I was wondering if anyone could point me in the right direction. I am wanting to create a login system that pulls the users already created on the server.(Using Ubuntu 16.04). I believe an example system would be like squirrelmail. Thank you!
1
-
Sorry, we can't really help with this. We don't do software recommendations here. If you give a few more details, this may be a better question for the softwarerecs site– KaruCommented Apr 16, 2021 at 5:53
Add a comment
|
1 Answer
There are many ways of doing this, none universal - so I'll speak in general terms in the most common scenario(s).
Linux typically keeps the passwords in an encrypted form in /etc/shadow This file - generally only readable as root has the username as the first parameter and the password as a second one. You may be able to import the usernames and encrypted passwords and then use a mechanism to verify the decrypted passwords. You may be able to use the PHP call "password_verify" after you have imported acquired the hashed password.
If Squirelmail is allowing you access to the server, it is likely using IMAP or POP3. You could potentially (albeit with a speed penalty) use a POP3 or IMAP library to check if the user can log in and then key off that. Have a look at https://www.php.net/manual/en/function.imap-open.php
Another possibility would be to use PAM - this is a common abstraction Interface between versions of Linux and authentication. I found an (unmaintained) PAM PHP module which should allow you to authenticate using PHP - although of-course you need to ensure PAM is enabled and put up with unmaintained code - have a look at http://svn.php.net/viewvc/pecl/pam/trunk/README?view=markup
