Enhanced auth is totally unmaintained and broken

Let's remove it, it's also not secure anymore with the introduction of
our API etc...
(And doesn't work with ldap etc…)
This commit is contained in:
Lukas Reschke 2013-01-14 21:39:49 +01:00
parent 0810d80f8a
commit eab6d7eb23
6 changed files with 0 additions and 76 deletions

View File

@ -36,12 +36,6 @@ $CONFIG = array(
/* The automatic protocol detection of ownCloud can fail in certain reverse proxy situations. This option allows to manually override the protocol detection. For example "https" */
"overwriteprotocol" => "",
/* Enhanced auth forces users to enter their password again when performing potential sensitive actions like creating or deleting users */
"enhancedauth" => true,
/* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/
"enhancedauthtime" => 15 * 60,
/* A proxy to use to connect to the internet. For example "myproxy.org:88" */
"proxy" => "",

View File

@ -1,18 +0,0 @@
<form method="post">
<fieldset>
<ul>
<li class="errors">
<?php echo $l->t('Security Warning!'); ?><br>
<small><?php echo $l->t("Please verify your password. <br/>For security reasons you may be occasionally asked to enter your password again."); ?></small>
</li>
</ul>
<p class="infield">
<input type="text" value="<?php echo $_['username']; ?>" disabled="disabled" />
</p>
<p class="infield">
<label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label>
<input type="password" name="password" id="password" value="" required />
</p>
<input type="submit" id="submit" class="login" value="<?php echo $l->t( 'Verify' ); ?>" />
</fieldset>
</form>

View File

@ -74,19 +74,6 @@ class OC_JSON{
exit();
}
}
/**
* Check if the user verified the login with his password
*/
public static function verifyUser() {
if(OC_Config::getValue('enhancedauth', false) === true) {
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
}
/**
* Send json error msg

View File

@ -360,40 +360,6 @@ class OC_Util {
return true;
}
/**
* Check if the user verified the login with his password in the last 15 minutes
* If not, the user will be shown a password verification page
*/
public static function verifyUser() {
if(OC_Config::getValue('enhancedauth', false) === true) {
// Check password to set session
if(isset($_POST['password'])) {
if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) {
$_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60);
}
}
// Check if the user verified his password
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser()));
exit();
}
}
}
/**
* Check if the user verified the login with his password
* @return bool
*/
public static function isUserVerified() {
if(OC_Config::getValue('enhancedauth', false) === true) {
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
return false;
}
}
return true;
}
/**
* Redirect to the user default page
*/

View File

@ -30,10 +30,6 @@ if(is_null($userstatus)) {
exit();
}
if($userstatus === 'admin' || $userstatus === 'subadmin') {
OC_JSON::verifyUser();
}
// Return Success story
if( OC_User::setPassword( $username, $password )) {
OC_JSON::success(array("data" => array( "username" => $username )));

View File

@ -6,7 +6,6 @@
*/
OC_Util::checkLoggedIn();
OC_Util::verifyUser();
OC_App::loadApps();
OC_Util::addStyle( 'settings', 'settings' );