mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Make enhanced auth configurable

This commit is contained in:
Lukas Reschke 2012-10-16 01:08:05 +02:00
parent c85c35dfae
commit e299c241df
3 changed files with 24 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/config.sample.php
View File

@ -30,6 +30,9 @@ $CONFIG = array(
/* Force use of HTTPS connection (true = use HTTPS) */ /* Force use of HTTPS connection (true = use HTTPS) */
"forcessl" => false, "forcessl" => false,
/* Enhanced auth forces users to enter their password again when performing potential sensitive actions like creating or deleting users */
"enhancedauth" => true,
/* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/ /* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/
"enhancedauthtime" => 15 * 60, "enhancedauthtime" => 15 * 60,

2
lib/json.php
View File

@ -83,12 +83,14 @@ class OC_JSON{
* Check if the user verified the login with his password * Check if the user verified the login with his password
*/ */
public static function verifyUser() { public static function verifyUser() {
if(OC_Config::getValue('enhancedauth', true) === true) {
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
$l = OC_L10N::get('lib'); $l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit(); exit();
} }
} }
}
/** /**
* Send json error msg * Send json error msg

4
lib/util.php
View File

@ -391,6 +391,7 @@ class OC_Util {
* If not, the user will be shown a password verification page * If not, the user will be shown a password verification page
*/ */
public static function verifyUser() { public static function verifyUser() {
if(OC_Config::getValue('enhancedauth', true) === true) {
// Check password to set session // Check password to set session
if(isset($_POST['password'])) { if(isset($_POST['password'])) {
if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) {
@ -404,17 +405,20 @@ class OC_Util {
exit(); exit();
} }
} }
}
/** /**
* Check if the user verified the login with his password * Check if the user verified the login with his password
* @return bool * @return bool
*/ */
public static function isUserVerified() { public static function isUserVerified() {
if(OC_Config::getValue('enhancedauth', true) === true) {
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
return false; return false;
} }
return true; return true;
} }
}
/** /**
* Redirect to the user default page * Redirect to the user default page