/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
# include <QTcpServer>
#endif
+#include "authenticator.h"
#include "bufferinfo.h"
#include "message.h"
#include "oidentdconfiggenerator.h"
return instance()->_storage->validateUser(userName, password);
}
+ //! Authenticate user against auth backend
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId authenticateUser(const QString &userName, const QString &password) {
+ return instance()->_authenticator->validateUser(userName, password);
+ }
+
+ //! Add a new user, exposed so auth providers can call this without being the storage.
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId addUser(const QString &userName, const QString &password, const QString &authenticator = "Database") {
+ return instance()->_storage->addUser(userName, password, authenticator);
+ }
+
+ //! Does a comparison test against the authenticator in the database and the authenticator currently in use for a UserID.
+ /**
+ * \param userid The user's ID (note: not login name).
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return True if the userid was configured with the passed authenticator, false otherwise.
+ */
+ static inline bool checkAuthProvider(const UserId userid, const QString &authenticator) {
+ return instance()->_storage->getUserAuthenticator(userid) == authenticator;
+ }
+
+ //! Change a user's password
+ /**
+ * \param userId The user's ID
+ * \param password The user's unencrypted new password
+ * \return true, if the password change was successful
+ */
+ static bool changeUserPassword(UserId userId, const QString &password);
+
+ //! Check if we can change a user password.
+ /**
+ * \param userID The user's ID
+ * \return true, if we can change their password, false otherwise
+ */
+ static bool canChangeUserPassword(UserId userId);
+
//! Store a user setting persistently
/**
* \param userId The users Id
static inline QDateTime startTime() { return instance()->_startTime; }
static inline bool isConfigured() { return instance()->_configured; }
static bool sslSupported();
+
+ /**
+ * Reloads SSL certificates used for connection with clients
+ *
+ * @return True if certificates reloaded successfully, otherwise false.
+ */
+ static bool reloadCerts();
+
static QVariantList backendInfo();
+ static QVariantList authenticatorInfo();
- static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData);
+ /**
+ * Checks if a storage backend is the default storage backend. This
+ * hardcodes this information into the core (not the client).
+ *
+ * \param backend The backend to check.
+ *
+ * @return True if storage backend is default, false otherwise.
+ */
+ static inline bool isStorageBackendDefault(const Storage *backend)
+ {
+ return (backend->displayName() == "SQLite") ? true : false;
+ }
+
+ static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap);
static inline QTimer &syncTimer() { return instance()->_storageSyncTimer; }
*/
void syncStorage();
void setupInternalClientSession(InternalPeer *clientConnection);
- QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData);
+ QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap);
signals:
//! Sent when a BufferInfo is updated in storage.
void clientDisconnected();
bool initStorage(const QString &backend, const QVariantMap &settings, bool setup = false);
+ bool initAuthenticator(const QString &backend, const QVariantMap &settings, bool setup = false);
void socketError(QAbstractSocket::SocketError err, const QString &errorString);
void setupClientSession(RemotePeer *, UserId);
- void changeUserPass(const QString &username);
+ bool changeUserPass(const QString &username);
private:
Core();
bool registerStorageBackend(Storage *);
void unregisterStorageBackends();
void unregisterStorageBackend(Storage *);
+
+ void registerAuthenticatorBackends();
+ bool registerAuthenticatorBackend(Authenticator *);
+ void unregisterAuthenticatorBackends();
+ void unregisterAuthenticatorBackend(Authenticator *);
+
bool selectBackend(const QString &backend);
- void createUser();
- void saveBackendSettings(const QString &backend, const QVariantMap &settings);
+ bool createUser();
+ bool saveBackendSettings(const QString &backend, const QVariantMap &settings);
+ void saveAuthBackendSettings(const QString &backend, const QVariantMap &settings);
QVariantMap promptForSettings(const Storage *storage);
private:
QSet<CoreAuthHandler *> _connectingClients;
QHash<UserId, SessionThread *> _sessions;
+
+ // Have both a storage backend and an authenticator backend.
Storage *_storage;
+ Authenticator *_authenticator;
QTimer _storageSyncTimer;
#ifdef HAVE_SSL
OidentdConfigGenerator *_oidentdConfigGenerator;
QHash<QString, Storage *> _storageBackends;
+ QHash<QString, Authenticator *> _authenticatorBackends;
QDateTime _startTime;