1 files changed, 30 insertions, 39 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php
index 65048f10..426e785e 100644
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@@ -2,6 +2,7 @@
 namespace Shaarli\Security;
 use Exception;
+use Psr\Log\LoggerInterface;
 use Shaarli\Config\ConfigManager;
 /**
@@ -31,26 +32,30 @@ class LoginManager
    protected $staySignedInToken = '';
    /** @var CookieManager */
    protected $cookieManager;
+    /** @var LoggerInterface */
+    protected $logger;
    /**
     * Constructor
     *
-     * @param ConfigManager  $configManager  Configuration Manager instance
+     * @param ConfigManager $configManager Configuration Manager instance
     * @param SessionManager $sessionManager SessionManager instance
-     * @param CookieManager  $cookieManager  CookieManager instance
+     * @param CookieManager $cookieManager CookieManager instance
+     * @param BanManager $banManager
+     * @param LoggerInterface $logger Used to log login attempts
     */
-    public function __construct($configManager, $sessionManager, $cookieManager)
+    public function __construct(
-    {
+        ConfigManager $configManager,
+        SessionManager $sessionManager,
+        CookieManager $cookieManager,
+        BanManager $banManager,
+        LoggerInterface $logger
+    ) {
        $this->configManager = $configManager;
        $this->sessionManager = $sessionManager;
        $this->cookieManager = $cookieManager;
-        $this->banManager = new BanManager(
+        $this->banManager = $banManager;
-            $this->configManager->get('security.trusted_proxies', []),
+        $this->logger = $logger;
-            $this->configManager->get('security.ban_after'),
-            $this->configManager->get('security.ban_duration'),
-            $this->configManager->get('resource.ban_file', 'data/ipbans.php'),
-            $this->configManager->get('resource.log')
-        );
        if ($this->configManager->get('security.open_shaarli') === true) {
            $this->openShaarli = true;
@@ -129,48 +134,34 @@ class LoginManager
    /**
     * Check user credentials are valid
     *
-     * @param string $remoteIp   Remote client IP address
     * @param string $clientIpId Client IP address identifier
     * @param string $login      Username
     * @param string $password   Password
     *
     * @return bool true if the provided credentials are valid, false otherwise
     */
-    public function checkCredentials($remoteIp, $clientIpId, $login, $password)
+    public function checkCredentials($clientIpId, $login, $password)
    {
-        // Check login matches config
-        if ($login !== $this->configManager->get('credentials.login')) {
-            return false;
-        }
        // Check credentials
        try {
            $useLdapLogin = !empty($this->configManager->get('ldap.host'));
-            if ((false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
+            if ($login === $this->configManager->get('credentials.login')
-                || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))
+                && (
+                    (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
+                    || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))
+                )
            ) {
-                    $this->sessionManager->storeLoginInfo($clientIpId);
+                $this->sessionManager->storeLoginInfo($clientIpId);
-                    logm(
+                $this->logger->info(format_log('Login successful', $clientIpId));
-                        $this->configManager->get('resource.log'),
-                        $remoteIp,
+                return true;
-                        'Login successful'
-                    );
-                    return true;
            }
-        }
+        } catch(Exception $exception) {
-        catch(Exception $exception) {
+            $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId));
-            logm(
-                $this->configManager->get('resource.log'),
-                $remoteIp,
-                'Exception while checking credentials: ' . $exception
-            );
        }
-        logm(
+        $this->logger->info(format_log('Login failed for user ' . $login, $clientIpId));
-            $this->configManager->get('resource.log'),
-            $remoteIp,
-            'Login failed for user ' . $login
-        );
        return false;
    }

diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 65048f10..426e785e 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php
@@ -2,6 +2,7 @@
2	namespace Shaarli\Security;	2	namespace Shaarli\Security;
3		3
4	use Exception;	4	use Exception;
		5	use Psr\Log\LoggerInterface;
5	use Shaarli\Config\ConfigManager;	6	use Shaarli\Config\ConfigManager;
6		7
7	/**	8	/**
@@ -31,26 +32,30 @@ class LoginManager
31	protected $staySignedInToken = '';	32	protected $staySignedInToken = '';
32	/** @var CookieManager */	33	/** @var CookieManager */
33	protected $cookieManager;	34	protected $cookieManager;
		35	/** @var LoggerInterface */
		36	protected $logger;
34		37
35	/**	38	/**
36	* Constructor	39	* Constructor
37	*	40	*
38	* @param ConfigManager $configManager Configuration Manager instance	41	* @param ConfigManager $configManager Configuration Manager instance
39	* @param SessionManager $sessionManager SessionManager instance	42	* @param SessionManager $sessionManager SessionManager instance
40	* @param CookieManager $cookieManager CookieManager instance	43	* @param CookieManager $cookieManager CookieManager instance
		44	* @param BanManager $banManager
		45	* @param LoggerInterface $logger Used to log login attempts
41	*/	46	*/
42	public function __construct($configManager, $sessionManager, $cookieManager)	47	public function __construct(
43	{	48	ConfigManager $configManager,
		49	SessionManager $sessionManager,
		50	CookieManager $cookieManager,
		51	BanManager $banManager,
		52	LoggerInterface $logger
		53	) {
44	$this->configManager = $configManager;	54	$this->configManager = $configManager;
45	$this->sessionManager = $sessionManager;	55	$this->sessionManager = $sessionManager;
46	$this->cookieManager = $cookieManager;	56	$this->cookieManager = $cookieManager;
47	$this->banManager = new BanManager(	57	$this->banManager = $banManager;
48	$this->configManager->get('security.trusted_proxies', []),	58	$this->logger = $logger;
49	$this->configManager->get('security.ban_after'),
50	$this->configManager->get('security.ban_duration'),
51	$this->configManager->get('resource.ban_file', 'data/ipbans.php'),
52	$this->configManager->get('resource.log')
53	);
54		59
55	if ($this->configManager->get('security.open_shaarli') === true) {	60	if ($this->configManager->get('security.open_shaarli') === true) {
56	$this->openShaarli = true;	61	$this->openShaarli = true;
@@ -129,48 +134,34 @@ class LoginManager
129	/**	134	/**
130	* Check user credentials are valid	135	* Check user credentials are valid
131	*	136	*
132	* @param string $remoteIp Remote client IP address
133	* @param string $clientIpId Client IP address identifier	137	* @param string $clientIpId Client IP address identifier
134	* @param string $login Username	138	* @param string $login Username
135	* @param string $password Password	139	* @param string $password Password
136	*	140	*
137	* @return bool true if the provided credentials are valid, false otherwise	141	* @return bool true if the provided credentials are valid, false otherwise
138	*/	142	*/
139	public function checkCredentials($remoteIp, $clientIpId, $login, $password)	143	public function checkCredentials($clientIpId, $login, $password)
140	{	144	{
141	// Check login matches config
142	if ($login !== $this->configManager->get('credentials.login')) {
143	return false;
144	}
145
146	// Check credentials	145	// Check credentials
147	try {	146	try {
148	$useLdapLogin = !empty($this->configManager->get('ldap.host'));	147	$useLdapLogin = !empty($this->configManager->get('ldap.host'));
149	if ((false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))	148	if ($login === $this->configManager->get('credentials.login')
150	\|\| (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))	149	&& (
		150	(false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
		151	\|\| (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))
		152	)
151	) {	153	) {
152	$this->sessionManager->storeLoginInfo($clientIpId);	154	$this->sessionManager->storeLoginInfo($clientIpId);
153	logm(	155	$this->logger->info(format_log('Login successful', $clientIpId));
154	$this->configManager->get('resource.log'),	156
155	$remoteIp,	157	return true;
156	'Login successful'
157	);
158	return true;
159	}	158	}
160	}	159	} catch(Exception $exception) {
161	catch(Exception $exception) {	160	$this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId));
162	logm(
163	$this->configManager->get('resource.log'),
164	$remoteIp,
165	'Exception while checking credentials: ' . $exception
166	);
167	}	161	}
168		162
169	logm(	163	$this->logger->info(format_log('Login failed for user ' . $login, $clientIpId));
170	$this->configManager->get('resource.log'),	164
171	$remoteIp,
172	'Login failed for user ' . $login
173	);
174	return false;	165	return false;
175	}	166	}
176		167