From 9d624bf772a5dfdab04500b941744d39689bb3d8 Mon Sep 17 00:00:00 2001
From: Jimmy Monin <jimmy@monin.net>
Date: Wed, 7 Sep 2016 07:23:00 +0200
Subject: [PATCH] Use SSO in private AND public mode. In public mode, the user
 will be authenticated if logged in Yunohost portal. Depending of piwigo
 configuration, the user could otherwise log in as a guest, or via a specific
 piwigo-only account.

---
 conf/config.inc.php |  6 ++++--
 conf/nginx.conf     |  2 +-
 scripts/install     | 13 +++++++------
 3 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/conf/config.inc.php b/conf/config.inc.php
index eb92335..d055025 100644
--- a/conf/config.inc.php
+++ b/conf/config.inc.php
@@ -1,8 +1,10 @@
 <?php
 
-/* Dans cette fenêtre, écrivez les informations pour configurer votre galerie Piwigo. */
-
+// Use HTTP authentication
 $conf['apache_authentication'] = true;
 
+// Use external authentication
+$conf['external_authentification'] = true;
+
 
 ?>
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 85666e9..ec5613d 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -8,7 +8,7 @@ location PATHTOCHANGE {
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
-           fastcgi_param REMOTE_USER $remote_user;
+           fastcgi_param REMOTE_USER $remote_user if_not_empty;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param SCRIPT_FILENAME $request_filename;
        }
diff --git a/scripts/install b/scripts/install
index 09cce6c..c8b86c2 100644
--- a/scripts/install
+++ b/scripts/install
@@ -69,7 +69,7 @@ sudo chmod 755 -R $final_path/galleries
 # Reload Nginx and regenerate SSOwat conf
 
 sudo service nginx reload
-sudo yunohost app setting piwigo skipped_uris -v "/"
+sudo yunohost app setting piwigo unprotected_uris -v "/"
 sudo yunohost app ssowatconf
 
 # Generate random password for admin
@@ -79,7 +79,10 @@ adm_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9'
 #configure piwigo via curl
 echo "127.0.0.1 $domain #yunopiwigo" | sudo tee -a /etc/hosts
 sleep 2
-curl -kL -X POST https://$domain$path/install.php?language=fr_FR --data "install=true&dbuser=$db_user&dbpasswd=$db_pwd&dbname=$db_user&admin_name=$user&admin_pass1=$adm_pwd&admin_pass2=$adm_pwd&admin_mail=webmaster@$domain" > /home/admin/test
+curl -kL -X POST https://$domain$path/install.php?language=fr_FR --data "install=true&dbuser=$db_user&dbpasswd=$db_pwd&dbname=$db_user&admin_name=$user&admin_pass1=$adm_pwd&admin_pass2=$adm_pwd&admin_mail=webmaster@$domain" > /home/yunohost.app/piwigo/piwigo-install.log
+
+#Change local config
+sudo cp ../conf/config.inc.php $final_path/local/config/
 
 #change variable in local/config/database.inc.php
 
@@ -94,12 +97,10 @@ sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php
 mysql -u $db_user -p$db_pwd $db_user -e "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
 
 #protect URIs
-
 if [ $is_public = "No" ];
 then
-	sudo cp ../conf/config.inc.php $final_path/local/config/
-        sudo yunohost app setting piwigo protected_uris -v "/"
-        sudo yunohost app ssowatconf
+  sudo yunohost app setting piwigo protected_uris -v "/"
+  sudo yunohost app ssowatconf
 fi
 
 # Remove temporary entry in /etc/hosts