2a4dc77a63
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq) If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV! This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class) Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
155 lines
4.9 KiB
PHP
155 lines
4.9 KiB
PHP
<?php
|
|
/**
|
|
* StatusNet, the distributed open-source microblogging tool
|
|
*
|
|
* Allow one-time password login
|
|
*
|
|
* PHP version 5
|
|
*
|
|
* LICENCE: This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
* @category Login
|
|
* @package StatusNet
|
|
* @author Evan Prodromou <evan@status.net>
|
|
* @copyright 2010 StatusNet, Inc.
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
|
|
* @link http://status.net/
|
|
*/
|
|
|
|
if (!defined('STATUSNET')) {
|
|
exit(1);
|
|
}
|
|
|
|
/**
|
|
* Allow one-time password login
|
|
*
|
|
* This action will automatically log in the user identified by the user_id
|
|
* parameter. A login_token record must be constructed beforehand, typically
|
|
* by code where the user is already authenticated.
|
|
*
|
|
* @category Login
|
|
* @package StatusNet
|
|
* @author Evan Prodromou <evan@status.net>
|
|
* @copyright 2010 StatusNet, Inc.
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
|
|
* @link http://status.net/
|
|
*/
|
|
class OtpAction extends Action
|
|
{
|
|
var $user;
|
|
var $token;
|
|
var $rememberme;
|
|
var $returnto;
|
|
var $lt;
|
|
|
|
function prepare($args)
|
|
{
|
|
parent::prepare($args);
|
|
|
|
if (common_is_real_login()) {
|
|
// TRANS: Client error displayed trying to use "one time password login" when already logged in.
|
|
$this->clientError(_('Already logged in.'));
|
|
return false;
|
|
}
|
|
|
|
$id = $this->trimmed('user_id');
|
|
|
|
if (empty($id)) {
|
|
// TRANS: Client error displayed trying to use "one time password login" without specifying a user.
|
|
$this->clientError(_('No user ID specified.'));
|
|
return false;
|
|
}
|
|
|
|
$this->user = User::getKV('id', $id);
|
|
|
|
if (empty($this->user)) {
|
|
// TRANS: Client error displayed trying to use "one time password login" without using an existing user.
|
|
$this->clientError(_('No such user.'));
|
|
return false;
|
|
}
|
|
|
|
$this->token = $this->trimmed('token');
|
|
|
|
if (empty($this->token)) {
|
|
// TRANS: Client error displayed trying to use "one time password login" without specifying a login token.
|
|
$this->clientError(_('No login token specified.'));
|
|
return false;
|
|
}
|
|
|
|
$this->lt = Login_token::getKV('user_id', $id);
|
|
|
|
if (empty($this->lt)) {
|
|
// TRANS: Client error displayed trying to use "one time password login" without requesting a login token.
|
|
$this->clientError(_('No login token requested.'));
|
|
return false;
|
|
}
|
|
|
|
if ($this->lt->token != $this->token) {
|
|
// TRANS: Client error displayed trying to use "one time password login" while specifying an invalid login token.
|
|
$this->clientError(_('Invalid login token specified.'));
|
|
return false;
|
|
}
|
|
|
|
if ($this->lt->modified > time() + Login_token::TIMEOUT) {
|
|
//token has expired
|
|
//delete the token as it is useless
|
|
$this->lt->delete();
|
|
$this->lt = null;
|
|
// TRANS: Client error displayed trying to use "one time password login" while specifying an expired login token.
|
|
$this->clientError(_('Login token expired.'));
|
|
return false;
|
|
}
|
|
|
|
$this->rememberme = $this->boolean('rememberme');
|
|
$this->returnto = $this->trimmed('returnto');
|
|
|
|
return true;
|
|
}
|
|
|
|
function handle($args)
|
|
{
|
|
parent::handle($args);
|
|
|
|
// success!
|
|
if (!common_set_user($this->user)) {
|
|
// TRANS: Server error displayed when a user object could not be created trying to login using "one time password login".
|
|
$this->serverError(_('Error setting user. You are probably not authorized.'));
|
|
return;
|
|
}
|
|
|
|
// We're now logged in; disable the lt
|
|
|
|
$this->lt->delete();
|
|
$this->lt = null;
|
|
|
|
common_real_login(true);
|
|
|
|
if ($this->rememberme) {
|
|
common_rememberme($this->user);
|
|
}
|
|
|
|
if (!empty($this->returnto)) {
|
|
$url = $this->returnto;
|
|
// We don't have to return to it again
|
|
common_set_returnto(null);
|
|
} else {
|
|
$url = common_local_url('all',
|
|
array('nickname' =>
|
|
$this->user->nickname));
|
|
}
|
|
|
|
common_redirect($url, 303);
|
|
}
|
|
}
|