Merge branch 'master' of https://github.com/williamscollege/eqreserve

Conflicts:
	index.php

auth.cfg.php.sample

@@ -0,0 +1,5 @@
+<?php
+
+require_once('classes/auth_base.class.php');
+
+$AUTH = new Auth_Base();

classes/auth_LDAP.class.php

@@ -1,11 +1,18 @@
 <?php
+require_once dirname(__FILE__) . '/auth_base.class.php';
+
 class Auth_LDAP extends Auth_Base
 {
     public function authenticate($user,$pass) {
-        // does stuff
+//echo "authenticating...\n";
+//echo 'user='.$user."\n";
+//echo 'pass='.$pass."\n";
         if (parent::authenticate($user,$pass)) {
             return true;
         }
+
+
+        return false;
     }
 }
 

classes/auth_base.class.php

@@ -2,6 +2,11 @@
 class Auth_Base
 {
     public function authenticate($user,$pass) {
+//echo "authenticating...\n";
+//echo 'user='.$user."\n";
+//echo 'TESTINGUSER='.TESTINGUSER."\n";
+//echo 'pass='.$pass."\n";
+//echo 'TESTINGPASSWORD='.TESTINGPASSWORD."\n";
         return (($user == TESTINGUSER) && ($pass==TESTINGPASSWORD));
     }
 

head.php

@@ -1,8 +1,22 @@
 <?php
 session_start();
-
 require_once('institution.cfg.php');
 
+echo "head loaded\n";
+
+if ((! isset($_SESSION['isAuthenticated'])) || (! $_SESSION['isAuthenticated'])) {
+//echo 'session not authenticated';
+    if ((isset($_REQUEST['username'])) && (isset($_REQUEST['password']))) {
+//echo "trying to authenticate\n";
+//echo 'username = '.$_REQUEST['username']."\n";
+//echo 'password = '.$_REQUEST['password']."\n";
+        require_once('auth.cfg.php');
+        $_SESSION['isAuthenticated'] = $AUTH->authenticate($_REQUEST['username'],$_REQUEST['password']);
+//echo "post authenticate attempt\n";
+//echo 'isAuthenticated = '.$_SESSION['isAuthenticated']."\n";
+    }    
+}
+
 $DB = new PDO("mysql:host=".DB_SERVER.";dbname=".DB_NAME.";port=3306",DB_USER,DB_PASS);
 
 ?>

index.php

@@ -2,16 +2,23 @@
 $pageTitle = 'Home';
 require_once('head.php');
 
-
+if (! $_SESSION['isAuthenticated']) {
 ?>
 <form id="frmIndex" class="" type="post" action="">
-
 	<input type="text" id="username" name="username" value="" />
 	<input type="password" id="password" name="password" value="" />
 	<input type="submit" id="submit_login" name="submit_login" value="Log In" />
 
 </form>
 <?php
+} else
+{
+?>
 
+You are logged in.
+
+<?php
+$_SESSION['isAuthenticated'] = false;
+}
 require_once('foot.php');
 ?>

tests/index_tests/IndexPageAuthTest.php

@@ -9,13 +9,17 @@ function testIndexNotLoggedIn() {
 		$this->assertField('password'); //$value
 	}
 
-    function testIndexLoggedIn() {
+    function testIndexLoggingIn() {
         $this->get('http://localhost/eqreserve/');
         $this->assertCookie('PHPSESSID');
-        $this->setField('username', 'Me');
-        $this->setField('password', 'Secret');
-        $this->click('Log in');        $this->assertFalse($this->assertField('username')); //$value
-        $this->assertFalse($this->assertField('password')); //$value
+        $this->setField('username', TESTINGUSER);
+        $this->setField('password', TESTINGPASSWORD);
+
+        $this->click('Log In');
+
+        $this->assertFalse($this->setField('username','foo')); //$value
+        $this->assertFalse($this->setField('password','bar')); //$value
+        $this->assertPattern('/You are logged in as/');
     }
 
 }