From 35ba076cf685392463062e548e3f2909e38ef914 Mon Sep 17 00:00:00 2001
From: Rasmus Fuhse <fuhse@data-quest.de>
Date: Thu, 1 Jun 2023 13:42:23 +0200
Subject: [PATCH] add NSI modifications
---
app/controllers/studip_controller.php | 4 +-
.../auth_plugins/StudipAuthNsi.class.php | 76 +++++++++++++++++++
templates/loginform.php | 7 +-
3 files changed, 84 insertions(+), 3 deletions(-)
create mode 100644 lib/classes/auth_plugins/StudipAuthNsi.class.php
diff --git a/app/controllers/studip_controller.php b/app/controllers/studip_controller.php
index 1ddce67db50..6c12a56cf43 100644
--- a/app/controllers/studip_controller.php
+++ b/app/controllers/studip_controller.php
@@ -210,9 +210,11 @@ abstract class StudipController extends Trails_Controller
break;
case 'option':
- if (preg_match('/[^\\w,-]/', $arg)) {
+ //NSI MOD BEGIN
+ if (preg_match('/[^\\w\.,-]/', $arg)) {
throw new Trails_Exception(400);
}
+ //NSI MOD END
break;
case 'sorm':
diff --git a/lib/classes/auth_plugins/StudipAuthNsi.class.php b/lib/classes/auth_plugins/StudipAuthNsi.class.php
new file mode 100644
index 00000000000..a41ec89e5a8
--- /dev/null
+++ b/lib/classes/auth_plugins/StudipAuthNsi.class.php
@@ -0,0 +1,76 @@
+<?php
+# Lifter007: TODO
+# Lifter003: TODO
+# Lifter010: TODO
+// +---------------------------------------------------------------------------+
+// This file is part of Stud.IP
+// StudipAuthStandard.class.php
+// Basic Stud.IP authentication, using the Stud.IP database
+//
+// Copyright (c) 2003 André Noack <noack@data-quest.de>
+// Suchi & Berg GmbH <info@data-quest.de>
+// +---------------------------------------------------------------------------+
+// This program is free software; you can redistribute it and/or
+// modify it under the terms of the GNU General Public License
+// as published by the Free Software Foundation; either version 2
+// of the License, or any later version.
+// +---------------------------------------------------------------------------+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+// You should have received a copy of the GNU General Public License
+// along with this program; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+// +---------------------------------------------------------------------------+
+
+/**
+ * Basic Stud.IP authentication, using the Stud.IP database
+ *
+ * Basic Stud.IP authentication, using the Stud.IP database
+ *
+ * @access public
+ * @author André Noack <noack@data-quest.de>
+ * @package
+ */
+class StudipAuthNsi extends StudipAuthStandard
+{
+
+ public $error_head = 'NSI-Portal';
+
+ /**
+ *
+ *
+ *
+ * @access public
+ *
+ */
+ function isAuthenticated($username, $password)
+ {
+ $username = mb_strtolower($username);
+ $user = User::findByUsername($username);
+ if (!$user || !$password || mb_strlen($password) > 72) {
+ $this->error_msg= _("Ungültige Benutzername/Passwort-Kombination!") ;
+ return false;
+ } elseif ($user->auth_plugin != $this->plugin_name) {
+ $this->error_msg = sprintf(_("Dieser Benutzername wird bereits über %s authentifiziert!"),$user->auth_plugin) ;
+ return false;
+ } else {
+ $pass = $user->password;
+ }
+ if (mb_strlen($pass) != 60) {
+ $this->error_msg = sprintf(_("Sie benötigen die Anmeldedaten des NSI-Portals. Bitte stellen Sie sicher, dass Sie sich bereits einmal im
+%s angemeldet haben. Bei einer Passwortänderung im NSI-Portal kann es bis zu 24 Stunden dauern, bis die Änderung in Stud.IP wirksam wird."), '<a href="https://www.nsi-hsvn.de/login.html" target="_blank">NSI-Portal</a>') ;
+ return false;
+ }
+ $hasher = UserManagement::getPwdHasher();
+ $check = $hasher->CheckPassword($password, $pass);
+ if (!$check) {
+ $this->error_msg= _("Das Passwort ist falsch!");
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+}
diff --git a/templates/loginform.php b/templates/loginform.php
index edbd565f823..a7d1aab10bc 100644
--- a/templates/loginform.php
+++ b/templates/loginform.php
@@ -74,9 +74,12 @@ if (!match_route('web_migrate.php')) {
<? if (Config::get()->ENABLE_REQUEST_NEW_PASSWORD_BY_USER && in_array('Standard', $GLOBALS['STUDIP_AUTH_PLUGIN'])): ?>
<a href="<?= URLHelper::getLink('dispatch.php/new_password?cancel_login=1') ?>">
<? else: ?>
- <a href="mailto:<?= $GLOBALS['UNI_CONTACT'] ?>?subject=<?= rawurlencode('Stud.IP Passwort vergessen - '.Config::get()->UNI_NAME_CLEAN) ?>&body=<?= rawurlencode('Ich habe mein Passwort vergessen. Bitte senden Sie mir ein Neues.\nMein Nutzername: ' . htmlReady($uname) . "\n") ?>">
+ <? /* MOD NSI BEGIN */ ?>
+ <!-- <a href="mailto:<?= $GLOBALS['UNI_CONTACT'] ?>?subject=<?= rawurlencode('Stud.IP Passwort vergessen - '.Config::get()->UNI_NAME_CLEAN) ?>&body=<?= rawurlencode('Ich habe mein Passwort vergessen. Bitte senden Sie mir ein Neues.\nMein Nutzername: ' . htmlReady($uname) . "\n") ?>"> -->
+ <a href="https://www.nsi-hsvn.de/login.html?tx_nsiportal_login%5Baction%5D=requestPasswordUpdateForm&tx_nsiportal_login%5Bcontroller%5D=Account&cHash=4ca05d2bd995bbb12b5b107570a03e89">Passwort vergessen? - Bitte benutzen Sie das NSI-Portal
<? endif; ?>
- <?= _('Passwort vergessen') ?>
+ <!--<?= _('Passwort vergessen') ?> -->
+ <? /* MOD NSI END */ ?>
</a>
<? if ($self_registration_activated): ?>
/
--
GitLab