Add support for multiple login cookie tokens

This commit is contained in:
Bart Visscher 2012-09-04 18:07:38 +02:00 committed by Michael Göhler
parent 4af5b016cc
commit 1012d317e3
1 changed files with 12 additions and 9 deletions

View File

@ -449,6 +449,7 @@ class OC{
OC_App::loadApps();
OC_User::setupBackends();
if(isset($_GET["logout"]) and ($_GET["logout"])) {
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
OC_User::logout();
header("Location: ".OC::$WEBROOT.'/');
}else{
@ -523,15 +524,17 @@ class OC{
OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG);
}
// confirm credentials in cookie
if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username']) &&
OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") === $_COOKIE['oc_token'])
{
OC_User::setUserId($_COOKIE['oc_username']);
OC_Util::redirectToDefaultPage();
}
else {
OC_User::unsetMagicInCookie();
if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) {
$tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token');
$tokens[] = OC_Preferences::getValue($_COOKIE['oc_username'], 'login', 'token');
if (in_array($_COOKIE['oc_token'], $tokens, true)) {
OC_User::setUserId($_COOKIE['oc_username']);
OC_Util::redirectToDefaultPage();
// doesn't return
}
OC_Preferences::deleteKey($_POST['user'], 'login_token', $_COOKIE['oc_token']);
}
OC_User::unsetMagicInCookie();
return true;
}
@ -551,7 +554,7 @@ class OC{
OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
}
$token = md5($_POST["user"].time().$_POST['password']);
OC_Preferences::setValue($_POST['user'], 'login', 'token', $token);
OC_Preferences::setValue($_POST['user'], 'login_token', $token, time());
OC_User::setMagicInCookie($_POST["user"], $token);
}
else {