]> git.mxchange.org Git - friendica.git/commitdiff
Move include/auth to Login::sessionAuth
authorHypolite Petovan <mrpetovan@gmail.com>
Sun, 17 Dec 2017 16:42:46 +0000 (11:42 -0500)
committerHypolite Petovan <mrpetovan@gmail.com>
Sat, 30 Dec 2017 02:55:13 +0000 (21:55 -0500)
- Remove include/auth

include/auth.php [deleted file]
index.php
mod/dfrn_poll.php

diff --git a/include/auth.php b/include/auth.php
deleted file mode 100644 (file)
index 7f1b101..0000000
+++ /dev/null
@@ -1,200 +0,0 @@
-<?php
-
-use Friendica\App;
-use Friendica\Core\System;
-use Friendica\Core\Config;
-use Friendica\Database\DBM;
-use Friendica\Model\User;
-
-require_once 'include/security.php';
-require_once 'include/datetime.php';
-
-// When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.
-if (isset($_COOKIE["Friendica"])) {
-       $data = json_decode($_COOKIE["Friendica"]);
-       if (isset($data->uid)) {
-
-               $user = dba::select('user',
-                       [],
-                       [
-                               'uid'             => $data->uid,
-                               'blocked'         => false,
-                               'account_expired' => false,
-                               'account_removed' => false,
-                               'verified'        => true,
-                       ],
-                       ['limit' => 1]
-               );
-
-               if (DBM::is_result($user)) {
-                       if ($data->hash != cookie_hash($user)) {
-                               logger("Hash for user " . $data->uid . " doesn't fit.");
-                               nuke_session();
-                               goaway(System::baseUrl());
-                       }
-
-                       // Renew the cookie
-                       // Expires after 7 days by default,
-                       // can be set via system.auth_cookie_lifetime
-                       $authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
-                       new_cookie($authcookiedays * 24 * 60 * 60, $user);
-
-                       // Do the authentification if not done by now
-                       if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-                               authenticate_success($user);
-
-                               if (Config::get('system', 'paranoia')) {
-                                       $_SESSION['addr'] = $data->ip;
-                               }
-                       }
-               }
-       }
-}
-
-
-// login/logout
-
-if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-params') || ($_POST['auth-params'] !== 'login'))) {
-       if ((x($_POST, 'auth-params') && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
-               // process logout request
-               call_hooks("logging_out");
-               nuke_session();
-               info(t('Logged out.') . EOL);
-               goaway(System::baseUrl());
-       }
-
-       if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
-               $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
-                       intval($_SESSION['visitor_id'])
-               );
-               if (DBM::is_result($r)) {
-                       $a->contact = $r[0];
-               }
-       }
-
-       if (x($_SESSION, 'uid')) {
-               // already logged in user returning
-               $check = Config::get('system', 'paranoia');
-               // extra paranoia - if the IP changed, log them out
-               if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
-                       logger('Session address changed. Paranoid setting in effect, blocking session. ' .
-                               $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
-                       nuke_session();
-                       goaway(System::baseUrl());
-               }
-
-               $user = dba::select('user',
-                       [],
-                       [
-                               'uid'             => $_SESSION['uid'],
-                               'blocked'         => false,
-                               'account_expired' => false,
-                               'account_removed' => false,
-                               'verified'        => true,
-                       ],
-                       ['limit' => 1]
-               );
-               if (!DBM::is_result($user)) {
-                       nuke_session();
-                       goaway(System::baseUrl());
-               }
-
-               // Make sure to refresh the last login time for the user if the user
-               // stays logged in for a long time, e.g. with "Remember Me"
-               $login_refresh = false;
-               if (!x($_SESSION['last_login_date'])) {
-                       $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
-               }
-               if (strcmp(datetime_convert('UTC', 'UTC', 'now - 12 hours'), $_SESSION['last_login_date']) > 0) {
-                       $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
-                       $login_refresh = true;
-               }
-               authenticate_success($user, false, false, $login_refresh);
-       }
-} else {
-       session_unset();
-       if (
-               !(x($_POST, 'password') && strlen($_POST['password']))
-               && (
-                       x($_POST, 'openid_url') && strlen($_POST['openid_url'])
-                       || x($_POST, 'username') && strlen($_POST['username'])
-               )
-       ) {
-               $noid = Config::get('system', 'no_openid');
-
-               $openid_url = trim(strlen($_POST['openid_url']) ? $_POST['openid_url'] : $_POST['username']);
-
-               // validate_url alters the calling parameter
-
-               $temp_string = $openid_url;
-
-               // if it's an email address or doesn't resolve to a URL, fail.
-
-               if ($noid || strpos($temp_string, '@') || !validate_url($temp_string)) {
-                       $a = get_app();
-                       notice(t('Login failed.') . EOL);
-                       goaway(System::baseUrl());
-                       // NOTREACHED
-               }
-
-               // Otherwise it's probably an openid.
-
-               try {
-                       require_once('library/openid.php');
-                       $openid = new LightOpenID;
-                       $openid->identity = $openid_url;
-                       $_SESSION['openid'] = $openid_url;
-                       $_SESSION['remember'] = $_POST['remember'];
-                       $openid->returnUrl = System::baseUrl(true) . '/openid';
-                       goaway($openid->authUrl());
-               } catch (Exception $e) {
-                       notice(t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . t('The error message was:') . ' ' . $e->getMessage());
-               }
-               // NOTREACHED
-       }
-
-       if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
-               $record = null;
-
-               $addon_auth = array(
-                       'username' => trim($_POST['username']),
-                       'password' => trim($_POST['password']),
-                       'authenticated' => 0,
-                       'user_record' => null
-               );
-
-               /**
-                *
-                * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record
-                * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
-                * and later plugins should not interfere with an earlier one that succeeded.
-                *
-                */
-               call_hooks('authenticate', $addon_auth);
-
-               if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
-                       $record = $addon_auth['user_record'];
-               } else {
-                       $user_id = User::authenticate(trim($_POST['username']), trim($_POST['password']));
-                       if ($user_id) {
-                               $record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]);
-                       }
-               }
-
-               if (!$record || !count($record)) {
-                       logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
-                       notice(t('Login failed.') . EOL);
-                       goaway(System::baseUrl());
-               }
-
-               if (!$_POST['remember']) {
-                       new_cookie(0); // 0 means delete on browser exit
-               }
-
-               // if we haven't failed up this point, log them in.
-               $_SESSION['remember'] = $_POST['remember'];
-               $_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
-               authenticate_success($record, true, true);
-       }
-}
-
index 9cbbad605aefe62d85753b59d32e9991fae272f2..2f58321ae82621d697b101692ec524116e9c760a 100644 (file)
--- a/index.php
+++ b/index.php
@@ -14,6 +14,7 @@ use Friendica\Core\System;
 use Friendica\Core\Config;
 use Friendica\Core\Worker;
 use Friendica\Database\DBM;
+use Friendica\Module\Login;
 
 require_once 'boot.php';
 
@@ -148,9 +149,7 @@ if ((x($_GET, 'zrl')) && (!$install && !$maintenance)) {
 
 // header('Link: <' . System::baseUrl() . '/amcd>; rel="acct-mgmt";');
 
-if (x($_COOKIE["Friendica"]) || (x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || ($a->module === 'login')) {
-       require "include/auth.php";
-}
+Login::sessionAuth();
 
 if (! x($_SESSION, 'authenticated')) {
        header('X-Account-Management-Status: none');
index 1e07242875086506355f90822dd338d5122f4fd1..d27c7d6214796ca3d689ab8d4fce246faf7e5462 100644 (file)
@@ -6,13 +6,15 @@ use Friendica\App;
 use Friendica\Core\Config;
 use Friendica\Core\System;
 use Friendica\Database\DBM;
+use Friendica\Module\Login;
 use Friendica\Protocol\DFRN;
 use Friendica\Protocol\OStatus;
 
 require_once 'include/items.php';
-require_once 'include/auth.php';
 
 function dfrn_poll_init(App $a) {
+       Login::sessionAuth();
+
        $dfrn_id         = ((x($_GET,'dfrn_id'))         ? $_GET['dfrn_id']              : '');
        $type            = ((x($_GET,'type'))            ? $_GET['type']                 : 'data');
        $last_update     = ((x($_GET,'last_update'))     ? $_GET['last_update']          : '');