mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
Example code for https://github.com/postfixadmin/postfixadmin/issues/522
This commit is contained in:
parent
a349c75f53
commit
ddf6019d8e
@ -729,6 +729,30 @@ $CONF['xmlrpc_enabled'] = false;
|
||||
//More details in Password_Expiration.md
|
||||
$CONF['password_expiration'] = 'YES';
|
||||
|
||||
|
||||
/**
|
||||
* If either of these are callables, then they will be used to perform authentication in /login.php or /users/login.php.
|
||||
* If they return null, then it's assumed authentication failed.
|
||||
* IF they authentication succeeds they should return the id of a user in the postfixadmin database.
|
||||
*/
|
||||
$CONF['postfixadmin_auth_admin_callback'] = null;
|
||||
$CONF['postfixadmin_auth_user_callback'] = null;
|
||||
|
||||
/*
|
||||
$CONF['postfixadmin_auth_admin_callback'] = function () {
|
||||
if (!isset($_SERVER['REMOTE_USER'])) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$map = [
|
||||
"david" => "root@example.com"
|
||||
];
|
||||
$oauth_user = $_SERVER['REMOTE_USER'];
|
||||
return $map[$oauth_user] ?? null;
|
||||
};
|
||||
*/
|
||||
|
||||
|
||||
// If defined, use this rather than trying to construct it from $_SERVER parameters.
|
||||
// used in (at least) password-recover.php.
|
||||
$CONF['site_url'] = null;
|
||||
|
@ -59,8 +59,21 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
||||
|
||||
$h = new AdminHandler();
|
||||
|
||||
$login = new Login('admin');
|
||||
if ($login->login($fUsername, $fPassword)) {
|
||||
|
||||
$config = Config::getInstance()->getAll();
|
||||
$authenticated = false;
|
||||
|
||||
if (is_callable($config['postfixadmin_auth_admin_callback'])) {
|
||||
$fUsername = $config['postfixadmin_auth_admin_callback']();
|
||||
$authenticated = is_string($fUsername);
|
||||
} else {
|
||||
$login = new Login('admin');
|
||||
$authenticated = $login->login($fUsername, $fPassword);
|
||||
}
|
||||
|
||||
|
||||
if ($authenticated) {
|
||||
|
||||
init_session($fUsername, true);
|
||||
|
||||
# they've logged in, so see if they are a domain admin, as well.
|
||||
|
Loading…
Reference in New Issue
Block a user