From 5c9d6a5396eb43739eb1c17540228c20a16f4554 Mon Sep 17 00:00:00 2001
From: bpatath <62777491+bpatath@users.noreply.github.com>
Date: Fri, 19 Jun 2020 23:01:19 +0200
Subject: Add auto-registration when using http_auth (#3003)

* Add auto-registration when using http_auth

* Document HTTP auth auto-registration

* Check email variable for HTTP auth auto-registration

* Auto-create HTTP users by default

* Fix Context init

(I will provide in another PR a better fix requiring a bit of global refactoring)

* Init language

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 app/Models/Auth.php | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

(limited to 'app/Models/Auth.php')

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index bd7f05c66..fcbf37fa3 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -47,8 +47,8 @@ class FreshRSS_Auth {
 	 * @return boolean true if user can be connected, false else.
 	 */
 	private static function accessControl() {
-		$conf = Minz_Configuration::get('system');
-		$auth_type = $conf->auth_type;
+		FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+		$auth_type = FreshRSS_Context::$system_conf->auth_type;
 		switch ($auth_type) {
 		case 'form':
 			$credentials = FreshRSS_FormAuth::getCredentialsFromCookie();
@@ -62,7 +62,22 @@ class FreshRSS_Auth {
 			return $current_user != '';
 		case 'http_auth':
 			$current_user = httpAuthUser();
-			$login_ok = $current_user != '' && FreshRSS_UserDAO::exists($current_user);
+			if ($current_user == '') {
+				return false;
+			}
+			$login_ok = FreshRSS_UserDAO::exists($current_user);
+			if (!$login_ok && FreshRSS_Context::$system_conf->http_auth_auto_register) {
+				$email = null;
+				if (FreshRSS_Context::$system_conf->http_auth_auto_register_email_field !== '' &&
+					isset($_SERVER[FreshRSS_Context::$system_conf->http_auth_auto_register_email_field])) {
+					$email = $_SERVER[FreshRSS_Context::$system_conf->http_auth_auto_register_email_field];
+				}
+				$language = Minz_Translate::getLanguage(null, Minz_Request::getPreferredLanguages(), FreshRSS_Context::$system_conf->language);
+				Minz_Translate::init($language);
+				$login_ok = FreshRSS_user_Controller::createUser($current_user, $email, '', [
+					'language' => $language,
+				]);
+			}
 			if ($login_ok) {
 				Minz_Session::_param('currentUser', $current_user);
 				Minz_Session::_param('csrf');
-- 
cgit v1.2.3