From 12df6592f337083d9bb0f652851a11fba1310cfd Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Tue, 11 Jan 2011 11:36:35 +0300
Subject: [PATCH] add optional AUTO_LOGIN for when remote authentication is
 allowed (closes #295)

---
 config.php-dist  |  7 ++++++-
 functions.php    | 12 +++++++++---
 sanity_check.php |  2 +-
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/config.php-dist b/config.php-dist
index 89135389f..bd61c9bf0 100644
--- a/config.php-dist
+++ b/config.php-dist
@@ -136,6 +136,11 @@
 	// option can be used to integrate tt-rss with Apache's external
 	// authentication modules.
 
+	define('AUTO_LOGIN', false);
+	// Set this to true if you use ALLOW_REMOTE_USER_AUTH and you want
+	// to skip the login form. If set to true, users won't be able to
+	// set application language and settings profile.
+
 	define('LOCK_DIRECTORY', 'lock');
 	// Directory for lockfiles, must be writable to the user you run
 	// daemon process or cronjobs under.
@@ -184,7 +189,7 @@
 	// Your OAuth instance authentication information for Twitter, visit
 	// http://twitter.com/oauth_clients to register your instance.
 
-	define('CONFIG_VERSION', 20);
+	define('CONFIG_VERSION', 21);
 	// Expected config version. Please update this option in config.php
 	// if necessary (after migrating all new options from this file).
 
diff --git a/functions.php b/functions.php
index b2694f7ec..4184880fe 100644
--- a/functions.php
+++ b/functions.php
@@ -1991,9 +1991,15 @@
 			}
 
 			if (!$_SESSION["uid"] || !validate_session($link)) {
-				render_login_form($link, $mobile);
-				//header("Location: login.php");
-				exit;
+				if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
+					&& $_SERVER["REMOTE_USER"] && defined('AUTO_LOGIN') && AUTO_LOGIN) {
+				    authenticate_user($link,$_SERVER['REMOTE_USER'],null);
+				    $_SESSION["ref_schema_version"] = get_schema_version($link, true);
+				} else {
+				    render_login_form($link, $mobile);
+				    //header("Location: login.php");
+				    exit;
+				}
 			} else {
 				/* bump login timestamp */
 				db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . 
diff --git a/sanity_check.php b/sanity_check.php
index 567be65ee..35d5c2a7f 100644
--- a/sanity_check.php
+++ b/sanity_check.php
@@ -1,7 +1,7 @@
 <?php
 	require_once "functions.php";
 
-	define('EXPECTED_CONFIG_VERSION', 20);
+	define('EXPECTED_CONFIG_VERSION', 21);
 	define('SCHEMA_VERSION', 78);
 
 	if (!file_exists("config.php")) {