[core] move get_session_id and set_login_cookie into User class
This commit is contained in:
Shish
Shish
parent
a59b9f706c
commit
8a3d5b5b11
2 changed files with 33 additions and 32 deletions
|
|
@ -252,4 +252,32 @@ class User
|
|||
$addr = get_session_ip($config);
|
||||
return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt);
|
||||
}
|
||||
|
||||
|
||||
public function get_session_id(): string
|
||||
{
|
||||
global $config;
|
||||
$addr = get_session_ip($config);
|
||||
$hash = $this->passhash;
|
||||
return md5($hash . $addr);
|
||||
}
|
||||
|
||||
public function set_login_cookie(): void
|
||||
{
|
||||
global $config, $page;
|
||||
|
||||
$page->add_cookie(
|
||||
"user",
|
||||
$this->name,
|
||||
time() + 60 * 60 * 24 * 365,
|
||||
'/'
|
||||
);
|
||||
$page->add_cookie(
|
||||
"session",
|
||||
$this->get_session_id(),
|
||||
time() + 60 * 60 * 24 * $config->get_int('login_memory'),
|
||||
'/'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ class LoginResult
|
|||
if (!is_null($duser)) {
|
||||
return new LoginResult(
|
||||
$duser,
|
||||
UserPage::get_session_id($duser->name),
|
||||
$duser->get_session_id(),
|
||||
null
|
||||
);
|
||||
} else {
|
||||
|
|
@ -116,7 +116,7 @@ class LoginResult
|
|||
$uce = send_event(new UserCreationEvent($username, $password1, $password2, $email, true));
|
||||
return new LoginResult(
|
||||
$uce->user,
|
||||
UserPage::get_session_id($username),
|
||||
$uce->user->get_session_id(),
|
||||
null
|
||||
);
|
||||
} catch (UserCreationException $ex) {
|
||||
|
|
@ -198,7 +198,7 @@ class UserPage extends Extension
|
|||
true
|
||||
)
|
||||
);
|
||||
$this->set_login_cookie($uce->username);
|
||||
$uce->user->set_login_cookie();
|
||||
$page->set_mode(PageMode::REDIRECT);
|
||||
$page->set_redirect(make_link("user"));
|
||||
} catch (UserCreationException $ex) {
|
||||
|
|
@ -269,7 +269,7 @@ class UserPage extends Extension
|
|||
// FIXME: send_event()
|
||||
$duser->set_password($input['pass1']);
|
||||
if ($duser->id == $user->id) {
|
||||
$this->set_login_cookie($duser->name);
|
||||
$duser->set_login_cookie();
|
||||
}
|
||||
$page->flash("Password changed");
|
||||
$this->redirect_to_user($duser);
|
||||
|
|
@ -633,7 +633,7 @@ class UserPage extends Extension
|
|||
$duser = User::by_name_and_pass($name, $pass);
|
||||
if (!is_null($duser)) {
|
||||
send_event(new UserLoginEvent($duser));
|
||||
$this->set_login_cookie($duser->name);
|
||||
$duser->set_login_cookie();
|
||||
$page->set_mode(PageMode::REDIRECT);
|
||||
|
||||
// Try returning to previous page
|
||||
|
|
@ -679,33 +679,6 @@ class UserPage extends Extension
|
|||
}
|
||||
}
|
||||
|
||||
public static function get_session_id(string $name): string
|
||||
{
|
||||
global $config;
|
||||
$addr = get_session_ip($config);
|
||||
$hash = User::by_name($name)->passhash;
|
||||
return md5($hash . $addr);
|
||||
}
|
||||
|
||||
private function set_login_cookie(string $name): void
|
||||
{
|
||||
global $config, $page;
|
||||
|
||||
|
||||
$page->add_cookie(
|
||||
"user",
|
||||
$name,
|
||||
time() + 60 * 60 * 24 * 365,
|
||||
'/'
|
||||
);
|
||||
$page->add_cookie(
|
||||
"session",
|
||||
$this->get_session_id($name),
|
||||
time() + 60 * 60 * 24 * $config->get_int('login_memory'),
|
||||
'/'
|
||||
);
|
||||
}
|
||||
|
||||
private function user_can_edit_user(User $a, User $b): bool
|
||||
{
|
||||
if ($a->is_anonymous()) {
|
||||
|
|
|
|||
Reference in a new issue