Browse Source

Replace duplicated authentication code in FKOAuth1 with Session::setAuthenticatedForUser

pull/7710/head
Hypolite Petovan 1 week ago
parent
commit
cb4950a3be
2 changed files with 7 additions and 33 deletions
  1. 2
    3
      include/api.php
  2. 5
    30
      src/Network/FKOAuth1.php

+ 2
- 3
include/api.php View File

@@ -162,6 +162,7 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
162 162
  * @brief Login API user
163 163
  *
164 164
  * @param App $a App
165
+ * @throws ForbiddenException
165 166
  * @throws InternalServerErrorException
166 167
  * @throws UnauthorizedException
167 168
  * @hook  'authenticate'
@@ -170,8 +171,6 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
170 171
  *               'password' => password from login form
171 172
  *               'authenticated' => return status,
172 173
  *               'user_record' => return authenticated user record
173
- * @hook  'logged_in'
174
- *               array $user    logged user record
175 174
  */
176 175
 function api_login(App $a)
177 176
 {
@@ -182,7 +181,7 @@ function api_login(App $a)
182 181
 		list($consumer, $token) = $oauth1->verify_request($request);
183 182
 		if (!is_null($token)) {
184 183
 			$oauth1->loginUser($token->uid);
185
-			Hook::callAll('logged_in', $a->user);
184
+			Session::set('allow_api', true);
186 185
 			return;
187 186
 		}
188 187
 		echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";

+ 5
- 30
src/Network/FKOAuth1.php View File

@@ -4,12 +4,10 @@
4 4
  */
5 5
 namespace Friendica\Network;
6 6
 
7
-use Friendica\Core\Hook;
7
+use Friendica\BaseObject;
8 8
 use Friendica\Core\Logger;
9
-use Friendica\Core\PConfig;
10
-use Friendica\Core\System;
9
+use Friendica\Core\Session;
11 10
 use Friendica\Database\DBA;
12
-use Friendica\Util\DateTimeFormat;
13 11
 use OAuthServer;
14 12
 use OAuthSignatureMethod_HMAC_SHA1;
15 13
 use OAuthSignatureMethod_PLAINTEXT;
@@ -32,12 +30,13 @@ class FKOAuth1 extends OAuthServer
32 30
 	/**
33 31
 	 * @param string $uid user id
34 32
 	 * @return void
33
+	 * @throws HTTPException\ForbiddenException
35 34
 	 * @throws HTTPException\InternalServerErrorException
36 35
 	 */
37 36
 	public function loginUser($uid)
38 37
 	{
39 38
 		Logger::log("FKOAuth1::loginUser $uid");
40
-		$a = \get_app();
39
+		$a = BaseObject::getApp();
41 40
 		$record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);
42 41
 
43 42
 		if (!DBA::isResult($record)) {
@@ -45,31 +44,7 @@ class FKOAuth1 extends OAuthServer
45 44
 			header('HTTP/1.0 401 Unauthorized');
46 45
 			die('This api requires login');
47 46
 		}
48
-		$_SESSION['uid'] = $record['uid'];
49
-		$_SESSION['theme'] = $record['theme'];
50
-		$_SESSION['mobile-theme'] = PConfig::get($record['uid'], 'system', 'mobile_theme');
51
-		$_SESSION['authenticated'] = 1;
52
-		$_SESSION['page_flags'] = $record['page-flags'];
53
-		$_SESSION['my_url'] = System::baseUrl() . '/profile/' . $record['nickname'];
54
-		$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
55
-		$_SESSION["allow_api"] = true;
56 47
 
57
-		$a->user = $record;
58
-
59
-		if (strlen($a->user['timezone'])) {
60
-			date_default_timezone_set($a->user['timezone']);
61
-			$a->timezone = $a->user['timezone'];
62
-		}
63
-
64
-		$contact = DBA::selectFirst('contact', [], ['uid' => $_SESSION['uid'], 'self' => 1]);
65
-		if (DBA::isResult($contact)) {
66
-			$a->contact = $contact;
67
-			$a->cid = $contact['id'];
68
-			$_SESSION['cid'] = $a->cid;
69
-		}
70
-
71
-		DBA::update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $_SESSION['uid']]);
72
-
73
-		Hook::callAll('logged_in', $a->user);
48
+		Session::setAuthenticatedForUser($a, $record, true);
74 49
 	}
75 50
 }

Loading…
Cancel
Save