diff options
author | VirtualTam <virtualtam@flibidi.net> | 2018-05-30 02:09:09 +0200 |
---|---|---|
committer | VirtualTam <virtualtam@flibidi.net> | 2018-06-02 16:46:06 +0200 |
commit | 8edd7f15886620b07064aa889aea05c5acbc0e58 (patch) | |
tree | c4299a352b3f4c518f79eb7208f667f68f8e9388 /application/security | |
parent | 704637bfebc73ada4b800b35c457e9fe56ad3567 (diff) | |
download | Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.gz Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.zst Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.zip |
SessionManager+LoginManager: fix checkLoginState logic
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'application/security')
-rw-r--r-- | application/security/LoginManager.php | 2 | ||||
-rw-r--r-- | application/security/SessionManager.php | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 4946850b..d6784d6d 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php | |||
@@ -95,7 +95,6 @@ class LoginManager | |||
95 | // The user client has a valid stay-signed-in cookie | 95 | // The user client has a valid stay-signed-in cookie |
96 | // Session information is updated with the current client information | 96 | // Session information is updated with the current client information |
97 | $this->sessionManager->storeLoginInfo($clientIpId); | 97 | $this->sessionManager->storeLoginInfo($clientIpId); |
98 | $this->isLoggedIn = true; | ||
99 | 98 | ||
100 | } elseif ($this->sessionManager->hasSessionExpired() | 99 | } elseif ($this->sessionManager->hasSessionExpired() |
101 | || $this->sessionManager->hasClientIpChanged($clientIpId) | 100 | || $this->sessionManager->hasClientIpChanged($clientIpId) |
@@ -105,6 +104,7 @@ class LoginManager | |||
105 | return; | 104 | return; |
106 | } | 105 | } |
107 | 106 | ||
107 | $this->isLoggedIn = true; | ||
108 | $this->sessionManager->extendSession(); | 108 | $this->sessionManager->extendSession(); |
109 | } | 109 | } |
110 | 110 | ||
diff --git a/application/security/SessionManager.php b/application/security/SessionManager.php index 24e25528..b8b8ab8d 100644 --- a/application/security/SessionManager.php +++ b/application/security/SessionManager.php | |||
@@ -169,6 +169,9 @@ class SessionManager | |||
169 | */ | 169 | */ |
170 | public function hasSessionExpired() | 170 | public function hasSessionExpired() |
171 | { | 171 | { |
172 | if (empty($this->session['expires_on'])) { | ||
173 | return true; | ||
174 | } | ||
172 | if (time() >= $this->session['expires_on']) { | 175 | if (time() >= $this->session['expires_on']) { |
173 | return true; | 176 | return true; |
174 | } | 177 | } |
@@ -188,7 +191,7 @@ class SessionManager | |||
188 | if ($this->conf->get('security.session_protection_disabled') === true) { | 191 | if ($this->conf->get('security.session_protection_disabled') === true) { |
189 | return false; | 192 | return false; |
190 | } | 193 | } |
191 | if ($this->session['ip'] == $clientIpId) { | 194 | if (isset($this->session['ip']) && $this->session['ip'] === $clientIpId) { |
192 | return false; | 195 | return false; |
193 | } | 196 | } |
194 | return true; | 197 | return true; |