badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[core] move get_session_id and set_login_cookie into User class

Browse source
This commit is contained in:
Shish 2024-06-20 01:05:03 +01:00 committed by Shish
parent a59b9f706c
commit 8a3d5b5b11
2 changed files with 33 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
core/user.php
View file

@ -252,4 +252,32 @@ class User
$addr = get_session_ip($config); $addr = get_session_ip($config);
return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt); return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt);
} }
public function get_session_id(): string
{
global $config;
$addr = get_session_ip($config);
$hash = $this->passhash;
return md5($hash . $addr);
}
public function set_login_cookie(): void
{
global $config, $page;
$page->add_cookie(
"user",
$this->name,
time() + 60 * 60 * 24 * 365,
'/'
);
$page->add_cookie(
"session",
$this->get_session_id(),
time() + 60 * 60 * 24 * $config->get_int('login_memory'),
'/'
);
}
} }

37
ext/user/main.php
View file

@ -95,7 +95,7 @@ class LoginResult
if (!is_null($duser)) { if (!is_null($duser)) {
return new LoginResult( return new LoginResult(
$duser, $duser,
UserPage::get_session_id($duser->name), $duser->get_session_id(),
null null
); );
} else { } else {
@ -116,7 +116,7 @@ class LoginResult
$uce = send_event(new UserCreationEvent($username, $password1, $password2, $email, true)); $uce = send_event(new UserCreationEvent($username, $password1, $password2, $email, true));
return new LoginResult( return new LoginResult(
$uce->user, $uce->user,
UserPage::get_session_id($username), $uce->user->get_session_id(),
null null
); );
} catch (UserCreationException $ex) { } catch (UserCreationException $ex) {
@ -198,7 +198,7 @@ class UserPage extends Extension
true true
) )
); );
$this->set_login_cookie($uce->username); $uce->user->set_login_cookie();
$page->set_mode(PageMode::REDIRECT); $page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link("user")); $page->set_redirect(make_link("user"));
} catch (UserCreationException $ex) { } catch (UserCreationException $ex) {
@ -269,7 +269,7 @@ class UserPage extends Extension
// FIXME: send_event() // FIXME: send_event()
$duser->set_password($input['pass1']); $duser->set_password($input['pass1']);
if ($duser->id == $user->id) { if ($duser->id == $user->id) {
$this->set_login_cookie($duser->name); $duser->set_login_cookie();
} }
$page->flash("Password changed"); $page->flash("Password changed");
$this->redirect_to_user($duser); $this->redirect_to_user($duser);
@ -633,7 +633,7 @@ class UserPage extends Extension
$duser = User::by_name_and_pass($name, $pass); $duser = User::by_name_and_pass($name, $pass);
if (!is_null($duser)) { if (!is_null($duser)) {
send_event(new UserLoginEvent($duser)); send_event(new UserLoginEvent($duser));
$this->set_login_cookie($duser->name); $duser->set_login_cookie();
$page->set_mode(PageMode::REDIRECT); $page->set_mode(PageMode::REDIRECT);
// Try returning to previous page // Try returning to previous page
@ -679,33 +679,6 @@ class UserPage extends Extension
} }
} }
public static function get_session_id(string $name): string
{
global $config;
$addr = get_session_ip($config);
$hash = User::by_name($name)->passhash;
return md5($hash . $addr);
}
private function set_login_cookie(string $name): void
{
global $config, $page;
$page->add_cookie(
"user",
$name,
time() + 60 * 60 * 24 * 365,
'/'
);
$page->add_cookie(
"session",
$this->get_session_id($name),
time() + 60 * 60 * 24 * $config->get_int('login_memory'),
'/'
);
}
private function user_can_edit_user(User $a, User $b): bool private function user_can_edit_user(User $a, User $b): bool
{ {
if ($a->is_anonymous()) { if ($a->is_anonymous()) {