diff options
author | ArthurHoaro <arthur@hoa.ro> | 2020-09-22 20:25:47 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2020-11-09 10:56:24 +0100 |
commit | 53054b2bf6a919fd4ff9b44b6ad1986f21f488b6 (patch) | |
tree | 39cad52645ce00fbf863ff8e482d10dfcbe7f26c /application/security | |
parent | e09bb93e18a333eff8e6a4156f5b58ba9c7d25cd (diff) | |
download | Shaarli-53054b2bf6a919fd4ff9b44b6ad1986f21f488b6.tar.gz Shaarli-53054b2bf6a919fd4ff9b44b6ad1986f21f488b6.tar.zst Shaarli-53054b2bf6a919fd4ff9b44b6ad1986f21f488b6.zip |
Apply PHP Code Beautifier on source code for linter automatic fixes
Diffstat (limited to 'application/security')
-rw-r--r-- | application/security/BanManager.php | 8 | ||||
-rw-r--r-- | application/security/LoginManager.php | 16 | ||||
-rw-r--r-- | application/security/SessionManager.php | 3 |
3 files changed, 16 insertions, 11 deletions
diff --git a/application/security/BanManager.php b/application/security/BanManager.php index 288cbde0..7077af5b 100644 --- a/application/security/BanManager.php +++ b/application/security/BanManager.php | |||
@@ -1,6 +1,5 @@ | |||
1 | <?php | 1 | <?php |
2 | 2 | ||
3 | |||
4 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
5 | 4 | ||
6 | use Psr\Log\LoggerInterface; | 5 | use Psr\Log\LoggerInterface; |
@@ -47,7 +46,8 @@ class BanManager | |||
47 | * @param string $banFile Path to the file containing IP bans and failures | 46 | * @param string $banFile Path to the file containing IP bans and failures |
48 | * @param LoggerInterface $logger PSR-3 logger to save login attempts in log directory | 47 | * @param LoggerInterface $logger PSR-3 logger to save login attempts in log directory |
49 | */ | 48 | */ |
50 | public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, LoggerInterface $logger) { | 49 | public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, LoggerInterface $logger) |
50 | { | ||
51 | $this->trustedProxies = $trustedProxies; | 51 | $this->trustedProxies = $trustedProxies; |
52 | $this->nbAttempts = $nbAttempts; | 52 | $this->nbAttempts = $nbAttempts; |
53 | $this->banDuration = $banDuration; | 53 | $this->banDuration = $banDuration; |
@@ -80,7 +80,7 @@ class BanManager | |||
80 | 80 | ||
81 | if ($this->failures[$ip] >= $this->nbAttempts) { | 81 | if ($this->failures[$ip] >= $this->nbAttempts) { |
82 | $this->bans[$ip] = time() + $this->banDuration; | 82 | $this->bans[$ip] = time() + $this->banDuration; |
83 | $this->logger->info(format_log('IP address banned from login: '. $ip, $ip)); | 83 | $this->logger->info(format_log('IP address banned from login: ' . $ip, $ip)); |
84 | } | 84 | } |
85 | $this->writeBanFile(); | 85 | $this->writeBanFile(); |
86 | } | 86 | } |
@@ -136,7 +136,7 @@ class BanManager | |||
136 | unset($this->failures[$ip]); | 136 | unset($this->failures[$ip]); |
137 | } | 137 | } |
138 | unset($this->bans[$ip]); | 138 | unset($this->bans[$ip]); |
139 | $this->logger->info(format_log('Ban lifted for: '. $ip, $ip)); | 139 | $this->logger->info(format_log('Ban lifted for: ' . $ip, $ip)); |
140 | 140 | ||
141 | $this->writeBanFile(); | 141 | $this->writeBanFile(); |
142 | return false; | 142 | return false; |
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 426e785e..b795b80e 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php | |||
@@ -1,4 +1,5 @@ | |||
1 | <?php | 1 | <?php |
2 | |||
2 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
3 | 4 | ||
4 | use Exception; | 5 | use Exception; |
@@ -106,7 +107,8 @@ class LoginManager | |||
106 | // The user client has a valid stay-signed-in cookie | 107 | // The user client has a valid stay-signed-in cookie |
107 | // Session information is updated with the current client information | 108 | // Session information is updated with the current client information |
108 | $this->sessionManager->storeLoginInfo($clientIpId); | 109 | $this->sessionManager->storeLoginInfo($clientIpId); |
109 | } elseif ($this->sessionManager->hasSessionExpired() | 110 | } elseif ( |
111 | $this->sessionManager->hasSessionExpired() | ||
110 | || $this->sessionManager->hasClientIpChanged($clientIpId) | 112 | || $this->sessionManager->hasClientIpChanged($clientIpId) |
111 | ) { | 113 | ) { |
112 | $this->sessionManager->logout(); | 114 | $this->sessionManager->logout(); |
@@ -145,7 +147,8 @@ class LoginManager | |||
145 | // Check credentials | 147 | // Check credentials |
146 | try { | 148 | try { |
147 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); | 149 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); |
148 | if ($login === $this->configManager->get('credentials.login') | 150 | if ( |
151 | $login === $this->configManager->get('credentials.login') | ||
149 | && ( | 152 | && ( |
150 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) | 153 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) |
151 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) | 154 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) |
@@ -156,7 +159,7 @@ class LoginManager | |||
156 | 159 | ||
157 | return true; | 160 | return true; |
158 | } | 161 | } |
159 | } catch(Exception $exception) { | 162 | } catch (Exception $exception) { |
160 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); | 163 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); |
161 | } | 164 | } |
162 | 165 | ||
@@ -174,7 +177,8 @@ class LoginManager | |||
174 | * | 177 | * |
175 | * @return bool true if the provided credentials are valid, false otherwise | 178 | * @return bool true if the provided credentials are valid, false otherwise |
176 | */ | 179 | */ |
177 | public function checkCredentialsFromLocalConfig($login, $password) { | 180 | public function checkCredentialsFromLocalConfig($login, $password) |
181 | { | ||
178 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); | 182 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); |
179 | 183 | ||
180 | return $login == $this->configManager->get('credentials.login') | 184 | return $login == $this->configManager->get('credentials.login') |
@@ -193,14 +197,14 @@ class LoginManager | |||
193 | */ | 197 | */ |
194 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) | 198 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) |
195 | { | 199 | { |
196 | $connect = $connect ?? function($host) { | 200 | $connect = $connect ?? function ($host) { |
197 | $resource = ldap_connect($host); | 201 | $resource = ldap_connect($host); |
198 | 202 | ||
199 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); | 203 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); |
200 | 204 | ||
201 | return $resource; | 205 | return $resource; |
202 | }; | 206 | }; |
203 | $bind = $bind ?? function($handle, $dn, $password) { | 207 | $bind = $bind ?? function ($handle, $dn, $password) { |
204 | return ldap_bind($handle, $dn, $password); | 208 | return ldap_bind($handle, $dn, $password); |
205 | }; | 209 | }; |
206 | 210 | ||
diff --git a/application/security/SessionManager.php b/application/security/SessionManager.php index 96bf193c..f957b91a 100644 --- a/application/security/SessionManager.php +++ b/application/security/SessionManager.php | |||
@@ -1,4 +1,5 @@ | |||
1 | <?php | 1 | <?php |
2 | |||
2 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
3 | 4 | ||
4 | use Shaarli\Config\ConfigManager; | 5 | use Shaarli\Config\ConfigManager; |
@@ -79,7 +80,7 @@ class SessionManager | |||
79 | */ | 80 | */ |
80 | public function generateToken() | 81 | public function generateToken() |
81 | { | 82 | { |
82 | $token = sha1(uniqid('', true) .'_'. mt_rand() . $this->conf->get('credentials.salt')); | 83 | $token = sha1(uniqid('', true) . '_' . mt_rand() . $this->conf->get('credentials.salt')); |
83 | $this->session['tokens'][$token] = 1; | 84 | $this->session['tokens'][$token] = 1; |
84 | return $token; | 85 | return $token; |
85 | } | 86 | } |