1
1
Fork 0

New function "isAuthenticated"

This commit is contained in:
Michael 2019-09-28 18:09:11 +00:00
parent 89f02a1125
commit 83b00ef308
26 changed files with 64 additions and 48 deletions

View file

@ -365,7 +365,7 @@ function localize_item(&$item)
'network' => $item['author-network'], 'url' => $item['author-link']];
// Only create a redirection to a magic link when logged in
if (!empty($item['plink']) && (local_user() || remote_user())) {
if (!empty($item['plink']) && Session::isAuthenticated()) {
$item['plink'] = Contact::magicLinkByContact($author, $item['plink']);
}
}

View file

@ -327,7 +327,7 @@ function drop_items(array $items)
{
$uid = 0;
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return;
}

View file

@ -27,7 +27,7 @@ use Friendica\Util\Temporal;
function cal_init(App $a)
{
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.'));
}

View file

@ -29,7 +29,7 @@ function community_content(App $a, $update = 0)
{
$o = '';
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL);
return;
}

View file

@ -9,6 +9,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Database\DBA;
use Friendica\Module\Login;
use Friendica\Protocol\DFRN;
@ -49,7 +50,7 @@ function dfrn_poll_init(App $a)
$hidewall = false;
if (($dfrn_id === '') && empty($_POST['dfrn_id'])) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\ForbiddenException();
}

View file

@ -19,6 +19,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Group;
@ -592,7 +593,7 @@ function dfrn_request_content(App $a)
exit();
} else {
// Normal web request. Display our user's introduction form.
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
if (!Config::get('system', 'local_block')) {
notice(L10n::t('Public access denied.') . EOL);
return;

View file

@ -32,7 +32,7 @@ function display_init(App $a)
Objects::rawContent();
}
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return;
}
@ -196,7 +196,7 @@ function display_fetchauthor($a, $item)
function display_content(App $a, $update = false, $update_uid = 0)
{
if (Config::get('system','block_public') && !local_user() && !remote_user()) {
if (Config::get('system','block_public') && !Session::isAuthenticated()) {
throw new HTTPException\ForbiddenException(L10n::t('Public access denied.'));
}

View file

@ -6,13 +6,14 @@ use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
use Friendica\Model\User;
function hcard_init(App $a)
{
$blocked = Config::get('system', 'block_public') && !local_user() && !remote_user();
$blocked = Config::get('system', 'block_public') && !Session::isAuthenticated();
if ($a->argc > 1) {
$which = $a->argv[1];

View file

@ -25,6 +25,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Attach;
@ -45,7 +46,7 @@ use Friendica\Worker\Delivery;
require_once 'include/items.php';
function item_post(App $a) {
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return 0;
}
@ -860,7 +861,7 @@ function item_post_return($baseurl, $api_source, $return_path)
function item_content(App $a)
{
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return;
}

View file

@ -36,7 +36,7 @@ use Friendica\Util\XML;
function photos_init(App $a) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return;
}
@ -70,7 +70,7 @@ function photos_init(App $a) {
$albums = Photo::getAlbums($a->data['user']['uid']);
$albums_visible = ((intval($a->data['user']['hidewall']) && !local_user() && !remote_user()) ? false : true);
$albums_visible = ((intval($a->data['user']['hidewall']) && !Session::isAuthenticated()) ? false : true);
// add various encodings to the array so we can just loop through and pick them out in a template
$ret = ['success' => false];
@ -829,7 +829,7 @@ function photos_content(App $a)
// photos/name/image/xxxxx/edit
// photos/name/image/xxxxx/drop
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL);
return;
}

View file

@ -35,7 +35,7 @@ function redir_init(App $a) {
$contact_url = $contact['url'];
if ((!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
if (!Session::isAuthenticated() // Visitors (not logged in or not remotes) can't authenticate.
|| (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated.
{
$a->redirect(defaults($url, $contact_url));
@ -74,17 +74,8 @@ function redir_init(App $a) {
}
}
// When the remote page does support OWA, then we enforce the use of it
$basepath = Contact::getBasepath($contact_url);
if (Strings::compareLink($basepath, System::baseUrl())) {
$use_magic = true;
} else {
$serverret = Network::curl($basepath . '/magic');
$use_magic = $serverret->isSuccess();
}
// Doing remote auth with dfrn.
if (local_user() && !$use_magic && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
if (local_user() && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
$dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']);
if ($contact['duplex'] && $contact['issued-id']) {

View file

@ -11,6 +11,7 @@ use Friendica\Core\Cache;
use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\Session;
use Friendica\Core\Renderer;
use Friendica\Database\DBA;
use Friendica\Model\Item;
@ -83,18 +84,18 @@ function search_init(App $a) {
}
function search_content(App $a) {
if (Config::get('system','block_public') && !local_user() && !remote_user()) {
if (Config::get('system','block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL);
return;
}
if (Config::get('system','local_search') && !local_user() && !remote_user()) {
if (Config::get('system','local_search') && !Session::isAuthenticated()) {
$e = new \Friendica\Network\HTTPException\ForbiddenException(L10n::t("Only logged in users are permitted to perform a search."));
$e->httpdesc = L10n::t("Public access denied.");
throw $e;
}
if (Config::get('system','permit_crawling') && !local_user() && !remote_user()) {
if (Config::get('system','permit_crawling') && !Session::isAuthenticated()) {
// Default values:
// 10 requests are "free", after the 11th only a call per minute is allowed

View file

@ -15,7 +15,7 @@ use Friendica\Util\XML;
function subthread_content(App $a) {
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return;
}

View file

@ -7,6 +7,7 @@ use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Item;
@ -16,7 +17,7 @@ use Friendica\Worker\Delivery;
function tagger_content(App $a) {
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return;
}

View file

@ -23,7 +23,7 @@ use Friendica\Util\Security;
function videos_init(App $a)
{
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return;
}
@ -111,7 +111,7 @@ function videos_content(App $a)
// videos/name/video/xxxxx/edit
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL);
return;
}

View file

@ -149,7 +149,7 @@ class Nav
$nav['usermenu'] = [];
$userinfo = null;
if (local_user() || remote_user()) {
if (Session::isAuthenticated()) {
$nav['logout'] = ['logout', L10n::t('Logout'), '', L10n::t('End this session')];
} else {
$nav['login'] = ['login', L10n::t('Login'), ($a->module == 'login' ? 'selected' : ''), L10n::t('Sign in')];
@ -182,7 +182,7 @@ class Nav
$nav['home'] = [$homelink, L10n::t('Home'), '', L10n::t('Home Page')];
}
if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::OPEN && !local_user() && !remote_user()) {
if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::OPEN && !Session::isAuthenticated()) {
$nav['register'] = ['register', L10n::t('Register'), '', L10n::t('Create an account')];
}

View file

@ -11,6 +11,7 @@ use Friendica\Content\Feature;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
use Friendica\Core\Session;
use Friendica\Util\Network;
/**
@ -333,7 +334,7 @@ class ACL extends BaseObject
*/
public static function contactAutocomplete($search, $mode, int $page = 1)
{
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return [];
}

View file

@ -255,4 +255,18 @@ class Session
}
DBA::close($remote_contacts);
}
/**
* Returns if the current visitor is authenticated
*
* @return boolean "true" when visitor is either a local or remote user
*/
public static function isAuthenticated()
{
if (empty($_SESSION['authenticated'])) {
return false;
}
return $_SESSION['authenticated'];
}
}

View file

@ -13,6 +13,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Network\Probe;
@ -2679,7 +2680,7 @@ class Contact extends BaseObject
*/
public static function magicLink($contact_url, $url = '')
{
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
}
@ -2725,7 +2726,7 @@ class Contact extends BaseObject
{
$destination = $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url'];
if ((!local_user() && !remote_user()) || ($contact['network'] != Protocol::DFRN)) {
if (!Session::isAuthenticated() || ($contact['network'] != Protocol::DFRN)) {
return $destination;
}

View file

@ -3029,7 +3029,7 @@ class Item extends BaseObject
*/
public static function performLike($item_id, $verb)
{
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return false;
}
@ -3428,7 +3428,7 @@ class Item extends BaseObject
}
// Update the cached values if there is no "zrl=..." on the links.
$update = (!local_user() && !remote_user() && ($item["uid"] == 0));
$update = (!Session::isAuthenticated() && ($item["uid"] == 0));
// Or update it if the current viewer is the intented viewer.
if (($item["uid"] == local_user()) && ($item["uid"] != 0)) {

View file

@ -215,7 +215,7 @@ class Profile
);
}
$block = ((Config::get('system', 'block_public') && !local_user() && !remote_user()) ? true : false);
$block = ((Config::get('system', 'block_public') && !Session::isAuthenticated()) ? true : false);
/**
* @todo
@ -448,7 +448,7 @@ class Profile
$about = !empty($profile['about']) ? L10n::t('About:') : false;
$xmpp = !empty($profile['xmpp']) ? L10n::t('XMPP:') : false;
if ((!empty($profile['hidewall']) || $block) && !local_user() && !remote_user()) {
if ((!empty($profile['hidewall']) || $block) && !Session::isAuthenticated()) {
$location = $gender = $marital = $homepage = $about = false;
}

View file

@ -8,6 +8,7 @@ use Friendica\Content\Pager;
use Friendica\Content\Widget;
use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Session;
use Friendica\Core\Renderer;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
@ -25,8 +26,8 @@ class Directory extends BaseModule
$app = self::getApp();
$config = $app->getConfig();
if (($config->get('system', 'block_public') && !local_user() && !remote_user()) ||
($config->get('system', 'block_local_dir') && !local_user() && !remote_user())) {
if (($config->get('system', 'block_public') && !Session::isAuthenticated()) ||
($config->get('system', 'block_local_dir') && !Session::isAuthenticated())) {
throw new HTTPException\ForbiddenException(L10n::t('Public access denied.'));
}

View file

@ -4,6 +4,7 @@ namespace Friendica\Module;
use Friendica\BaseModule;
use Friendica\Model\Item;
use Friendica\Core\Session;
use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
@ -14,7 +15,7 @@ class Like extends BaseModule
{
public static function rawContent()
{
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
throw new HTTPException\ForbiddenException();
}

View file

@ -10,6 +10,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
@ -19,7 +20,7 @@ class Contacts extends BaseModule
{
public static function content()
{
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\NotFoundException(L10n::t('User not found.'));
}

View file

@ -219,7 +219,7 @@ class Post extends BaseObject
$author = ['uid' => 0, 'id' => $item['author-id'],
'network' => $item['author-network'], 'url' => $item['author-link']];
if (local_user() || remote_user()) {
if (Session::isAuthenticated()) {
$profile_link = Contact::magicLinkByContact($author);
} else {
$profile_link = $item['author-link'];

View file

@ -21,7 +21,7 @@ class Security extends BaseObject
{
static $verified = 0;
if (!local_user() && !remote_user()) {
if (!Session::isAuthenticated()) {
return false;
}