aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/security
diff options
context:
space:
mode:
Diffstat (limited to 'application/security')
-rw-r--r--application/security/LoginManager.php9
1 files changed, 4 insertions, 5 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php
index 41fa9a20..4946850b 100644
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@@ -46,7 +46,7 @@ class LoginManager
46 $this->sessionManager = $sessionManager; 46 $this->sessionManager = $sessionManager;
47 $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); 47 $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php');
48 $this->readBanFile(); 48 $this->readBanFile();
49 if ($this->configManager->get('security.open_shaarli')) { 49 if ($this->configManager->get('security.open_shaarli') === true) {
50 $this->openShaarli = true; 50 $this->openShaarli = true;
51 } 51 }
52 } 52 }
@@ -80,8 +80,6 @@ class LoginManager
80 * 80 *
81 * @param array $cookie The $_COOKIE array 81 * @param array $cookie The $_COOKIE array
82 * @param string $clientIpId Client IP address identifier 82 * @param string $clientIpId Client IP address identifier
83 *
84 * @return bool true if the user session is valid, false otherwise
85 */ 83 */
86 public function checkLoginState($cookie, $clientIpId) 84 public function checkLoginState($cookie, $clientIpId)
87 { 85 {
@@ -94,11 +92,12 @@ class LoginManager
94 if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE]) 92 if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE])
95 && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken 93 && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken
96 ) { 94 ) {
95 // The user client has a valid stay-signed-in cookie
96 // Session information is updated with the current client information
97 $this->sessionManager->storeLoginInfo($clientIpId); 97 $this->sessionManager->storeLoginInfo($clientIpId);
98 $this->isLoggedIn = true; 98 $this->isLoggedIn = true;
99 }
100 99
101 if ($this->sessionManager->hasSessionExpired() 100 } elseif ($this->sessionManager->hasSessionExpired()
102 || $this->sessionManager->hasClientIpChanged($clientIpId) 101 || $this->sessionManager->hasClientIpChanged($clientIpId)
103 ) { 102 ) {
104 $this->sessionManager->logout(); 103 $this->sessionManager->logout();