Adds IP based authentication

auth-ip/authenticate.php

@@ -0,0 +1,54 @@
+<?php
+
+require_once(INCLUDE_DIR.'class.auth.php');
+
+class UserIpAuthentication extends UserAuthenticationBackend {
+    static $name = "IP Authentication";
+    static $id = "ip.client";
+
+    function supportsInteractiveAuthentication() {
+        return false;
+    }
+
+    function signOn() {
+        if (isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR'])) {
+            if (isset($_GET['token']) && !empty($_GET['token']) && iconv_strlen($_GET['token']) >= 7) {
+                $username = $_GET['token'];
+            } else if (isset($_GET['ddns']) && !empty($_GET['ddns']) && $_SERVER['REMOTE_ADDR'] === gethostbyname($_GET['ddns'])) {
+                $username = $_GET['ddns'];
+            } else {
+                $username = $_SERVER['REMOTE_ADDR'];
+            }
+            if ($acct = ClientAccount::lookupByUsername($username)) {
+                if (($client = new ClientSession(new EndUser($acct->getUser())))
+                        && $client->getId())
+                    return $client;
+            }
+            else {
+                // No such account. Attempt a lookup on the username
+                $users = parent::searchUsers($username);
+                if (!is_array($users))
+                    return;
+
+                foreach ($users as $u) {
+                    if (0 === strcasecmp($u['username'], $username)
+                            || 0 === strcasecmp($u['email'], $username))
+                        // User information is valid
+                        return new ClientCreateRequest($this, $username, $u);
+                }
+            }
+        }
+    }
+}
+
+require_once(INCLUDE_DIR.'class.plugin.php');
+require_once('config.php');
+class IpAuthPlugin extends Plugin {
+    var $config_class = 'IpAuthConfig';
+
+    function bootstrap() {
+        $config = $this->getConfig();
+        if ($config->get('auth-client'))
+            UserAuthenticationBackend::register('UserIpAuthentication');
+    }
+}

auth-ip/config.php

@@ -0,0 +1,45 @@
+<?php
+require_once(INCLUDE_DIR.'/class.forms.php');
+
+class IpAuthConfig extends PluginConfig {
+
+    // Provide compatibility function for versions of osTicket prior to
+    // translation support (v1.9.4)
+    function translate() {
+        if (!method_exists('Plugin', 'translate')) {
+            return array(
+                function($x) { return $x; },
+                function($x, $y, $n) { return $n != 1 ? $y : $x; },
+            );
+        }
+        return Plugin::translate('auth-ip');
+    }
+
+    function getOptions() {
+        list($__, $_N) = self::translate();
+        return array(
+            'auth' => new SectionBreakField(array(
+                'label' => $__('Authentication Modes'),
+                'hint' => $__('Authentication mode for clients. Clients
+                    can be identified via their IP address.'),
+            )),
+            'auth-client' => new BooleanField(array(
+                'label' => $__('Client Authentication'),
+                'default' => false,
+                'configuration' => array(
+                    'desc' => $__('Enable IP authentication of clients')
+                )
+            )),
+        );
+    }
+
+    function pre_save(&$config, &$errors) {
+        global $msg;
+
+        list($__, $_N) = self::translate();
+        if (!$errors)
+            $msg = $__('Configuration updated successfully');
+
+        return true;
+    }
+}

auth-ip/plugin.php

@@ -0,0 +1,11 @@
+<?php
+
+return array(
+    'id' =>             'auth:ip', # notrans
+    'version' =>        '0.1',
+    'name' =>           /* trans */ 'IP Authentication',
+    'author' =>         'Maximilian Weber',
+    'description' =>    /* trans */ 'Allows user authentication based on IP addresses. osTicket will match the request IP address to usernames.',
+    'url' =>            'http://www.osticket.com/plugins/auth/ip',
+    'plugin' =>         'authenticate.php:IpAuthPlugin'
+);