Merge commit 'jeff-themovie/private-rss' into 0.8.x

2009-07-22 10:25:22 -04:00 · 2009-07-22 10:25:22 -04:00 · a54b809778
commit a54b809778
parent 684fc5d002 1aea598977
3 changed files with 40 additions and 2 deletions
--- a/index.php
+++ b/index.php
@ -165,7 +165,8 @@ function main()

    if (!$user && common_config('site', 'private') &&
        !in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
-                                 'recoverpassword', 'api', 'doc', 'register'))) {
+                                 'recoverpassword', 'api', 'doc', 'register')) &&
+        !preg_match('/rss$/', $action)) {
        common_redirect(common_local_url('login'));
        return;
    }
--- a/lib/common.php
+++ b/lib/common.php
@ -19,7 +19,7 @@

 if (!defined('LACONICA')) { exit(1); }

-define('LACONICA_VERSION', '0.8.1dev');
+define('LACONICA_VERSION', '0.9.0dev');

 define('AVATAR_PROFILE_SIZE', 96);
 define('AVATAR_STREAM_SIZE', 48);
--- a/lib/rssaction.php
+++ b/lib/rssaction.php
@ -97,6 +97,31 @@ class Rss10Action extends Action
    {
        // Parent handling, including cache check
        parent::handle($args);
+
+        if (common_config('site', 'private')) {
+            if (!isset($_SERVER['PHP_AUTH_USER'])) {
+
+                # This header makes basic auth go
+                header('WWW-Authenticate: Basic realm="Laconica RSS"');
+
+                # If the user hits cancel -- bam!
+                $this->show_basic_auth_error();
+                return;
+            } else {
+                $nickname = $_SERVER['PHP_AUTH_USER'];
+                $password = $_SERVER['PHP_AUTH_PW'];
+
+                if (!common_check_user($nickname, $password)) {
+                    # basic authentication failed
+                    list($proxy, $ip) = common_client_ip();
+
+                    common_log(LOG_WARNING, "Failed RSS auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip.");
+                    $this->show_basic_auth_error();
+                    return;
+                }
+            }
+        }
+
        // Get the list of notices
        if (empty($this->tag)) {
            $this->notices = $this->getNotices($this->limit);
@ -106,6 +131,18 @@ class Rss10Action extends Action
        $this->showRss();
    }

+    function show_basic_auth_error()
+    {
+        header('HTTP/1.1 401 Unauthorized');
+        header('Content-Type: application/xml; charset=utf-8');
+        $this->startXML();
+        $this->elementStart('hash');
+        $this->element('error', null, 'Could not authenticate you.');
+        $this->element('request', null, $_SERVER['REQUEST_URI']);
+        $this->elementEnd('hash');
+        $this->endXML();
+    }
+
    /**
     * Get the notices to output in this stream
     *