diff options
| author | ArthurHoaro <arthur@hoa.ro> | 2020-11-10 10:46:04 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-10 10:46:04 +0100 |
| commit | 302662797cb5e8ac6579a99297ceae301f7927a6 (patch) | |
| tree | 67f493a1cc6d3691742946f1d7e512bffe41e02f /application/security/LoginManager.php | |
| parent | c94c32d1a3e86a479cb2582eadc668a5bb476fc6 (diff) | |
| parent | 2f4df753041088d788d1923692a7d530167a6840 (diff) | |
| download | Shaarli-302662797cb5e8ac6579a99297ceae301f7927a6.tar.gz Shaarli-302662797cb5e8ac6579a99297ceae301f7927a6.tar.zst Shaarli-302662797cb5e8ac6579a99297ceae301f7927a6.zip | |
Merge pull request #1635 from ArthurHoaro/feature/phpcs
Diffstat (limited to 'application/security/LoginManager.php')
| -rw-r--r-- | application/security/LoginManager.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 426e785e..b795b80e 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | |||
| 2 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
| 3 | 4 | ||
| 4 | use Exception; | 5 | use Exception; |
| @@ -106,7 +107,8 @@ class LoginManager | |||
| 106 | // The user client has a valid stay-signed-in cookie | 107 | // The user client has a valid stay-signed-in cookie |
| 107 | // Session information is updated with the current client information | 108 | // Session information is updated with the current client information |
| 108 | $this->sessionManager->storeLoginInfo($clientIpId); | 109 | $this->sessionManager->storeLoginInfo($clientIpId); |
| 109 | } elseif ($this->sessionManager->hasSessionExpired() | 110 | } elseif ( |
| 111 | $this->sessionManager->hasSessionExpired() | ||
| 110 | || $this->sessionManager->hasClientIpChanged($clientIpId) | 112 | || $this->sessionManager->hasClientIpChanged($clientIpId) |
| 111 | ) { | 113 | ) { |
| 112 | $this->sessionManager->logout(); | 114 | $this->sessionManager->logout(); |
| @@ -145,7 +147,8 @@ class LoginManager | |||
| 145 | // Check credentials | 147 | // Check credentials |
| 146 | try { | 148 | try { |
| 147 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); | 149 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); |
| 148 | if ($login === $this->configManager->get('credentials.login') | 150 | if ( |
| 151 | $login === $this->configManager->get('credentials.login') | ||
| 149 | && ( | 152 | && ( |
| 150 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) | 153 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) |
| 151 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) | 154 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) |
| @@ -156,7 +159,7 @@ class LoginManager | |||
| 156 | 159 | ||
| 157 | return true; | 160 | return true; |
| 158 | } | 161 | } |
| 159 | } catch(Exception $exception) { | 162 | } catch (Exception $exception) { |
| 160 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); | 163 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); |
| 161 | } | 164 | } |
| 162 | 165 | ||
| @@ -174,7 +177,8 @@ class LoginManager | |||
| 174 | * | 177 | * |
| 175 | * @return bool true if the provided credentials are valid, false otherwise | 178 | * @return bool true if the provided credentials are valid, false otherwise |
| 176 | */ | 179 | */ |
| 177 | public function checkCredentialsFromLocalConfig($login, $password) { | 180 | public function checkCredentialsFromLocalConfig($login, $password) |
| 181 | { | ||
| 178 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); | 182 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); |
| 179 | 183 | ||
| 180 | return $login == $this->configManager->get('credentials.login') | 184 | return $login == $this->configManager->get('credentials.login') |
| @@ -193,14 +197,14 @@ class LoginManager | |||
| 193 | */ | 197 | */ |
| 194 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) | 198 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) |
| 195 | { | 199 | { |
| 196 | $connect = $connect ?? function($host) { | 200 | $connect = $connect ?? function ($host) { |
| 197 | $resource = ldap_connect($host); | 201 | $resource = ldap_connect($host); |
| 198 | 202 | ||
| 199 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); | 203 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 200 | 204 | ||
| 201 | return $resource; | 205 | return $resource; |
| 202 | }; | 206 | }; |
| 203 | $bind = $bind ?? function($handle, $dn, $password) { | 207 | $bind = $bind ?? function ($handle, $dn, $password) { |
| 204 | return ldap_bind($handle, $dn, $password); | 208 | return ldap_bind($handle, $dn, $password); |
| 205 | }; | 209 | }; |
| 206 | 210 | ||