Issues in BasicRestfulAuthenticator.php (master) - Issues in master - silverstripe/silverstripe-restfulserver - Measure and Improve Code Quality continuously with Scrutinizer

Issues (97)

src/BasicRestfulAuthenticator.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

namespace SilverStripe\RestfulServer;

use SilverStripe\Security\Authenticator;
use SilverStripe\Control\Controller;
use SilverStripe\Security\Security;

/**
 * A simple authenticator for the Restful server.
 *
 * This allows users to be authenticated against that RestfulServer using their
 * login details, however they will be passed 'in the open' and will require the
 * application accessing the RestfulServer to store logins in plain text (or in
 * decrytable form)
 */
class BasicRestfulAuthenticator
{
    /**
     * The authenticate function
     *
     * Takes the basic auth details and attempts to log a user in from the DB
     *
     * @return Member|false The Member object, or false if no member
filter:
    dependency_paths: ["lib/*"]
     */
    public static function authenticate()
    {
        //if there is no username or password, fail
        if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
            return null;
        }

        // With a valid user and password, check the password is correct
        $data = [
            'Email' => $_SERVER['PHP_AUTH_USER'],
            'Password' => $_SERVER['PHP_AUTH_PW'],
        ];
        $request = Controller::curr()->getRequest();
        $authenticators = Security::singleton()->getApplicableAuthenticators(Authenticator::LOGIN);
        $member = null;
        foreach ($authenticators as $authenticator) {
            $member = $authenticator->authenticate($data, $request);
            if ($member) {
                break;
            }
        }
        return $member;
    }
}


1			<?php
2
3			namespace SilverStripe\RestfulServer;
4
5			use SilverStripe\Security\Authenticator;
6			use SilverStripe\Control\Controller;
7			use SilverStripe\Security\Security;
8
9			/**
10			* A simple authenticator for the Restful server.
11			*
12			* This allows users to be authenticated against that RestfulServer using their
13			* login details, however they will be passed 'in the open' and will require the
14			* application accessing the RestfulServer to store logins in plain text (or in
15			* decrytable form)
16			*/
17			class BasicRestfulAuthenticator
18			{
19			/**
20			* The authenticate function
21			*
22			* Takes the basic auth details and attempts to log a user in from the DB
23			*
24			* @return Member\|false The Member object, or false if no member
			0 ignored issues – show Bug introduced 2017-12-05 21:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `SilverStripe\RestfulServer\Member` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
25			*/
26			public static function authenticate()
27			{
28			//if there is no username or password, fail
29			if (!isset($_SERVER['PHP_AUTH_USER']) \|\| !isset($_SERVER['PHP_AUTH_PW'])) {
30			return null;
31			}
32
33			// With a valid user and password, check the password is correct
34			$data = [
35			'Email' => $_SERVER['PHP_AUTH_USER'],
36			'Password' => $_SERVER['PHP_AUTH_PW'],
37			];
38			$request = Controller::curr()->getRequest();
39			$authenticators = Security::singleton()->getApplicableAuthenticators(Authenticator::LOGIN);
40			$member = null;
41			foreach ($authenticators as $authenticator) {
42			$member = $authenticator->authenticate($data, $request);
43			if ($member) {
44			break;
45			}
46			}
47			return $member;
48			}
49			}
50

silverstripe / silverstripe-restfulserver

Issues (97)

src/BasicRestfulAuthenticator.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like