X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FSecurity%2FAuthentication.php;h=91963ee399d130748b2d48df7277761f0cfe0615;hb=cab469621d173015ade7846344f5051b600d640d;hp=a23d0c95579c29359a9615729a573467817e3e67;hpb=c9d829a679d716db7b63bdb81f9a1318bad51dc7;p=friendica.git

diff --git a/src/Security/Authentication.php b/src/Security/Authentication.php
index a23d0c9557..91963ee399 100644
--- a/src/Security/Authentication.php
+++ b/src/Security/Authentication.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -26,8 +26,7 @@ use Friendica\App;
 use Friendica\Core\Config\Capability\IManageConfigValues;
 use Friendica\Core\PConfig\Capability\IManagePersonalConfigValues;
 use Friendica\Core\Hook;
-use Friendica\Core\Session;
-use Friendica\Core\Session\Capability\IHandleSessions;
+use Friendica\Core\Session\Capability\IHandleUserSessions;
 use Friendica\Core\System;
 use Friendica\Database\Database;
 use Friendica\Database\DBA;
@@ -39,6 +38,8 @@ use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
 use LightOpenID;
 use Friendica\Core\L10n;
+use Friendica\Core\Worker;
+use Friendica\Model\Contact;
 use Psr\Log\LoggerInterface;
 
 /**
@@ -60,7 +61,7 @@ class Authentication
 	private $logger;
 	/** @var User\Cookie */
 	private $cookie;
-	/** @var IHandleSessions */
+	/** @var IHandleUserSessions */
 	private $session;
 	/** @var IManagePersonalConfigValues */
 	private $pConfig;
@@ -89,11 +90,11 @@ class Authentication
 	 * @param Database                    $dba
 	 * @param LoggerInterface             $logger
 	 * @param User\Cookie                 $cookie
-	 * @param IHandleSessions             $session
+	 * @param IHandleUserSessions         $session
 	 * @param IManagePersonalConfigValues $pConfig
 	 * @param App\Request                 $request
 	 */
-	public function __construct(IManageConfigValues $config, App\Mode $mode, App\BaseURL $baseUrl, L10n $l10n, Database $dba, LoggerInterface $logger, User\Cookie $cookie, IHandleSessions $session, IManagePersonalConfigValues $pConfig, App\Request $request)
+	public function __construct(IManageConfigValues $config, App\Mode $mode, App\BaseURL $baseUrl, L10n $l10n, Database $dba, LoggerInterface $logger, User\Cookie $cookie, IHandleUserSessions $session, IManagePersonalConfigValues $pConfig, App\Request $request)
 	{
 		$this->config        = $config;
 		$this->mode          = $mode;
@@ -223,36 +224,40 @@ class Authentication
 
 		// if it's an email address or doesn't resolve to a URL, fail.
 		if ($noid || strpos($openid_url, '@') || !Network::isUrlValid($openid_url)) {
-			notice($this->l10n->t('Login failed.'));
+			DI::sysmsg()->addNotice($this->l10n->t('Login failed.'));
 			$this->baseUrl->redirect();
 		}
 
 		// Otherwise it's probably an openid.
 		try {
-			$openid           = new LightOpenID($this->baseUrl->getHostname());
+			$openid           = new LightOpenID($this->baseUrl->getHost());
 			$openid->identity = $openid_url;
 			$this->session->set('openid', $openid_url);
 			$this->session->set('remember', $remember);
-			$openid->returnUrl = $this->baseUrl->get(true) . '/openid';
+			$openid->returnUrl = $this->baseUrl . '/openid';
 			$openid->optional  = ['namePerson/friendly', 'contact/email', 'namePerson', 'namePerson/first', 'media/image/aspect11', 'media/image/default'];
 			System::externalRedirect($openid->authUrl());
 		} catch (Exception $e) {
-			notice($this->l10n->t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . $this->l10n->t('The error message was:') . ' ' . $e->getMessage());
+			DI::sysmsg()->addNotice($this->l10n->t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . $this->l10n->t('The error message was:') . ' ' . $e->getMessage());
 		}
 	}
 
 	/**
 	 * Attempts to authenticate using login/password
 	 *
-	 * @param App    $a        The Friendica Application context
-	 * @param string $username User name
-	 * @param string $password Clear password
-	 * @param bool   $remember Whether to set the session remember flag
+	 * @param App    $a           The Friendica Application context
+	 * @param string $username
+	 * @param string $password    Clear password
+	 * @param bool   $remember    Whether to set the session remember flag
+	 * @param string $return_path The relative path to redirect the user to after authentication
 	 *
-	 * @throws HttpException\InternalServerErrorException In case of Friendica internal exceptions
-	 * @throws Exception A general Exception (like SQL Grammar exceptions)
+	 * @throws HTTPException\ForbiddenException
+	 * @throws HTTPException\FoundException
+	 * @throws HTTPException\InternalServerErrorException In case of Friendica internal exceptions
+	 * @throws HTTPException\MovedPermanentlyException
+	 * @throws HTTPException\TemporaryRedirectException
 	 */
-	public function withPassword(App $a, string $username, string $password, bool $remember)
+	public function withPassword(App $a, string $username, string $password, bool $remember, string $return_path = '')
 	{
 		$record = null;
 
@@ -264,7 +269,7 @@ class Authentication
 			);
 		} catch (Exception $e) {
 			$this->logger->warning('authenticate: failed login attempt', ['action' => 'login', 'username' => $username, 'ip' => $this->remoteAddress]);
-			notice($this->l10n->t('Login failed. Please check your credentials.'));
+			DI::sysmsg()->addNotice($this->l10n->t('Login failed. Please check your credentials.'));
 			$this->baseUrl->redirect();
 		}
 
@@ -287,10 +292,14 @@ class Authentication
 			$this->dba->update('user', ['openid' => $openid_identity, 'openidserver' => $openid_server], ['uid' => $record['uid']]);
 		}
 
-		$this->setForUser($a, $record, true, true);
+		/**
+		 * @see User::getPasswordRegExp()
+		 */
+		if (PASSWORD_DEFAULT === PASSWORD_BCRYPT && strlen($password) > 72) {
+			$return_path = '/security/password_too_long?' . http_build_query(['return_path' => $return_path]);
+		}
 
-		$return_path = $this->session->get('return_path', '');
-		$this->session->remove('return_path');
+		$this->setForUser($a, $record, true, true);
 
 		$this->baseUrl->redirect($return_path);
 	}
@@ -304,23 +313,31 @@ class Authentication
 	 * @param bool  $interactive
 	 * @param bool  $login_refresh
 	 *
+	 * @throws HTTPException\FoundException
+	 * @throws HTTPException\MovedPermanentlyException
+	 * @throws HTTPException\TemporaryRedirectException
+	 * @throws HTTPException\ForbiddenException
+
 	 * @throws HTTPException\InternalServerErrorException In case of Friendica specific exceptions
-	 * @throws Exception In case of general Exceptions (like SQL Grammar exceptions)
+	 *
 	 */
 	public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $login_refresh = false)
 	{
+		$my_url = $this->baseUrl . '/profile/' . $user_record['nickname'];
+
 		$this->session->setMultiple([
 			'uid'           => $user_record['uid'],
 			'theme'         => $user_record['theme'],
 			'mobile-theme'  => $this->pConfig->get($user_record['uid'], 'system', 'mobile_theme'),
 			'authenticated' => 1,
 			'page_flags'    => $user_record['page-flags'],
-			'my_url'        => $this->baseUrl->get() . '/profile/' . $user_record['nickname'],
-			'my_address'    => $user_record['nickname'] . '@' . substr($this->baseUrl->get(), strpos($this->baseUrl->get(), '://') + 3),
+			'my_url'        => $my_url,
+			'my_address'    => $user_record['nickname'] . '@' . substr($this->baseUrl, strpos($this->baseUrl, '://') + 3),
 			'addr'          => $this->remoteAddress,
+			'nickname'      => $user_record['nickname'],
 		]);
 
-		Session::setVisitorsContacts();
+		$this->session->setVisitorsContacts($my_url);
 
 		$member_since = strtotime($user_record['register_date']);
 		$this->session->set('new_member', time() < ($member_since + (60 * 60 * 24 * 14)));
@@ -338,11 +355,16 @@ class Authentication
 		$this->setXAccMgmtStatusHeader($user_record);
 
 		if ($login_initial || $login_refresh) {
-			$this->dba->update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $user_record['uid']]);
+			$this->dba->update('user', ['last-activity' => DateTimeFormat::utcNow('Y-m-d'), 'login_date' => DateTimeFormat::utcNow()], ['uid' => $user_record['uid']]);
 
 			// Set the login date for all identities of the user
-			$this->dba->update('user', ['login_date' => DateTimeFormat::utcNow()],
+			$this->dba->update('user', ['last-activity' => DateTimeFormat::utcNow('Y-m-d'), 'login_date' => DateTimeFormat::utcNow()],
 				['parent-uid' => $user_record['uid'], 'account_removed' => false]);
+
+			// Regularly update suggestions
+			if (Contact\Relation::areSuggestionsOutdated($user_record['uid'])) {
+				Worker::add(Worker::PRIORITY_MEDIUM, 'UpdateSuggestions', $user_record['uid']);
+			}
 		}
 
 		if ($login_initial) {
@@ -366,21 +388,14 @@ class Authentication
 
 		if ($interactive) {
 			if ($user_record['login_date'] <= DBA::NULL_DATETIME) {
-				info($this->l10n->t('Welcome %s', $user_record['username']));
-				info($this->l10n->t('Please upload a profile photo.'));
+				DI::sysmsg()->addInfo($this->l10n->t('Welcome %s', $user_record['username']));
+				DI::sysmsg()->addInfo($this->l10n->t('Please upload a profile photo.'));
 				$this->baseUrl->redirect('settings/profile/photo/new');
 			}
 		}
 
-		$a->setLoggedInUserId($user_record['uid']);
-		$a->setLoggedInUserNickname($user_record['nickname']);
-
 		if ($login_initial) {
 			Hook::callAll('logged_in', $user_record);
-
-			if (DI::args()->getModuleName() !== 'home' && $this->session->exists('return_path')) {
-				$this->baseUrl->redirect($this->session->get('return_path'));
-			}
 		}
 	}