Replace duplicated authentication code in FKOAuth1 with Session::setAuthenticatedForUser
This commit is contained in:
parent
7959b9bbed
commit
cb4950a3be
|
@ -162,6 +162,7 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
|
||||||
* @brief Login API user
|
* @brief Login API user
|
||||||
*
|
*
|
||||||
* @param App $a App
|
* @param App $a App
|
||||||
|
* @throws ForbiddenException
|
||||||
* @throws InternalServerErrorException
|
* @throws InternalServerErrorException
|
||||||
* @throws UnauthorizedException
|
* @throws UnauthorizedException
|
||||||
* @hook 'authenticate'
|
* @hook 'authenticate'
|
||||||
|
@ -170,8 +171,6 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
|
||||||
* 'password' => password from login form
|
* 'password' => password from login form
|
||||||
* 'authenticated' => return status,
|
* 'authenticated' => return status,
|
||||||
* 'user_record' => return authenticated user record
|
* 'user_record' => return authenticated user record
|
||||||
* @hook 'logged_in'
|
|
||||||
* array $user logged user record
|
|
||||||
*/
|
*/
|
||||||
function api_login(App $a)
|
function api_login(App $a)
|
||||||
{
|
{
|
||||||
|
@ -182,7 +181,7 @@ function api_login(App $a)
|
||||||
list($consumer, $token) = $oauth1->verify_request($request);
|
list($consumer, $token) = $oauth1->verify_request($request);
|
||||||
if (!is_null($token)) {
|
if (!is_null($token)) {
|
||||||
$oauth1->loginUser($token->uid);
|
$oauth1->loginUser($token->uid);
|
||||||
Hook::callAll('logged_in', $a->user);
|
Session::set('allow_api', true);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";
|
echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";
|
||||||
|
|
|
@ -4,12 +4,10 @@
|
||||||
*/
|
*/
|
||||||
namespace Friendica\Network;
|
namespace Friendica\Network;
|
||||||
|
|
||||||
use Friendica\Core\Hook;
|
use Friendica\BaseObject;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
use Friendica\Core\PConfig;
|
use Friendica\Core\Session;
|
||||||
use Friendica\Core\System;
|
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Util\DateTimeFormat;
|
|
||||||
use OAuthServer;
|
use OAuthServer;
|
||||||
use OAuthSignatureMethod_HMAC_SHA1;
|
use OAuthSignatureMethod_HMAC_SHA1;
|
||||||
use OAuthSignatureMethod_PLAINTEXT;
|
use OAuthSignatureMethod_PLAINTEXT;
|
||||||
|
@ -32,12 +30,13 @@ class FKOAuth1 extends OAuthServer
|
||||||
/**
|
/**
|
||||||
* @param string $uid user id
|
* @param string $uid user id
|
||||||
* @return void
|
* @return void
|
||||||
|
* @throws HTTPException\ForbiddenException
|
||||||
* @throws HTTPException\InternalServerErrorException
|
* @throws HTTPException\InternalServerErrorException
|
||||||
*/
|
*/
|
||||||
public function loginUser($uid)
|
public function loginUser($uid)
|
||||||
{
|
{
|
||||||
Logger::log("FKOAuth1::loginUser $uid");
|
Logger::log("FKOAuth1::loginUser $uid");
|
||||||
$a = \get_app();
|
$a = BaseObject::getApp();
|
||||||
$record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);
|
$record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);
|
||||||
|
|
||||||
if (!DBA::isResult($record)) {
|
if (!DBA::isResult($record)) {
|
||||||
|
@ -45,31 +44,7 @@ class FKOAuth1 extends OAuthServer
|
||||||
header('HTTP/1.0 401 Unauthorized');
|
header('HTTP/1.0 401 Unauthorized');
|
||||||
die('This api requires login');
|
die('This api requires login');
|
||||||
}
|
}
|
||||||
$_SESSION['uid'] = $record['uid'];
|
|
||||||
$_SESSION['theme'] = $record['theme'];
|
|
||||||
$_SESSION['mobile-theme'] = PConfig::get($record['uid'], 'system', 'mobile_theme');
|
|
||||||
$_SESSION['authenticated'] = 1;
|
|
||||||
$_SESSION['page_flags'] = $record['page-flags'];
|
|
||||||
$_SESSION['my_url'] = System::baseUrl() . '/profile/' . $record['nickname'];
|
|
||||||
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
|
|
||||||
$_SESSION["allow_api"] = true;
|
|
||||||
|
|
||||||
$a->user = $record;
|
Session::setAuthenticatedForUser($a, $record, true);
|
||||||
|
|
||||||
if (strlen($a->user['timezone'])) {
|
|
||||||
date_default_timezone_set($a->user['timezone']);
|
|
||||||
$a->timezone = $a->user['timezone'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$contact = DBA::selectFirst('contact', [], ['uid' => $_SESSION['uid'], 'self' => 1]);
|
|
||||||
if (DBA::isResult($contact)) {
|
|
||||||
$a->contact = $contact;
|
|
||||||
$a->cid = $contact['id'];
|
|
||||||
$_SESSION['cid'] = $a->cid;
|
|
||||||
}
|
|
||||||
|
|
||||||
DBA::update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $_SESSION['uid']]);
|
|
||||||
|
|
||||||
Hook::callAll('logged_in', $a->user);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user