Mirrors
/
nextcloud-server
mirror of https://github.com/nextcloud/server
3
0
Fork 0
Code Releases Activity
Browse Source

do login routine only once when done via LoginController 

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
pull/2424/head
Arthur Schiwon 9 years ago
parent
2994cbc586
commit
7b3fdfeeaa
No known key found for this signature in database GPG Key ID: 7424F1874854DF23
3 changed files with 49 additions and 52 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      core/Controller/LoginController.php
  2. 83
      lib/private/User/Session.php
  3. 16
      tests/Core/Controller/LoginControllerTest.php

2
core/Controller/LoginController.php
View File

@ -250,7 +250,7 @@ class LoginController extends Controller {
}
// TODO: remove password checks from above and let the user session handle failures
// requires https://github.com/owncloud/core/pull/24616
$this->userSession->login($user, $password);
$this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
// User has successfully logged in, now remove the password reset link, when it is available

83
lib/private/User/Session.php
View File

@ -41,6 +41,7 @@ use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Hooks\Emitter;
use OC\Hooks\PublicEmitter;
use OC_User;
use OC_Util;
use OCA\DAV\Connector\Sabre\Auth;
@ -78,7 +79,7 @@ use Symfony\Component\EventDispatcher\GenericEvent;
*/
class Session implements IUserSession, Emitter {
/** @var IUserManager $manager */
/** @var IUserManager|PublicEmitter $manager */
private $manager;
/** @var ISession $session */
@ -156,7 +157,7 @@ class Session implements IUserSession, Emitter {
/**
* get the manager object
*
* @return Manager
* @return Manager|PublicEmitter
*/
public function getManager() {
return $this->manager;
@ -324,6 +325,41 @@ class Session implements IUserSession, Emitter {
return $this->loginWithPassword($uid, $password);
}
/**
* @param IUser $user
* @param array $loginDetails
* @return bool
* @throws LoginException
*/
public function completeLogin(IUser $user, array $loginDetails) {
if (!$user->isEnabled()) {
// disabled users can not log in
// injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory
$message = \OC::$server->getL10N('lib')->t('User disabled');
throw new LoginException($message);
}
$this->setUser($user);
$this->setLoginName($loginDetails['loginName']);
if(isset($loginDetails['token']) && $loginDetails['token'] instanceof IToken) {
$this->setToken($loginDetails['token']->getId());
\OC::$server->getLockdownManager()->setToken($loginDetails['token']);
$firstTimeLogin = false;
} else {
$this->setToken(null);
$firstTimeLogin = $user->updateLastLoginTimestamp();
}
$this->manager->emit('\OC\User', 'postLogin', [$user, $loginDetails['password']]);
if($this->isLoggedIn()) {
$this->prepareUserLogin($firstTimeLogin);
return true;
} else {
$message = \OC::$server->getL10N('lib')->t('Login canceled by app');
throw new LoginException($message);
}
}
/**
* Tries to log in a client
*
@ -498,25 +534,7 @@ class Session implements IUserSession, Emitter {
return false;
}
if ($user->isEnabled()) {
$this->setUser($user);
$this->setLoginName($uid);
$this->setToken(null);
$firstTimeLogin = $user->updateLastLoginTimestamp();
$this->manager->emit('\OC\User', 'postLogin', [$user, $password]);
if ($this->isLoggedIn()) {
$this->prepareUserLogin($firstTimeLogin);
return true;
} else {
// injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory
$message = \OC::$server->getL10N('lib')->t('Login canceled by app');
throw new LoginException($message);
}
} else {
// injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory
$message = \OC::$server->getL10N('lib')->t('User disabled');
throw new LoginException($message);
}
return $this->completeLogin($user, ['loginName' => $uid, 'password' => $password]);
}
/**
@ -547,29 +565,8 @@ class Session implements IUserSession, Emitter {
// user does not exist
return false;
}
if (!$user->isEnabled()) {
// disabled users can not log in
// injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory
$message = \OC::$server->getL10N('lib')->t('User disabled');
throw new LoginException($message);
}
//login
$this->setUser($user);
$this->setLoginName($dbToken->getLoginName());
$this->setToken($dbToken->getId());
$this->lockdownManager->setToken($dbToken);
$this->manager->emit('\OC\User', 'postLogin', array($user, $password));
if ($this->isLoggedIn()) {
$this->prepareUserLogin(false); // token login cant be the first
} else {
// injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory
$message = \OC::$server->getL10N('lib')->t('Login canceled by app');
throw new LoginException($message);
}
return true;
return $this->completeLogin($user, ['loginName' => $uid, 'password' => $password, 'token' => $dbToken]);
}
/**

16
tests/Core/Controller/LoginControllerTest.php
View File

@ -362,8 +362,8 @@ class LoginControllerTest extends TestCase {
->method('checkPassword')
->will($this->returnValue($user));
$this->userSession->expects($this->once())
->method('login')
->with($loginName, $password);
->method('completeLogin')
->with($user, ['loginName' => $loginName, 'password' => $password]);
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user->getUID(), $loginName, $password, false);
@ -422,8 +422,8 @@ class LoginControllerTest extends TestCase {
->method('checkPassword')
->will($this->returnValue($user));
$this->userSession->expects($this->once())
->method('login')
->with($loginName, $password);
->method('completeLogin')
->with($user, ['loginName' => $loginName, 'password' => $password]);
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user->getUID(), $loginName, $password, true);
@ -606,8 +606,8 @@ class LoginControllerTest extends TestCase {
->method('checkPassword')
->will($this->returnValue($user));
$this->userSession->expects($this->once())
->method('login')
->with('john@doe.com', $password);
->method('completeLogin')
->with($user, ['loginName' => 'john@doe.com', 'password' => $password]);
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user->getUID(), 'john@doe.com', $password, false);
@ -673,8 +673,8 @@ class LoginControllerTest extends TestCase {
->method('checkPassword')
->will($this->returnValue($user));
$this->userSession->expects($this->once())
->method('login')
->with('john@doe.com', $password);
->method('completeLogin')
->with($user, ['loginName' => 'john@doe.com', 'password' => $password]);
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user->getUID(), 'john@doe.com', $password, false);

Write Preview
Loading…
Cancel
Save