Changeset 155

Show
Ignore:
Timestamp:
11/02/07 00:46:27 (14 months ago)
Author:
chris
Message:

Added multiple authentication modes with IP based permissions

Location:
trunk
Files:
4 modified

Legend:

Unmodified
Added
Removed

  • trunk/CHANGELOG

    r153 r155  
    2323 
    2424* Tidied up the appearance of HellaWorld when javascript is disabled. 
     25 
     26* Altered the current, somewhat confusing, authentication system to a more 
     27  intuitive configuration, also allowing for IP based authentication. This 
     28  change has added options to the configuration file, please see the 
     29  README for details 
    2530 
    26311.8 

  • trunk/README

    r141 r155  
    22--------------------- 
    33 
    4 *General Use* 
     4*General Intall* 
    55 
    6 General usage is pretty simple, copy config-sample.php to config.php 
    7 then change the settings to match your HellaNZB install. 
    8 Then upload and view the site within your web browser. That should 
    9 be all that's necessary. 
     6The installation is as simple as these 4 steps: 
     7 
     81) Copy config-sample.php to config.php 
     92) Open config.php in your favorite text editor 
     103) Edit the settings as you wish 
     114) Save and close your text editor 
     125) Upload the files to your webserver and view in your browser of choice 
     13 
     14For more detailed configuration information, please read on. 
     15 
     16*Authentication* 
     17 
     18HellaWorld supports 4 authentication modes. 
     19 
     20Open: Open to everyone without a password (Default) 
     21Closed: Login required every time you visit 
     22Hybrid: Open for specified IP ranges (defaults to the 3 standard private 
     23        address ranges) login is required for all others 
     24Exclusive: Closed for all addresses except those in the specified IP 
     25           range 
    1026 
    1127*Supported Languages* 

  • trunk/config-sample.php

    r133 r155  
    22 
    33// Change these settings to match your desired configuration. 
    4  
    5 // Setting the password to an empty string '' will result in 
    6 // you being asked to enter the username and password 
    7 // when you view the site in your browser 
    84 
    95// The default settings correspond to an unaltered installation 
     
    139                'host'                  =>      'localhost',    // The address HellaNZB is running on. 
    1410                'port'                  =>      '8760',                 // The port HellaNZB is listening on. 
     11                'auth'                  =>      'open',                 // Can be open, closed, exclusive or hybrid, see readme for details 
     12 
     13                // username and password required for open and hybrid authentication 
    1514                'username'              =>      'hellanzb',             // This is usually hardcoded as hellanzb and shouldnt need changing 
    1615                'password'              =>      'changeme',             // The password specified in hellanzb.conf 
     16 
    1717                'showfinished'  =>      true,                   // Show finished items, see README for details 
    1818                'language'              =>      'en_GB',                // The language code HellaWorld should use 
     19 
     20                // this is a range of allowed IP addresses for hybrid and exclusive authentication, 
     21                // address ranges must be comma seperated, use xxx.xxx.xxx.xxx/32 to limit it to a single 
     22                // address, where xxx.xxx.xxx.xxx is the address you wish to limit it to. 
     23                'iprange'               =>      '192.168.0.0/16,10.0.0.0/8,172.168.0.0/12' 
    1924        ); 
    2025 

  • trunk/index.php

    r150 r155  
    3737$Id$ 
    3838 
    39 */ 
    40  
     39 */ 
     40 
     41        function ipInRange($range, $address) { 
     42                $range = str_replace(array(' ', "\r", "\n"), '', $range); 
     43                foreach(explode(',', $range) as $ip) { 
     44                        list($base, $bits) = explode('/', $ip); 
     45                        list($a, $b, $c, $d) = explode('.', $base); 
     46 
     47                        $i = ($a << 24) + ($b << 16) + ($c << 8) + $d; 
     48                        $mask = $bits == 0 ? 0 : (~0 << (32 - $bits)); 
     49 
     50                        $low = $i & $mask; 
     51                        $high = $i | (~$mask & 0xFFFFFFFF); 
     52 
     53                        list($a, $b, $c, $d) = explode('.', $address); 
     54                        $check = ($a << 24) + ($b << 16) + ($c << 8) + $d; 
     55                        if ($check >= $low && $check <= $high) { 
     56                                return true; 
     57                        } 
     58                } 
     59                return false; 
     60        } 
    4161 
    4262        try { 
     
    4666                } else { 
    4767                        throw new Exception('config.php not found, please configure HellaWorld'); 
     68                } 
     69 
     70                if (isset($config['auth']) && !empty($config['auth'])) { 
     71                        $auth = strtolower($config['auth']); 
     72                        if ($auth == 'open' || $auth == 'hybrid') { 
     73                                if (!isset($config['username']) || !isset($config['password']) || empty($config['username']) || empty($config['password'])) { 
     74                                        throw new Exception('Authentication types open and hybrid require a password to be set'); 
     75                                } 
     76                        } 
     77                } else { 
     78                        $auth = 'open'; 
    4879                } 
    4980 
     
    6091 
    6192                $hellaworldversion = "1.9-SVN"; 
     93                if (!isset($config['iprange'])) { 
     94                        $iprange = '192.168.0.0/16,10.0.0.0/8,172.168.0.0/12'; 
     95                } else { 
     96                        $iprange = $config['iprange']; 
     97                } 
    6298                $protocol = (($_SERVER['SERVER_PORT'] == 443) ? 'https' : 'http'); 
    6399 
    64100                require_once 'classes/HellaController.php'; 
    65101 
    66                 if (!array_key_exists('password', $config) || empty($config['password'])) { 
     102                if ($auth == 'exclusive' && !ipInRange($iprange, $_SERVER['REMOTE_ADDR'])) { 
     103                        throw new Exception('IP Address is not in an allowed range'); 
     104                } elseif ($auth == 'closed' || ($auth == 'hybrid' && !ipInRange($iprange, $_SERVER['REMOTE_ADDR']))) { 
    67105                        session_start(); 
    68106                        if (!array_key_exists('PHP_AUTH_USER', $_SERVER) || empty($_SERVER['PHP_AUTH_USER'])) {