search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'fixes' into main/rendor-staging
[ryzomcore.git] / web / public_php / api / common / auth.php
blob77d7759c2f1813703ef5b8a4708083528d1ed766
1 <?php
2
3 /* Copyright (C) 2009 Winch Gate Property Limited
4 *
5 * This file is part of ryzom_api.
6 * ryzom_api is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * ryzom_api is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with ryzom_api. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20
21 function ryzom_app_authenticate(&$user, $ask_login=true, $welcome_message='', $webprivs=true) {
22 $name = ryzom_get_param('name');
23 $urluser = ryzom_get_param('user'); // user serialization send by auth server
24 $urlusercheksum = ryzom_get_param('checksum'); // user serialization checksum
25 $authkey = ryzom_get_param('authkey'); // InGame authkey
26 $lang = ryzom_get_param('lang');
27 $cid = intval(ryzom_get_param('cid'));
28 $is_auth_ingame = false;
29 // we have to set the $user['lang'] even for anonymous user or we cannot display the test in the right langage
30 if($lang == '') {
31 if (!isset($_SESSION['lang'])) {
32 $l = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2):'en';
33 if ($l=='fr'||$l=='en'||$l=='de'||$l=='ru'||$l=='es')
34 $lang = $l;
35 else
36 $lang = 'en';
37 } else
38 $lang = $_SESSION['lang'];
39 }
40 if ($lang!='fr'&&$lang!='en'&&$lang!='de'&&$lang!='ru'&&$lang!='es')
41 $lang = 'en';
42
43 $user['message'] = '';
44 $user['lang'] = $lang;
45 $user['groups'] = array();
46
47 if ((isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Ryzom')) || ryzom_get_param('ig'))
48 $user['ig'] = true;
49 else
50 $user['ig'] = false;
51
52 if (isset($_SESSION['user'])) {
53 if (ryzom_get_param('action') == 'logout')
54 unset($_SESSION['user']);
55 else {
56 $_SESSION['user']['ig'] = $user['ig'];
57 define('RYZOM_IG', $user['ig']);
58 $user = $_SESSION['user'];
59 return true;
60 }
61 }
62
63 if ($urluser && $urlusercheksum) {
64 // Check $authuser (used to test app from another server ingame)
65 if (hash_hmac('sha1', $urluser, RYAPI_AUTH_KEY) == $urlusercheksum) {
66 $ig = $user['ig'];
67 $user = array_merge($user, unserialize(base64_decode($urluser)));
68 $user['ig'] = $ig;
69 if (!isset($user['groups']))
70 $user['groups'] = array();
71 define('RYZOM_IG', $user['ig']);
72 $_SESSION['user'] = $user;
73 return true;
74 }
75 }
76
77 if ($user['ig']) {
78 // Ingame
79 $shardid = ryzom_get_param('shardid');
80 $error_message = '';
81 if (ryzom_authenticate_ingame($shardid, $cid, $name, $authkey) || ryzom_authenticate_with_session($name, $cid, $error_message)) {
82 $is_auth_ingame = true;
83 }
84 } else {
85 // Outgame or bad ingame auth (external server) : Use session
86 $error_message = '';
87 if (!ryzom_authenticate_with_session($name, $cid, $error_message)) {
88 define('RYZOM_IG', false);
89 if ($ask_login) {
90
91 if ($error_message)
92 $c = '<h3>'._t($error_message).'</h3>';
93 else
94 $c = '';
95 if (!$welcome_message)
96 $welcome_message = '<span style="font-size:11pt; color: #AAAAFF">The application <strong style="color: #99FFFF">'._t(APP_NAME).'</strong> require authentication. Please enter your credentials</span>';
97
98 $c .= '<div style="text-align: center">'.$welcome_message.'</div><br />';
99
100 if ($user['message'])
101 $c .= '<div style="text-align: center"><strong style="color: #FF5555">'._t($user['message']).'</strong></div><br />';
102 $c .= ryzom_render_login_form($name, false);
103 echo ryzom_app_render(_t('app_'.APP_NAME), $c);
104 die();
105 }
106 return false;
107 }
108 }
109
110 $_SESSION['lang'] = $lang;
111
112 define('RYZOM_IG', $user['ig']);
113 // get user informations
114 $ig = $user['ig'];
115 $user = ryzom_user_get_info($cid, $webprivs, RYAPI_USE_PLAYER_STATS);
116
117 if (isset($user['creation_date']))
118 $user['id'] = ryzom_get_user_id($cid, $user['char_name'], $user['creation_date'], $user);
119
120 $user['gender'] = ryzom_get_user_gender($user['id']);
121
122 $user['ig'] = $ig;
123 $user['lang'] = $_SESSION['lang'];
124 if (!isset($user['groups']))
125 $user['groups'] = array();
126
127 if ($is_auth_ingame && $user['last_played_date'] != '0')
128 $user['auth_ig'] = true;
129 else
130 $user['auth_ig'] = false;
131
132 if (!isset($_SESSION['translater_mode']) || ryzom_get_param('translate_this') == '0')
133 $_SESSION['translater_mode'] = false;
134
135 // Set/unset translation mode
136 if (in_array('WTRS', $user['groups']) && ryzom_get_param('translate_this') == '1')
137 $_SESSION['translater_mode'] = true;
138
139 $user['translation_mode'] = $_SESSION['translater_mode'];
140
141 // $user['after_merge'] = $user['uid'] >= 671686;
142
143 ryzom_unset_url_param('translate_this');
144
145 if (isset($user['last_played_date']))
146 $_SESSION['last_played_date'] = $user['last_played_date'];
147 // don't send this informations to external apps
148 unset($user['last_played_date']);
149 unset($user['creation_date']);
150 return true;
151 }
152
153 ?>