diff options
Diffstat (limited to 'application/security/LoginManager.php')
-rw-r--r-- | application/security/LoginManager.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 426e785e..b795b80e 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php | |||
@@ -1,4 +1,5 @@ | |||
1 | <?php | 1 | <?php |
2 | |||
2 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
3 | 4 | ||
4 | use Exception; | 5 | use Exception; |
@@ -106,7 +107,8 @@ class LoginManager | |||
106 | // The user client has a valid stay-signed-in cookie | 107 | // The user client has a valid stay-signed-in cookie |
107 | // Session information is updated with the current client information | 108 | // Session information is updated with the current client information |
108 | $this->sessionManager->storeLoginInfo($clientIpId); | 109 | $this->sessionManager->storeLoginInfo($clientIpId); |
109 | } elseif ($this->sessionManager->hasSessionExpired() | 110 | } elseif ( |
111 | $this->sessionManager->hasSessionExpired() | ||
110 | || $this->sessionManager->hasClientIpChanged($clientIpId) | 112 | || $this->sessionManager->hasClientIpChanged($clientIpId) |
111 | ) { | 113 | ) { |
112 | $this->sessionManager->logout(); | 114 | $this->sessionManager->logout(); |
@@ -145,7 +147,8 @@ class LoginManager | |||
145 | // Check credentials | 147 | // Check credentials |
146 | try { | 148 | try { |
147 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); | 149 | $useLdapLogin = !empty($this->configManager->get('ldap.host')); |
148 | if ($login === $this->configManager->get('credentials.login') | 150 | if ( |
151 | $login === $this->configManager->get('credentials.login') | ||
149 | && ( | 152 | && ( |
150 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) | 153 | (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) |
151 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) | 154 | || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) |
@@ -156,7 +159,7 @@ class LoginManager | |||
156 | 159 | ||
157 | return true; | 160 | return true; |
158 | } | 161 | } |
159 | } catch(Exception $exception) { | 162 | } catch (Exception $exception) { |
160 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); | 163 | $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); |
161 | } | 164 | } |
162 | 165 | ||
@@ -174,7 +177,8 @@ class LoginManager | |||
174 | * | 177 | * |
175 | * @return bool true if the provided credentials are valid, false otherwise | 178 | * @return bool true if the provided credentials are valid, false otherwise |
176 | */ | 179 | */ |
177 | public function checkCredentialsFromLocalConfig($login, $password) { | 180 | public function checkCredentialsFromLocalConfig($login, $password) |
181 | { | ||
178 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); | 182 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); |
179 | 183 | ||
180 | return $login == $this->configManager->get('credentials.login') | 184 | return $login == $this->configManager->get('credentials.login') |
@@ -193,14 +197,14 @@ class LoginManager | |||
193 | */ | 197 | */ |
194 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) | 198 | public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) |
195 | { | 199 | { |
196 | $connect = $connect ?? function($host) { | 200 | $connect = $connect ?? function ($host) { |
197 | $resource = ldap_connect($host); | 201 | $resource = ldap_connect($host); |
198 | 202 | ||
199 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); | 203 | ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); |
200 | 204 | ||
201 | return $resource; | 205 | return $resource; |
202 | }; | 206 | }; |
203 | $bind = $bind ?? function($handle, $dn, $password) { | 207 | $bind = $bind ?? function ($handle, $dn, $password) { |
204 | return ldap_bind($handle, $dn, $password); | 208 | return ldap_bind($handle, $dn, $password); |
205 | }; | 209 | }; |
206 | 210 | ||