perms', '`user_id` = ?', array($userid));
dbDelete('devices_perms', '`user_id` = ?', array($userid));
dbDelete('ports_perms', '`user_id` = ?', array($userid));
dbDelete('users_prefs', '`user_id` = ?', array($userid));
dbDelete('users', '`user_id` = ?', array($userid));
return dbDelete('users', '`user_id` = ?', array($userid));
}
function get_userlist()
{
return dbFetchRows('SELECT * FROM `users`');
}
function can_update_users()
{
// supported so return 1
return 1;
}
function get_user($user_id)
{
return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id), true);
}
function update_user($user_id, $realname, $level, $can_modify_passwd, $email)
{
dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
}