X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2Fsecurity%2FLoginManager.php;h=0f3154835d734d74c035f169035d9d684b50dcfb;hb=f211e417bf637b8a83988175c29ee072c69f7642;hp=41fa9a20ee9c4d025e6ae72f59897e9c7c3c2f17;hpb=c689e108639a4f6aa9e15928422e14db7cbe30ca;p=github%2Fshaarli%2FShaarli.git diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 41fa9a20..0f315483 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php @@ -46,7 +46,7 @@ class LoginManager $this->sessionManager = $sessionManager; $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); $this->readBanFile(); - if ($this->configManager->get('security.open_shaarli')) { + if ($this->configManager->get('security.open_shaarli') === true) { $this->openShaarli = true; } } @@ -80,8 +80,6 @@ class LoginManager * * @param array $cookie The $_COOKIE array * @param string $clientIpId Client IP address identifier - * - * @return bool true if the user session is valid, false otherwise */ public function checkLoginState($cookie, $clientIpId) { @@ -94,11 +92,10 @@ class LoginManager if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE]) && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken ) { + // The user client has a valid stay-signed-in cookie + // Session information is updated with the current client information $this->sessionManager->storeLoginInfo($clientIpId); - $this->isLoggedIn = true; - } - - if ($this->sessionManager->hasSessionExpired() + } elseif ($this->sessionManager->hasSessionExpired() || $this->sessionManager->hasClientIpChanged($clientIpId) ) { $this->sessionManager->logout(); @@ -106,6 +103,7 @@ class LoginManager return; } + $this->isLoggedIn = true; $this->sessionManager->extendSession(); }