aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/security/LoginManager.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/security/LoginManager.php')
-rw-r--r--application/security/LoginManager.php16
1 files changed, 10 insertions, 6 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php
index 426e785e..b795b80e 100644
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@@ -1,4 +1,5 @@
1<?php 1<?php
2
2namespace Shaarli\Security; 3namespace Shaarli\Security;
3 4
4use Exception; 5use Exception;
@@ -106,7 +107,8 @@ class LoginManager
106 // The user client has a valid stay-signed-in cookie 107 // The user client has a valid stay-signed-in cookie
107 // Session information is updated with the current client information 108 // Session information is updated with the current client information
108 $this->sessionManager->storeLoginInfo($clientIpId); 109 $this->sessionManager->storeLoginInfo($clientIpId);
109 } elseif ($this->sessionManager->hasSessionExpired() 110 } elseif (
111 $this->sessionManager->hasSessionExpired()
110 || $this->sessionManager->hasClientIpChanged($clientIpId) 112 || $this->sessionManager->hasClientIpChanged($clientIpId)
111 ) { 113 ) {
112 $this->sessionManager->logout(); 114 $this->sessionManager->logout();
@@ -145,7 +147,8 @@ class LoginManager
145 // Check credentials 147 // Check credentials
146 try { 148 try {
147 $useLdapLogin = !empty($this->configManager->get('ldap.host')); 149 $useLdapLogin = !empty($this->configManager->get('ldap.host'));
148 if ($login === $this->configManager->get('credentials.login') 150 if (
151 $login === $this->configManager->get('credentials.login')
149 && ( 152 && (
150 (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password)) 153 (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
151 || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password)) 154 || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))
@@ -156,7 +159,7 @@ class LoginManager
156 159
157 return true; 160 return true;
158 } 161 }
159 } catch(Exception $exception) { 162 } catch (Exception $exception) {
160 $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId)); 163 $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId));
161 } 164 }
162 165
@@ -174,7 +177,8 @@ class LoginManager
174 * 177 *
175 * @return bool true if the provided credentials are valid, false otherwise 178 * @return bool true if the provided credentials are valid, false otherwise
176 */ 179 */
177 public function checkCredentialsFromLocalConfig($login, $password) { 180 public function checkCredentialsFromLocalConfig($login, $password)
181 {
178 $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); 182 $hash = sha1($password . $login . $this->configManager->get('credentials.salt'));
179 183
180 return $login == $this->configManager->get('credentials.login') 184 return $login == $this->configManager->get('credentials.login')
@@ -193,14 +197,14 @@ class LoginManager
193 */ 197 */
194 public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null) 198 public function checkCredentialsFromLdap($login, $password, $connect = null, $bind = null)
195 { 199 {
196 $connect = $connect ?? function($host) { 200 $connect = $connect ?? function ($host) {
197 $resource = ldap_connect($host); 201 $resource = ldap_connect($host);
198 202
199 ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3); 203 ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3);
200 204
201 return $resource; 205 return $resource;
202 }; 206 };
203 $bind = $bind ?? function($handle, $dn, $password) { 207 $bind = $bind ?? function ($handle, $dn, $password) {
204 return ldap_bind($handle, $dn, $password); 208 return ldap_bind($handle, $dn, $password);
205 }; 209 };
206 210