1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
applicationpassword.php
См. документацию.
1<?php
2
9
10namespace Bitrix\Main\Authentication;
11
12use Bitrix\Main;
13use Bitrix\Main\ORM;
14use Bitrix\Main\ORM\Data;
15use Bitrix\Main\ORM\Fields;
16
33class ApplicationPasswordTable extends Data\DataManager
34{
35 use Data\Internal\DeleteByFilterTrait;
36
37 protected const PASSWORD_ALPHABET = "qwertyuiopasdfghjklzxcvbnm";
38 protected const PASSWORD_LENGTH = 16;
39
40 public static function getTableName()
41 {
42 return "b_app_password";
43 }
44
45 public static function getMap()
46 {
47 return [
48 new Fields\IntegerField('ID', [
49 'primary' => true,
50 'autocomplete' => true,
51 ]),
52 new Fields\IntegerField('USER_ID', [
53 'required' => true,
54 'validation' => '\Bitrix\Main\Authentication\ApplicationPasswordTable::getUserValidators',
55 ]),
56 new Fields\StringField('APPLICATION_ID', [
57 'required' => true,
58 ]),
59 new Fields\StringField('PASSWORD', [
60 'required' => true,
61 ]),
62 new Fields\StringField('DIGEST_PASSWORD'),
63 new Fields\DatetimeField('DATE_CREATE'),
64 new Fields\DatetimeField('DATE_LOGIN'),
65 new Fields\StringField('LAST_IP'),
66 new Fields\StringField('COMMENT'),
67 new Fields\StringField('SYSCOMMENT'),
68 new Fields\StringField('CODE'),
69 new Fields\Relations\Reference(
70 'USER',
71 'Bitrix\Main\User',
72 ['=this.USER_ID' => 'ref.ID'],
73 ['join_type' => 'INNER']
74 ),
75 ];
76 }
77
78 public static function getUserValidators()
79 {
80 return [
81 new Fields\Validators\ForeignValidator(Main\UserTable::getEntity()->getField('ID')),
82 ];
83 }
84
85 public static function onBeforeAdd(ORM\Event $event)
86 {
87 $result = new ORM\EventResult;
88 $data = $event->getParameter("fields");
89
90 if (isset($data["USER_ID"]) && isset($data['PASSWORD']))
91 {
92 $modified = [
93 'PASSWORD' => Main\Security\Password::hash($data['PASSWORD']),
94 ];
95
96 $user = Main\UserTable::getRowById($data["USER_ID"], ['select' => ['LOGIN']]);
97
98 if ($user !== null)
99 {
100 $realm = (defined('BX_HTTP_AUTH_REALM') ? BX_HTTP_AUTH_REALM : "Bitrix Site Manager");
101 $digest = md5($user["LOGIN"] . ':' . $realm . ':' . $data['PASSWORD']);
102 $modified['DIGEST_PASSWORD'] = $digest;
103 }
104
105 $result->modifyFields($modified);
106 }
107 return $result;
108 }
109
110 public static function onDelete(ORM\Event $event)
111 {
112 $id = $event->getParameter("id");
113
114 $row = static::getRowById($id);
115 if ($row)
116 {
117 Main\UserAuthActionTable::addLogoutAction($row["USER_ID"], $row["APPLICATION_ID"]);
118 }
119 }
120
125 public static function generatePassword()
126 {
127 return Main\Security\Random::getStringByCharsets(static::PASSWORD_LENGTH, static::PASSWORD_ALPHABET);
128 }
129
135 public static function isPassword($password)
136 {
137 if (is_string($password))
138 {
139 $password = str_replace(' ', '', $password);
140
141 if (strlen($password) === static::PASSWORD_LENGTH)
142 {
143 return (!preg_match("/[^" . static::PASSWORD_ALPHABET . "]/", $password));
144 }
145 }
146 return false;
147 }
148
157 public static function findPassword($userId, $password, $passwordOriginal = true)
158 {
159 if ($passwordOriginal)
160 {
161 $password = str_replace(' ', '', $password);
162 }
163
164 $appPasswords = static::getList([
165 'select' => [
166 'ID',
167 'PASSWORD',
168 'APPLICATION_ID',
169 ],
170 'filter' => [
171 '=USER_ID' => $userId,
172 ],
173 'order' => [
174 'ID' => 'desc',
175 ],
176 ]);
177 while (($appPassword = $appPasswords->fetch()))
178 {
179 if (Main\Security\Password::equals($appPassword["PASSWORD"], $password, $passwordOriginal))
180 {
181 //bingo, application password
182 return $appPassword;
183 }
184 }
185 return false;
186 }
187
195 public static function findDigestPassword($userId, array $digest)
196 {
197 $appPasswords = static::getList([
198 'select' => ['PASSWORD', 'DIGEST_PASSWORD', 'APPLICATION_ID'],
199 'filter' => ['=USER_ID' => $userId],
200 ]);
201
202 $server = Main\Context::getCurrent()->getServer();
203 $method = ($server['REDIRECT_REQUEST_METHOD'] !== null ? $server['REDIRECT_REQUEST_METHOD'] : $server['REQUEST_METHOD']);
204 $HA2 = md5($method . ':' . $digest['uri']);
205
206 while (($appPassword = $appPasswords->fetch()))
207 {
208 $HA1 = $appPassword["DIGEST_PASSWORD"];
209 $valid_response = md5($HA1 . ':' . $digest['nonce'] . ':' . $HA2);
210
211 if ($digest["response"] === $valid_response)
212 {
213 //application password
214 return $appPassword;
215 }
216 }
217 return false;
218 }
219}
$userId
if(!is_object($USER)||! $USER->IsAuthorized()) $userId
Определения check_mail.php:18
Bitrix\Main\Authentication\ApplicationPasswordTable\findPassword
static findPassword($userId, $password, $passwordOriginal=true)
Определения applicationpassword.php:157
Bitrix\Main\Authentication\ApplicationPasswordTable\findDigestPassword
static findDigestPassword($userId, array $digest)
Определения applicationpassword.php:195
Bitrix\Main\ORM\Data\DataManager\getEntity
static getEntity()
Определения datamanager.php:65
Bitrix\Main\ORM\Data\DataManager\getRowById
static getRowById($id, array $parameters=[])
Определения datamanager.php:380
Bitrix\Main\Security\Password\equals
static equals($hash, $password, $original=true)
Определения password.php:20
Bitrix\Main\Security\Password\hash
static hash($password, $salt=null)
Определения password.php:82
Bitrix\Main\Security\Random\getStringByCharsets
static getStringByCharsets($length, $charsetList)
Определения random.php:115
Bitrix\Main\UserAuthActionTable\addLogoutAction
static addLogoutAction($userId, $applicationId=null)
Определения userauthaction.php:75
$data
$data['IS_AVAILABLE']
Определения .description.php:13
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$result
$result
Определения get_property_values.php:14
Bitrix\Main\$user
$user
Определения mysql_to_pgsql.php:33
Bitrix\Main\$password
$password
Определения mysql_to_pgsql.php:34
$event
$event
Определения prolog_after.php:141
$method
$method
Определения index.php:27