*
* @return int|bool visitor_id or false
*/
-function remote_user()
+function remote_user($uid = 0)
{
// You cannot be both local and remote.
// Unncommented by rabuzarus because remote authentication to local
// return false;
// }
- if (empty($_SESSION)) {
+ if (empty($_SESSION['authenticated'])) {
return false;
}
- if (!empty($_SESSION['authenticated']) && !empty($_SESSION['visitor_id'])) {
+ if (!empty($uid) && !empty($_SESSION['remote'])) {
+ foreach ($_SESSION['remote'] as $visitor) {
+ if ($visitor['uid'] == $uid) {
+ return $visitor['cid'];
+ }
+ }
+ }
+
+ if (!empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']);
}
+
return false;
}
$url = defaults($_GET, 'url', '');
$quiet = !empty($_GET['quiet']) ? '&quiet=1' : '';
- $con_url = defaults($_GET, 'conurl', '');
if ($a->argc > 1 && intval($a->argv[1])) {
$cid = intval($a->argv[1]);
- } elseif (local_user() && !empty($con_url)) {
- $cid = Contact::getIdForURL($con_url, local_user());
} else {
$cid = 0;
}
+ // Try magic auth before the legacy stuff
+ redir_magic($a, $cid, $url);
+
if (!empty($cid)) {
$fields = ['id', 'uid', 'nurl', 'url', 'addr', 'name', 'network', 'poll', 'issued-id', 'dfrn-id', 'duplex', 'pending'];
$contact = DBA::selectFirst('contact', $fields, ['id' => $cid, 'uid' => [0, local_user()]]);
notice(L10n::t('Contact not found.'));
$a->internalRedirect();
}
+
+function redir_magic($a, $cid, $url)
+{
+ $visitor = Profile::getMyURL();
+ if (!empty($visitor)) {
+ Logger::info('Got my url', ['visitor' => $visitor]);
+ }
+
+ if (empty(visitor) && remote_user()) {
+ $contact = DBA::selectFirst('contact', ['url'], ['id' => remote_user()]);
+ if (!empty($contact['url'])) {
+ $visitor = $contact['url'];
+ Logger::info('Got remote user', ['visitor' => $visitor]);
+ }
+ }
+
+ if (empty(visitor) && local_user()) {
+ $contact = DBA::selectFirst('contact', ['url'], ['id' => local_user()]);
+ if (!empty($contact['url'])) {
+ $visitor = $contact['url'];
+ Logger::info('Got local user', ['visitor' => $visitor]);
+ }
+ }
+
+ $contact = DBA::selectFirst('contact', ['url'], ['id' => $cid]);
+ if (!DBA::isResult($contact)) {
+ Logger::info('Contact not found', ['id' => $cid]);
+ // Shouldn't happen under normal conditions
+ notice(L10n::t('Contact not found.'));
+ if (!empty($url)) {
+ $a->redirect($url);
+ } else {
+ $a->internalRedirect();
+ }
+ } else {
+ $contact_url = $contact['url'];
+ $target_url = defaults($url, $contact_url);
+ }
+
+ $basepath = Contact::getBasepath($contact_url);
+
+ // We don't use magic auth when there is no visitor, we are on the same system or we visit our own stuff
+ if (empty($visitor) || Strings::compareLink($basepath, System::baseUrl()) || Strings::compareLink($contact_url, $visitor)) {
+ Logger::info('Redirecting without magic', ['target' => $target_url, 'visitor' => $visitor, 'contact' => $contact_url]);
+ $a->redirect($target_url);
+ }
+
+ // Test for magic auth on the target system
+ $serverret = Network::curl($basepath . '/magic');
+ if ($serverret->isSuccess()) {
+ $separator = strpos($target_url, '?') ? '&' : '?';
+ $target_url .= $separator . 'zrl=' . urlencode($visitor);
+
+ Logger::info('Redirecting with magic', ['target' => $target_url, 'visitor' => $visitor, 'contact' => $contact_url]);
+ $a->redirect($target_url);
+ } else {
+ Logger::info('No magic for contact', ['contact' => $contact_url]);
+ }
+}
use Friendica\Core\Session\CacheSessionHandler;
use Friendica\Core\Session\DatabaseSessionHandler;
use Friendica\Database\DBA;
+use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
/**
* High-level Session service class
'addr' => defaults($_SERVER, 'REMOTE_ADDR', '0.0.0.0'),
]);
+ $remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND]]);
+ while ($contact = DBA::fetch($remote_contacts)) {
+ if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
+ continue;
+ }
+
+ $_SESSION['remote'][] = ['cid' => $contact['id'], 'uid' => $contact['uid'], 'url' => $_SESSION['my_url']];
+ }
+ DBA::close($remote_contacts);
+
$member_since = strtotime($user_record['register_date']);
self::set('new_member', time() < ($member_since + ( 60 * 60 * 24 * 14)));
projects / friendica.git / commitdiff