|
|
|
|
@ -125,6 +125,7 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|
|
|
|
$openid = new LightOpenID; |
|
|
|
|
$openid->identity = $openid_url; |
|
|
|
|
$_SESSION['openid'] = $openid_url; |
|
|
|
|
$_SESSION['remember'] = $_POST['remember']; |
|
|
|
|
$openid->returnUrl = App::get_baseurl(true).'/openid'; |
|
|
|
|
goaway($openid->authUrl()); |
|
|
|
|
} catch (Exception $e) { |
|
|
|
|
@ -178,17 +179,12 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|
|
|
|
goaway(z_root()); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// If the user specified to remember the authentication, then set a cookie |
|
|
|
|
// that expires after one week (the default is when the browser is closed). |
|
|
|
|
// The cookie will be renewed automatically. |
|
|
|
|
// The week ensures that sessions will expire after some inactivity. |
|
|
|
|
if ($_POST['remember']) |
|
|
|
|
new_cookie(604800, $r[0]); |
|
|
|
|
else |
|
|
|
|
if (! $_POST['remember']) { |
|
|
|
|
new_cookie(0); // 0 means delete on browser exit |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// if we haven't failed up this point, log them in. |
|
|
|
|
|
|
|
|
|
$_SESSION['remember'] = $_POST['remember']; |
|
|
|
|
$_SESSION['last_login_date'] = datetime_convert('UTC','UTC'); |
|
|
|
|
authenticate_success($record, true, true); |
|
|
|
|
} |
|
|
|
|
@ -203,39 +199,3 @@ function nuke_session() {
|
|
|
|
|
session_unset(); |
|
|
|
|
session_destroy(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @brief Calculate the hash that is needed for the "Friendica" cookie |
|
|
|
|
* |
|
|
|
|
* @param array $user Record from "user" table |
|
|
|
|
* |
|
|
|
|
* @return string Hashed data |
|
|
|
|
*/ |
|
|
|
|
function cookie_hash($user) { |
|
|
|
|
return(hash("sha256", get_config("system", "site_prvkey"). |
|
|
|
|
$user["uprvkey"]. |
|
|
|
|
$user["password"])); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @brief Set the "Friendica" cookie |
|
|
|
|
* |
|
|
|
|
* @param int $time |
|
|
|
|
* @param array $user Record from "user" table |
|
|
|
|
*/ |
|
|
|
|
function new_cookie($time, $user = array()) { |
|
|
|
|
|
|
|
|
|
if ($time != 0) |
|
|
|
|
$time = $time + time(); |
|
|
|
|
|
|
|
|
|
if ($user) |
|
|
|
|
$value = json_encode(array("uid" => $user["uid"], |
|
|
|
|
"hash" => cookie_hash($user), |
|
|
|
|
"ip" => $_SERVER['REMOTE_ADDR'])); |
|
|
|
|
else |
|
|
|
|
$value = ""; |
|
|
|
|
|
|
|
|
|
setcookie("Friendica", $value, $time, "/", "", |
|
|
|
|
(get_config('system', 'ssl_policy') == SSL_POLICY_FULL), true); |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
Michael Vogel
5 years ago
committed by
GitHub