forked from GNUsocial/gnu-social
Adds HTTP basic authentication for private RSS 1.0 feeds
This commit is contained in:
parent
6a0f0e32d5
commit
ae6a3e258d
|
@ -165,7 +165,8 @@ function main()
|
||||||
|
|
||||||
if (!$user && common_config('site', 'private') &&
|
if (!$user && common_config('site', 'private') &&
|
||||||
!in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
|
!in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
|
||||||
'recoverpassword', 'api', 'doc', 'register'))) {
|
'recoverpassword', 'api', 'doc', 'register')) &&
|
||||||
|
!preg_match('/rss$/', $action)) {
|
||||||
common_redirect(common_local_url('login'));
|
common_redirect(common_local_url('login'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -96,6 +96,28 @@ class Rss10Action extends Action
|
||||||
{
|
{
|
||||||
// Parent handling, including cache check
|
// Parent handling, including cache check
|
||||||
parent::handle($args);
|
parent::handle($args);
|
||||||
|
|
||||||
|
if (common_config('site', 'private')) {
|
||||||
|
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||||
|
|
||||||
|
# This header makes basic auth go
|
||||||
|
header('WWW-Authenticate: Basic realm="Laconica RSS"');
|
||||||
|
|
||||||
|
# If the user hits cancel -- bam!
|
||||||
|
$this->show_basic_auth_error();
|
||||||
|
return;
|
||||||
|
} else {
|
||||||
|
$nickname = $_SERVER['PHP_AUTH_USER'];
|
||||||
|
$password = $_SERVER['PHP_AUTH_PW'];
|
||||||
|
|
||||||
|
if (!common_check_user($nickname, $password)) {
|
||||||
|
# basic authentication failed
|
||||||
|
$this->show_basic_auth_error();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Get the list of notices
|
// Get the list of notices
|
||||||
if (empty($this->tag)) {
|
if (empty($this->tag)) {
|
||||||
$this->notices = $this->getNotices($this->limit);
|
$this->notices = $this->getNotices($this->limit);
|
||||||
|
@ -105,6 +127,18 @@ class Rss10Action extends Action
|
||||||
$this->showRss();
|
$this->showRss();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function show_basic_auth_error()
|
||||||
|
{
|
||||||
|
header('HTTP/1.1 401 Unauthorized');
|
||||||
|
header('Content-Type: application/xml; charset=utf-8');
|
||||||
|
$this->startXML();
|
||||||
|
$this->elementStart('hash');
|
||||||
|
$this->element('error', null, 'Could not authenticate you.');
|
||||||
|
$this->element('request', null, $_SERVER['REQUEST_URI']);
|
||||||
|
$this->elementEnd('hash');
|
||||||
|
$this->endXML();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the notices to output in this stream
|
* Get the notices to output in this stream
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in New Issue