<?php
-
/**
- * @file /src/Core/Authentication.php
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
namespace Friendica\App;
use Exception;
use Friendica\App;
-use Friendica\Core\Config\Configuration;
+use Friendica\Core\Config\IConfig;
+use Friendica\Core\PConfig\IPConfig;
use Friendica\Core\Hook;
-use Friendica\Core\PConfig;
use Friendica\Core\Session;
use Friendica\Core\System;
use Friendica\Database\Database;
use Friendica\Database\DBA;
+use Friendica\DI;
use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use LightOpenID;
-use Friendica\Core\L10n\L10n;
+use Friendica\Core\L10n;
use Psr\Log\LoggerInterface;
/**
*/
class Authentication
{
- /** @var Configuration */
+ /** @var IConfig */
private $config;
+ /** @var App\Mode */
+ private $mode;
/** @var App\BaseURL */
private $baseUrl;
/** @var L10n */
private $cookie;
/** @var Session\ISession */
private $session;
+ /** @var IPConfig */
+ private $pConfig;
/**
* Authentication constructor.
*
- * @param Configuration $config
- * @param App\BaseURL $baseUrl
- * @param L10n $l10n
- * @param Database $dba
- * @param LoggerInterface $logger
- * @param User\Cookie $cookie
+ * @param IConfig $config
+ * @param App\Mode $mode
+ * @param App\BaseURL $baseUrl
+ * @param L10n $l10n
+ * @param Database $dba
+ * @param LoggerInterface $logger
+ * @param User\Cookie $cookie
* @param Session\ISession $session
+ * @param IPConfig $pConfig
*/
- public function __construct(Configuration $config, App\BaseURL $baseUrl, L10n $l10n, Database $dba, LoggerInterface $logger, User\Cookie $cookie, Session\ISession $session)
+ public function __construct(IConfig $config, App\Mode $mode, App\BaseURL $baseUrl, L10n $l10n, Database $dba, LoggerInterface $logger, User\Cookie $cookie, Session\ISession $session, IPConfig $pConfig)
{
$this->config = $config;
+ $this->mode = $mode;
$this->baseUrl = $baseUrl;
$this->l10n = $l10n;
$this->dba = $dba;
$this->logger = $logger;
- $this->cookie = $cookie;
+ $this->cookie = $cookie;
$this->session = $session;
+ $this->pConfig = $pConfig;
}
/**
- * @brief Tries to auth the user from the cookie or session
+ * Tries to auth the user from the cookie or session
*
* @param App $a The Friendica Application context
*
$user['password'] ?? '',
$user['prvkey'] ?? '')) {
$this->logger->notice("Hash doesn't fit.", ['user' => $data->uid]);
- $this->session->delete();
+ $this->session->clear();
+ $this->cookie->clear();
$this->baseUrl->redirect();
}
'addr' => $this->session->get('addr'),
'remote_addr' => $_SERVER['REMOTE_ADDR']]
);
- $this->session->delete();
+ $this->session->clear();
$this->baseUrl->redirect();
}
]
);
if (!$this->dba->isResult($user)) {
- $this->session->delete();
+ $this->session->clear();
$this->baseUrl->redirect();
}
// if it's an email address or doesn't resolve to a URL, fail.
if ($noid || strpos($openid_url, '@') || !Network::isUrlValid($openid_url)) {
- notice($this->l10n->t('Login failed.') . EOL);
+ notice($this->l10n->t('Login failed.'));
$this->baseUrl->redirect();
}
}
} catch (Exception $e) {
$this->logger->warning('authenticate: failed login attempt', ['action' => 'login', 'username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]);
- info($this->l10n->t('Login failed. Please check your credentials.' . EOL));
+ notice($this->l10n->t('Login failed. Please check your credentials.'));
$this->baseUrl->redirect();
}
}
/**
- * @brief Sets the provided user's authenticated session
+ * Sets the provided user's authenticated session
*
* @param App $a The Friendica application context
* @param array $user_record The current "user" record
$this->session->setMultiple([
'uid' => $user_record['uid'],
'theme' => $user_record['theme'],
- 'mobile-theme' => PConfig::get($user_record['uid'], 'system', 'mobile_theme'),
+ 'mobile-theme' => $this->pConfig->get($user_record['uid'], 'system', 'mobile_theme'),
'authenticated' => 1,
'page_flags' => $user_record['page-flags'],
'my_url' => $this->baseUrl->get() . '/profile/' . $user_record['nickname'],
* The week ensures that sessions will expire after some inactivity.
*/;
if ($this->session->get('remember')) {
- $a->getLogger()->info('Injecting cookie for remembered user ' . $user_record['nickname']);
+ $this->logger->info('Injecting cookie for remembered user ' . $user_record['nickname']);
$this->cookie->set($user_record['uid'], $user_record['password'], $user_record['prvkey']);
$this->session->remove('remember');
}
if ($user_record['login_date'] <= DBA::NULL_DATETIME) {
info($this->l10n->t('Welcome %s', $user_record['username']));
info($this->l10n->t('Please upload a profile photo.'));
- $this->baseUrl->redirect('profile_photo/new');
- } else {
- info($this->l10n->t("Welcome back %s", $user_record['username']));
+ $this->baseUrl->redirect('settings/profile/photo/new');
}
}
if ($login_initial) {
Hook::callAll('logged_in', $a->user);
- if ($a->module !== 'home' && $this->session->exists('return_path')) {
+ if (DI::module()->getName() !== 'home' && $this->session->exists('return_path')) {
$this->baseUrl->redirect($this->session->get('return_path'));
}
}
private function twoFactorCheck(int $uid, App $a)
{
// Check user setting, if 2FA disabled return
- if (!PConfig::get($uid, '2fa', 'verified')) {
+ if (!$this->pConfig->get($uid, '2fa', 'verified')) {
return;
}
}
// Case 2: No valid 2FA session: redirect to code verification page
- if ($a->isAjax()) {
+ if ($this->mode->isAjax()) {
throw new HTTPException\ForbiddenException();
} else {
- $a->internalRedirect('2fa');
+ $this->baseUrl->redirect('2fa');
}
}
}