New function "isAuthenticated"

This commit is contained in:
Michael 2019-09-28 18:09:11 +00:00
parent 89f02a1125
commit 83b00ef308
26 changed files with 64 additions and 48 deletions

View File

@ -365,7 +365,7 @@ function localize_item(&$item)
'network' => $item['author-network'], 'url' => $item['author-link']]; 'network' => $item['author-network'], 'url' => $item['author-link']];
// Only create a redirection to a magic link when logged in // Only create a redirection to a magic link when logged in
if (!empty($item['plink']) && (local_user() || remote_user())) { if (!empty($item['plink']) && Session::isAuthenticated()) {
$item['plink'] = Contact::magicLinkByContact($author, $item['plink']); $item['plink'] = Contact::magicLinkByContact($author, $item['plink']);
} }
} }

View File

@ -327,7 +327,7 @@ function drop_items(array $items)
{ {
$uid = 0; $uid = 0;
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return; return;
} }

View File

@ -27,7 +27,7 @@ use Friendica\Util\Temporal;
function cal_init(App $a) function cal_init(App $a)
{ {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.')); throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.'));
} }

View File

@ -29,7 +29,7 @@ function community_content(App $a, $update = 0)
{ {
$o = ''; $o = '';
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL); notice(L10n::t('Public access denied.') . EOL);
return; return;
} }

View File

@ -9,6 +9,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Module\Login; use Friendica\Module\Login;
use Friendica\Protocol\DFRN; use Friendica\Protocol\DFRN;
@ -49,7 +50,7 @@ function dfrn_poll_init(App $a)
$hidewall = false; $hidewall = false;
if (($dfrn_id === '') && empty($_POST['dfrn_id'])) { if (($dfrn_id === '') && empty($_POST['dfrn_id'])) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\ForbiddenException(); throw new \Friendica\Network\HTTPException\ForbiddenException();
} }

View File

@ -19,6 +19,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Group; use Friendica\Model\Group;
@ -592,7 +593,7 @@ function dfrn_request_content(App $a)
exit(); exit();
} else { } else {
// Normal web request. Display our user's introduction form. // Normal web request. Display our user's introduction form.
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
if (!Config::get('system', 'local_block')) { if (!Config::get('system', 'local_block')) {
notice(L10n::t('Public access denied.') . EOL); notice(L10n::t('Public access denied.') . EOL);
return; return;

View File

@ -32,7 +32,7 @@ function display_init(App $a)
Objects::rawContent(); Objects::rawContent();
} }
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return; return;
} }
@ -196,7 +196,7 @@ function display_fetchauthor($a, $item)
function display_content(App $a, $update = false, $update_uid = 0) function display_content(App $a, $update = false, $update_uid = 0)
{ {
if (Config::get('system','block_public') && !local_user() && !remote_user()) { if (Config::get('system','block_public') && !Session::isAuthenticated()) {
throw new HTTPException\ForbiddenException(L10n::t('Public access denied.')); throw new HTTPException\ForbiddenException(L10n::t('Public access denied.'));
} }

View File

@ -6,13 +6,14 @@ use Friendica\App;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
use Friendica\Model\User; use Friendica\Model\User;
function hcard_init(App $a) function hcard_init(App $a)
{ {
$blocked = Config::get('system', 'block_public') && !local_user() && !remote_user(); $blocked = Config::get('system', 'block_public') && !Session::isAuthenticated();
if ($a->argc > 1) { if ($a->argc > 1) {
$which = $a->argv[1]; $which = $a->argv[1];

View File

@ -25,6 +25,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker; use Friendica\Core\Worker;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Attach; use Friendica\Model\Attach;
@ -45,7 +46,7 @@ use Friendica\Worker\Delivery;
require_once 'include/items.php'; require_once 'include/items.php';
function item_post(App $a) { function item_post(App $a) {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return 0; return 0;
} }
@ -860,7 +861,7 @@ function item_post_return($baseurl, $api_source, $return_path)
function item_content(App $a) function item_content(App $a)
{ {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return; return;
} }

View File

@ -36,7 +36,7 @@ use Friendica\Util\XML;
function photos_init(App $a) { function photos_init(App $a) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return; return;
} }
@ -70,7 +70,7 @@ function photos_init(App $a) {
$albums = Photo::getAlbums($a->data['user']['uid']); $albums = Photo::getAlbums($a->data['user']['uid']);
$albums_visible = ((intval($a->data['user']['hidewall']) && !local_user() && !remote_user()) ? false : true); $albums_visible = ((intval($a->data['user']['hidewall']) && !Session::isAuthenticated()) ? false : true);
// add various encodings to the array so we can just loop through and pick them out in a template // add various encodings to the array so we can just loop through and pick them out in a template
$ret = ['success' => false]; $ret = ['success' => false];
@ -829,7 +829,7 @@ function photos_content(App $a)
// photos/name/image/xxxxx/edit // photos/name/image/xxxxx/edit
// photos/name/image/xxxxx/drop // photos/name/image/xxxxx/drop
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL); notice(L10n::t('Public access denied.') . EOL);
return; return;
} }

View File

@ -35,7 +35,7 @@ function redir_init(App $a) {
$contact_url = $contact['url']; $contact_url = $contact['url'];
if ((!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate. if (!Session::isAuthenticated() // Visitors (not logged in or not remotes) can't authenticate.
|| (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated. || (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated.
{ {
$a->redirect(defaults($url, $contact_url)); $a->redirect(defaults($url, $contact_url));
@ -74,17 +74,8 @@ function redir_init(App $a) {
} }
} }
// When the remote page does support OWA, then we enforce the use of it
$basepath = Contact::getBasepath($contact_url);
if (Strings::compareLink($basepath, System::baseUrl())) {
$use_magic = true;
} else {
$serverret = Network::curl($basepath . '/magic');
$use_magic = $serverret->isSuccess();
}
// Doing remote auth with dfrn. // Doing remote auth with dfrn.
if (local_user() && !$use_magic && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) { if (local_user() && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
$dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']); $dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']);
if ($contact['duplex'] && $contact['issued-id']) { if ($contact['duplex'] && $contact['issued-id']) {

View File

@ -11,6 +11,7 @@ use Friendica\Core\Cache;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Session;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Item; use Friendica\Model\Item;
@ -83,18 +84,18 @@ function search_init(App $a) {
} }
function search_content(App $a) { function search_content(App $a) {
if (Config::get('system','block_public') && !local_user() && !remote_user()) { if (Config::get('system','block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL); notice(L10n::t('Public access denied.') . EOL);
return; return;
} }
if (Config::get('system','local_search') && !local_user() && !remote_user()) { if (Config::get('system','local_search') && !Session::isAuthenticated()) {
$e = new \Friendica\Network\HTTPException\ForbiddenException(L10n::t("Only logged in users are permitted to perform a search.")); $e = new \Friendica\Network\HTTPException\ForbiddenException(L10n::t("Only logged in users are permitted to perform a search."));
$e->httpdesc = L10n::t("Public access denied."); $e->httpdesc = L10n::t("Public access denied.");
throw $e; throw $e;
} }
if (Config::get('system','permit_crawling') && !local_user() && !remote_user()) { if (Config::get('system','permit_crawling') && !Session::isAuthenticated()) {
// Default values: // Default values:
// 10 requests are "free", after the 11th only a call per minute is allowed // 10 requests are "free", after the 11th only a call per minute is allowed

View File

@ -15,7 +15,7 @@ use Friendica\Util\XML;
function subthread_content(App $a) { function subthread_content(App $a) {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return; return;
} }

View File

@ -7,6 +7,7 @@ use Friendica\Core\Hook;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker; use Friendica\Core\Worker;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Item; use Friendica\Model\Item;
@ -16,7 +17,7 @@ use Friendica\Worker\Delivery;
function tagger_content(App $a) { function tagger_content(App $a) {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return; return;
} }

View File

@ -23,7 +23,7 @@ use Friendica\Util\Security;
function videos_init(App $a) function videos_init(App $a)
{ {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return; return;
} }
@ -111,7 +111,7 @@ function videos_content(App $a)
// videos/name/video/xxxxx/edit // videos/name/video/xxxxx/edit
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
notice(L10n::t('Public access denied.') . EOL); notice(L10n::t('Public access denied.') . EOL);
return; return;
} }

View File

@ -149,7 +149,7 @@ class Nav
$nav['usermenu'] = []; $nav['usermenu'] = [];
$userinfo = null; $userinfo = null;
if (local_user() || remote_user()) { if (Session::isAuthenticated()) {
$nav['logout'] = ['logout', L10n::t('Logout'), '', L10n::t('End this session')]; $nav['logout'] = ['logout', L10n::t('Logout'), '', L10n::t('End this session')];
} else { } else {
$nav['login'] = ['login', L10n::t('Login'), ($a->module == 'login' ? 'selected' : ''), L10n::t('Sign in')]; $nav['login'] = ['login', L10n::t('Login'), ($a->module == 'login' ? 'selected' : ''), L10n::t('Sign in')];
@ -182,7 +182,7 @@ class Nav
$nav['home'] = [$homelink, L10n::t('Home'), '', L10n::t('Home Page')]; $nav['home'] = [$homelink, L10n::t('Home'), '', L10n::t('Home Page')];
} }
if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::OPEN && !local_user() && !remote_user()) { if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::OPEN && !Session::isAuthenticated()) {
$nav['register'] = ['register', L10n::t('Register'), '', L10n::t('Create an account')]; $nav['register'] = ['register', L10n::t('Register'), '', L10n::t('Create an account')];
} }

View File

@ -11,6 +11,7 @@ use Friendica\Content\Feature;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\GContact; use Friendica\Model\GContact;
use Friendica\Core\Session;
use Friendica\Util\Network; use Friendica\Util\Network;
/** /**
@ -333,7 +334,7 @@ class ACL extends BaseObject
*/ */
public static function contactAutocomplete($search, $mode, int $page = 1) public static function contactAutocomplete($search, $mode, int $page = 1)
{ {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
return []; return [];
} }

View File

@ -53,7 +53,7 @@ class Session
/** /**
* Retrieves a key from the session super global or the defaults if the key is missing or the value is falsy. * Retrieves a key from the session super global or the defaults if the key is missing or the value is falsy.
* *
* Handle the case where session_start() hasn't been called and the super global isn't available. * Handle the case where session_start() hasn't been called and the super global isn't available.
* *
* @param string $name * @param string $name
@ -255,4 +255,18 @@ class Session
} }
DBA::close($remote_contacts); DBA::close($remote_contacts);
} }
/**
* Returns if the current visitor is authenticated
*
* @return boolean "true" when visitor is either a local or remote user
*/
public static function isAuthenticated()
{
if (empty($_SESSION['authenticated'])) {
return false;
}
return $_SESSION['authenticated'];
}
} }

View File

@ -13,6 +13,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Session;
use Friendica\Core\Worker; use Friendica\Core\Worker;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Network\Probe; use Friendica\Network\Probe;
@ -2679,7 +2680,7 @@ class Contact extends BaseObject
*/ */
public static function magicLink($contact_url, $url = '') public static function magicLink($contact_url, $url = '')
{ {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url; return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
} }
@ -2725,7 +2726,7 @@ class Contact extends BaseObject
{ {
$destination = $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url']; $destination = $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url'];
if ((!local_user() && !remote_user()) || ($contact['network'] != Protocol::DFRN)) { if (!Session::isAuthenticated() || ($contact['network'] != Protocol::DFRN)) {
return $destination; return $destination;
} }

View File

@ -3029,7 +3029,7 @@ class Item extends BaseObject
*/ */
public static function performLike($item_id, $verb) public static function performLike($item_id, $verb)
{ {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return false; return false;
} }
@ -3428,7 +3428,7 @@ class Item extends BaseObject
} }
// Update the cached values if there is no "zrl=..." on the links. // Update the cached values if there is no "zrl=..." on the links.
$update = (!local_user() && !remote_user() && ($item["uid"] == 0)); $update = (!Session::isAuthenticated() && ($item["uid"] == 0));
// Or update it if the current viewer is the intented viewer. // Or update it if the current viewer is the intented viewer.
if (($item["uid"] == local_user()) && ($item["uid"] != 0)) { if (($item["uid"] == local_user()) && ($item["uid"] != 0)) {

View File

@ -215,7 +215,7 @@ class Profile
); );
} }
$block = ((Config::get('system', 'block_public') && !local_user() && !remote_user()) ? true : false); $block = ((Config::get('system', 'block_public') && !Session::isAuthenticated()) ? true : false);
/** /**
* @todo * @todo
@ -448,7 +448,7 @@ class Profile
$about = !empty($profile['about']) ? L10n::t('About:') : false; $about = !empty($profile['about']) ? L10n::t('About:') : false;
$xmpp = !empty($profile['xmpp']) ? L10n::t('XMPP:') : false; $xmpp = !empty($profile['xmpp']) ? L10n::t('XMPP:') : false;
if ((!empty($profile['hidewall']) || $block) && !local_user() && !remote_user()) { if ((!empty($profile['hidewall']) || $block) && !Session::isAuthenticated()) {
$location = $gender = $marital = $homepage = $about = false; $location = $gender = $marital = $homepage = $about = false;
} }

View File

@ -8,6 +8,7 @@ use Friendica\Content\Pager;
use Friendica\Content\Widget; use Friendica\Content\Widget;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Session;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
@ -25,8 +26,8 @@ class Directory extends BaseModule
$app = self::getApp(); $app = self::getApp();
$config = $app->getConfig(); $config = $app->getConfig();
if (($config->get('system', 'block_public') && !local_user() && !remote_user()) || if (($config->get('system', 'block_public') && !Session::isAuthenticated()) ||
($config->get('system', 'block_local_dir') && !local_user() && !remote_user())) { ($config->get('system', 'block_local_dir') && !Session::isAuthenticated())) {
throw new HTTPException\ForbiddenException(L10n::t('Public access denied.')); throw new HTTPException\ForbiddenException(L10n::t('Public access denied.'));
} }

View File

@ -4,6 +4,7 @@ namespace Friendica\Module;
use Friendica\BaseModule; use Friendica\BaseModule;
use Friendica\Model\Item; use Friendica\Model\Item;
use Friendica\Core\Session;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Util\Strings; use Friendica\Util\Strings;
@ -14,7 +15,7 @@ class Like extends BaseModule
{ {
public static function rawContent() public static function rawContent()
{ {
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
throw new HTTPException\ForbiddenException(); throw new HTTPException\ForbiddenException();
} }

View File

@ -10,6 +10,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
@ -19,7 +20,7 @@ class Contacts extends BaseModule
{ {
public static function content() public static function content()
{ {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
throw new \Friendica\Network\HTTPException\NotFoundException(L10n::t('User not found.')); throw new \Friendica\Network\HTTPException\NotFoundException(L10n::t('User not found.'));
} }

View File

@ -219,7 +219,7 @@ class Post extends BaseObject
$author = ['uid' => 0, 'id' => $item['author-id'], $author = ['uid' => 0, 'id' => $item['author-id'],
'network' => $item['author-network'], 'url' => $item['author-link']]; 'network' => $item['author-network'], 'url' => $item['author-link']];
if (local_user() || remote_user()) { if (Session::isAuthenticated()) {
$profile_link = Contact::magicLinkByContact($author); $profile_link = Contact::magicLinkByContact($author);
} else { } else {
$profile_link = $item['author-link']; $profile_link = $item['author-link'];

View File

@ -21,7 +21,7 @@ class Security extends BaseObject
{ {
static $verified = 0; static $verified = 0;
if (!local_user() && !remote_user()) { if (!Session::isAuthenticated()) {
return false; return false;
} }