-
Notifications
You must be signed in to change notification settings - Fork 23
/
Httpauth.php
104 lines (93 loc) · 2.84 KB
/
Httpauth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
namespace lo\plugins\core\httpauth;
use lo\plugins\BasePlugin;
use Yii;
use yii\helpers\ArrayHelper;
use yii\web\UnauthorizedHttpException;
/**
* Plugin Name: Http Authentication
* Plugin URI: https://github.com/loveorigami/yii2-plugins-system/blob/master/src/core/httpauth
* Version: 1.5
* Description: Authentication for backend
* Author: Andrey Lukyanov
* Author URI: https://github.com/loveorigami
*/
class Httpauth extends BasePlugin
{
/**
* Application id, where plugin will be worked.
* Support values: frontend, backend, common
* Default: frontend
* @var string appId
*/
public static $appId = self::APP_BACKEND;
/**
* Default configuration for plugin.
* @var [] config
*/
public static $config = [
'allowedIps' => ['127.0.0.1', '127.0.0.2'],
'users' => [
'admin' => '123456',
]
];
public static function events()
{
return [
'yii\base\Application' => [
'beforeRequest' => ['login', self::$config]
],
];
}
/**
* @var array Username and password pairs.
*/
private static $_users = [];
/**
* @var array the list of IPs that are allowed to access this application.
*/
private static $_allowedIps = [];
/**
* Logining
* @param $event
* @return bool|void
* @throws UnauthorizedHttpException
*/
public static function login($event)
{
self::$_allowedIps = ArrayHelper::getValue($event->data, 'allowedIps', self::$config['allowedIps']);
self::$_users = ArrayHelper::getValue($event->data, 'users', self::$config['users']);
if (Yii::$app->request->isConsoleRequest || self::_checkAllowedIps() || self::_checkHttpAuthentication()) {
return null;
}
Yii::$app->response->headers->add('WWW-Authenticate', 'Basic realm="HTTP authentication"');
throw new UnauthorizedHttpException(Yii::t('yii', 'You are not allowed to perform this action.'), 401);
}
/**
* @return boolean Whether the application can be accessed by the current user.
*/
private static function _checkAllowedIps()
{
if (in_array(Yii::$app->request->getUserIP(), self::$_allowedIps)) {
return true;
}
return false;
}
/**
* @return boolean Whether the application can be accessed by the current user.
*/
private static function _checkHttpAuthentication()
{
$username = Yii::$app->request->getAuthUser();
$password = Yii::$app->request->getAuthPassword();
if (
isset(self::$_users[$username]) &&
(
$password == self::$_users[$username] ||
md5($password) == self::$_users[$username])
) {
return true;
}
return false;
}
}