Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

- fixed explanation info text in aauth config 

- added `pm_cleanup_max_age`-config_var
 - added 2 files (`pm_deleted_sender` & `pm_deleted_receiver`) in pm table
 - changed `list_pms()` to catch only not deleted pm's
 - changed `delete_pm()` now it need a user_id to delete a pm (like `get_pm()`)
 - changed `delete_pm()` sender's can now detete pm's from outbox
 - changed `count_unread_pms()` it counts now only not deleted pm's.
 - added `cleanup_pms()` removes pms older than X defined by `pm_cleanup_max_age`-config_var
develop
REJack 9 years ago
parent
e6e770a95d
commit
fe89cdb861
4 changed files with 151 additions and 100 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 191
      application/config/aauth.php
  2. 56
      application/libraries/Aauth.php
  3. 2
      sql/Aauth_v2.sql
  4. 2
      sql/Aauth_v2_BCrypt.sql

191
application/config/aauth.php
Unescape View File

@ -5,139 +5,148 @@ defined('BASEPATH') OR exit('No direct script access allowed');
| ------------------------------------------------------------------- | -------------------------------------------------------------------
| Aauth Config | Aauth Config
| ------------------------------------------------------------------- | -------------------------------------------------------------------
| A library Basic Authorization for CodeIgniter 2+ | A library Basic Authorization for CodeIgniter 2.x and 3.x
| |
| ------------------------------------------------------------------- | -------------------------------------------------------------------
| EXPLANATION | EXPLANATION
| ------------------------------------------------------------------- | -------------------------------------------------------------------
| |
| See http://codeigniter-aauth-test.readthedocs.org/en/latest/ | ['no_permission'] If user don't have permisssion to see the page he will be redirected the page spesificed.
| for more details and explainations
| |
| ['admin_group'] Name of admin group
| ['default_group'] Name of default group, the new user is added in it
| ['public_group'] Public group , people who not logged in
| |
| ['no_permission'] If user don't have permisssion to see the page he will be redirected the page spesificed. | ['db_profile'] The configuration database profile (definied in config/database.php)
| |
| ['admin_group'] Name of admin group | ['users'] The table which contains users
| ['default_group'] Name of default group, the new user is added in it | ['groups'] The table which contains groups
| ['public_group'] Public group , people who not logged in | ['user_to_group'] The table which contains join of users and groups
| ['perms'] The table which contains permissions
| ['perm_to_group'] The table which contains permissions for groups
| ['perm_to_user'] The table which contains permissions for users
| ['pms'] The table which contains private messages
| ['user_variables'] The table which contains users variables
| ['login_attempts'] The table which contains login attempts
| |
| ['db_profile'] The configuration database profile (see config/database.php) | ['remember'] Remember time (in relative format) elapsed after connecting and automatic LogOut for usage with Cookies
| Relative Format (e.g. '+ 1 week', '+ 1 month', '+ first day of next month')
| for details see http://php.net/manual/de/datetime.formats.relative.php
| !!IMPORTANT!! If you use Session instead of Cookies,
| remember time is definied by 'sess_expiration' in config/config.php
| |
| ['users'] The table which contains users | ['max'] Maximum char long for Password
| ['groups'] The table which contains groups | ['min'] Minimum char long for Password
| ['user_to_group'] The table which contains join of users and groups
| ['perms'] The table which contains permissions
| ['perm_to_group'] The table which contains permissions for groups
| ['perm_to_user'] The table which contains permissions for users
| ['pms'] The table which contains private messages
| ['user_variables'] The table which contains users variables
| ['login_attempts'] The table which contains login attempts
| |
| ['remember'] Remember time elapsed after connecting and automatic LogOut | ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default
| |
| ['max'] Maximum char long for Password | ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try'
| ['min'] Minimum char long for Password
| |
| ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default | ['recaptcha_active'] Enable reCAPTCHA (for details see www.google.com/recaptcha/admin)
| ['recaptcha_login_attempts'] Login Attempts to display reCAPTCHA
| ['recaptcha_siteKey'] The reCAPTCHA siteKey
| ['recaptcha_secret'] The reCAPTCHA secretKey
| |
| ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try' | ['totp_active'] The Time-based One-time Password Algorithm
| ['totp_only_on_ip_change'] TOTP only on IP Change
| ['totp_reset_over_reset_password'] TOTP reset over reset Password
| ['totp_two_step_login'] Enables/Disables TOTP two step login
| ['totp_two_step_login_redirect'] Redirect path to TOTP Verification page used by control() & is_allowed()
| |
| ['recaptcha_active'] Enable reCAPTCHA (see www.google.com/recaptcha/admin) | ['max_login_attempt'] Login attempts time interval (default 10 times in one hour)
| ['recaptcha_login_attempts'] : | ['max_login_attempt_time_period'] Period of time for max login attempts (default "5 minutes")
| ['recaptcha_siteKey'] The reCAPTCHA siteKey | ['remove_successful_attempts'] Enables/Disables removing login attempt after successful login
| ['recaptcha_secret'] The reCAPTCHA secretKey
| |
| ['totp_active'] The Time-based One-time Password Algorithm | ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.
| ['totp_only_on_ip_change'] TOTP only on IP Change
| ['totp_reset_over_reset_password'] TOTP reset over reset Password
| ['totp_two_step_login'] Enables/Disables TOTP two step login
| ['totp_two_step_login_redirect'] Redirect path to TOTP Verification page used by control() & is_allowed()
| |
| ['max_login_attempt'] Login attempts time interval (default 10 times in one hour) | ['use_cookies'] FALSE only on CI3
| ['max_login_attempt_time_period'] Period of time for max login attempts (default "5 minutes")
| ['remove_successful_attempts'] Enables/Disables removing login attempt after successful login
| |
| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address. | ['email'] Sender email address, used for remind_password, send_verification and reset_password
| ['name'] Sender name, used for remind_password, send_verification and reset_password
| |
| ['use_cookies'] FALSE only on CI3 | ['verification'] User Verification, if TRUE sends a verification email on account creation.
| ['verification_link'] Link for verification without site_url or base_url
| ['reset_password_link'] Link for reset_password without site_url or base_url
| |
| ['email'] Sender email address, used for remind_password, send_verification and reset_password | ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
| ['name'] Sender name, used for remind_password, send_verification and reset_password
|
| ['verification'] User Verification, if TRUE sends a verification email on account creation.
| ['verification_link'] Link for verification without site_url or base_url
| ['reset_password_link'] Link for reset_password without site_url or base_url
|
| ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
| Please, run hash_algos() for know your all supported algorithms | Please, run hash_algos() for know your all supported algorithms
| ['use_password_hash'] True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher | ['use_password_hash'] True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
| ['password_hash_algo'] password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) for details see http://php.net/manual/de/password.constants.php | ['password_hash_algo'] password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT)
| ['password_hash_options'] password_hash options array for details see http://php.net/manual/en/function.password-hash.php | for details see http://php.net/manual/de/password.constants.php
| ['password_hash_options'] password_hash options array
| for details see http://php.net/manual/en/function.password-hash.php
|
| ['pm_encryption'] Enables/Disables PM Encryption, needs configured CI Encryption Class.
| for details see: http://www.codeigniter.com/userguide2/libraries/encryption.html
| ['pm_cleanup_max_age'] PM Cleanup max age (in relative format), PM's are older than max age get deleted with 'cleanup_pms()'
| Relative Format (e.g. '2 week', '1 month')
| for details see http://php.net/manual/de/datetime.formats.relative.php
| |
*/ */
$config_aauth = array(); $config_aauth = array();
$config_aauth["default"] = array( $config_aauth["default"] = array(
'no_permission' => FALSE, 'no_permission' => FALSE,
'admin_group' => 'admin', 'admin_group' => 'admin',
'default_group' => 'default', 'default_group' => 'default',
'public_group' => 'public', 'public_group' => 'public',
'db_profile' => 'default', 'db_profile' => 'default',
'users' => 'aauth_users', 'users' => 'aauth_users',
'groups' => 'aauth_groups', 'groups' => 'aauth_groups',
'group_to_group' => 'aauth_group_to_group', 'group_to_group' => 'aauth_group_to_group',
'user_to_group' => 'aauth_user_to_group', 'user_to_group' => 'aauth_user_to_group',
'perms' => 'aauth_perms', 'perms' => 'aauth_perms',
'perm_to_group' => 'aauth_perm_to_group', 'perm_to_group' => 'aauth_perm_to_group',
'perm_to_user' => 'aauth_perm_to_user', 'perm_to_user' => 'aauth_perm_to_user',
'pms' => 'aauth_pms', 'pms' => 'aauth_pms',
'user_variables' => 'aauth_user_variables', 'user_variables' => 'aauth_user_variables',
'login_attempts' => 'aauth_login_attempts', 'login_attempts' => 'aauth_login_attempts',
'remember' => ' +3 days', 'remember' => ' +3 days',
'max' => 13, 'max' => 13,
'min' => 5, 'min' => 5,
'additional_valid_chars' => array(), 'additional_valid_chars' => array(),
'ddos_protection' => true, 'ddos_protection' => true,
'recaptcha_active' => false, 'recaptcha_active' => false,
'recaptcha_login_attempts' => 4, 'recaptcha_login_attempts' => 4,
'recaptcha_siteKey' => '', 'recaptcha_siteKey' => '',
'recaptcha_secret' => '', 'recaptcha_secret' => '',
'totp_active' => false, 'totp_active' => false,
'totp_only_on_ip_change' => false, 'totp_only_on_ip_change' => false,
'totp_reset_over_reset_password' => false, 'totp_reset_over_reset_password' => false,
'totp_two_step_login_active' => false, 'totp_two_step_login_active' => false,
'totp_two_step_login_redirect' => '/account/twofactor_verification/', 'totp_two_step_login_redirect' => '/account/twofactor_verification/',
'max_login_attempt' => 10, 'max_login_attempt' => 10,
'max_login_attempt_time_period' => "5 minutes", 'max_login_attempt_time_period' => "5 minutes",
'remove_successful_attempts' => true, 'remove_successful_attempts' => true,
'login_with_name' => false, 'login_with_name' => false,
'use_cookies' => true, 'use_cookies' => true,
'email' => 'admin@admin.com', 'email' => 'admin@admin.com',
'name' => 'Emre Akay', 'name' => 'Emre Akay',
'verification' => false, 'verification' => false,
'verification_link' => '/account/verification/', 'verification_link' => '/account/verification/',
'reset_password_link' => '/account/reset_password/', 'reset_password_link' => '/account/reset_password/',
'hash' => 'sha256', 'hash' => 'sha256',
'use_password_hash' => false, 'use_password_hash' => false,
'password_hash_algo' => PASSWORD_DEFAULT, 'password_hash_algo' => PASSWORD_DEFAULT,
'password_hash_options' => array(), 'password_hash_options' => array(),
'pm_encryption' => false 'pm_encryption' => false,
'pm_cleanup_max_age' => "6 months",
); );
$config['aauth'] = $config_aauth['default']; $config['aauth'] = $config_aauth['default'];

56
application/libraries/Aauth.php
Unescape View File

@ -1963,14 +1963,14 @@ class Aauth {
* @param int $receiver_id User id of private message receiver * @param int $receiver_id User id of private message receiver
* @return object Array of private messages * @return object Array of private messages
*/ */
public function list_pms($limit=5, $offset=0, $receiver_id = FALSE, $sender_id=FALSE){ public function list_pms($limit=5, $offset=0, $receiver_id=NULL, $sender_id=NULL){
if (is_numeric($sender_id)){
if ( $receiver_id != FALSE){
$query = $this->aauth_db->where('receiver_id', $receiver_id); $query = $this->aauth_db->where('receiver_id', $receiver_id);
$query = $this->aauth_db->where('pm_deleted_receiver', 0);
} }
if (is_numeric($sender_id)){
if( $sender_id != FALSE ){
$query = $this->aauth_db->where('sender_id', $sender_id); $query = $this->aauth_db->where('sender_id', $sender_id);
$query = $this->aauth_db->where('pm_deleted_sender', 0);
} }
$query = $this->aauth_db->order_by('id','DESC'); $query = $this->aauth_db->order_by('id','DESC');
@ -1991,7 +1991,7 @@ class Aauth {
if(!$user_id){ if(!$user_id){
$user_id = $this->CI->session->userdata('id'); $user_id = $this->CI->session->userdata('id');
} }
if( !is_numeric($user_id)){ if( !is_numeric($user_id) || !is_numeric($pm_id)){
$this->error( $this->CI->lang->line('aauth_error_no_pm') ); $this->error( $this->CI->lang->line('aauth_error_no_pm') );
return FALSE; return FALSE;
} }
@ -2028,9 +2028,46 @@ class Aauth {
* @param int $pm_id Private message id to be deleted * @param int $pm_id Private message id to be deleted
* @return bool Delete success/failure * @return bool Delete success/failure
*/ */
public function delete_pm($pm_id){ public function delete_pm($pm_id, $user_id = NULL){
if(!$user_id){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id) ); $user_id = $this->CI->session->userdata('id');
}
if( !is_numeric($user_id) || !is_numeric($pm_id)){
$this->error( $this->CI->lang->line('aauth_error_no_pm') );
return FALSE;
}
$query = $this->aauth_db->where('id', $pm_id);
$query = $this->aauth_db->where('receiver_id', $user_id);
$query = $this->aauth_db->or_where('sender_id', $user_id);
$query = $this->aauth_db->get( $this->config_vars['pms'] );
$result = $query->row();
if ($user_id == $result->sender_id){
if($result->pm_deleted_receiver == 1){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));
}
return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_sender'=>1), array('id' => $pm_id));
}else if ($user_id == $result->result->receiver_id){
if($result->pm_deleted_sender == 1){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));
}
return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_receiver'=>1), array('id' => $pm_id) );
}
}
/**
* Cleanup PMs
* Removes PMs older than 'pm_cleanup_max_age' (definied in aauth config).
* recommend for a cron job
*/
public function cleanup_pms(){
$pm_cleanup_max_age = $this->config_vars['pm_cleanup_max_age'];
$date_sent = date('Y-m-d H:i:s', strtotime("now -".$pm_cleanup_max_age));
$this->aauth_db->where('date_sent <', $date_sent);
return $this->aauth_db->delete($this->config_vars['pms']);
} }
//tested //tested
@ -2047,6 +2084,7 @@ class Aauth {
} }
$query = $this->aauth_db->where('receiver_id', $receiver_id); $query = $this->aauth_db->where('receiver_id', $receiver_id);
$query = $this->aauth_db->where('pm_deleted_receiver', 0);
$query = $this->aauth_db->where('date_read', NULL); $query = $this->aauth_db->where('date_read', NULL);
$query = $this->aauth_db->get( $this->config_vars['pms'] ); $query = $this->aauth_db->get( $this->config_vars['pms'] );

2
sql/Aauth_v2.sql
Unescape View File

@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
`message` text, `message` text,
`date_sent` datetime DEFAULT NULL, `date_sent` datetime DEFAULT NULL,
`date_read` datetime DEFAULT NULL, `date_read` datetime DEFAULT NULL,
`pm_deleted_sender` int(1) DEFAULT '0',
`pm_deleted_receiver` int(1) DEFAULT '0',
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`) KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

2
sql/Aauth_v2_BCrypt.sql
Unescape View File

@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
`message` text, `message` text,
`date_sent` datetime DEFAULT NULL, `date_sent` datetime DEFAULT NULL,
`date_read` datetime DEFAULT NULL, `date_read` datetime DEFAULT NULL,
`pm_deleted_sender` int(1) DEFAULT '0',
`pm_deleted_receiver` int(1) DEFAULT '0',
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`) KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

Write Preview
Loading…
Cancel
Save