mirror of
https://github.com/YunoHost-Apps/shaarli_ynh.git
synced 2024-09-03 20:26:10 +02:00
use ynh sso instead of custom login mechanism
This commit is contained in:
Julien Malik
parent
afcbf84762
commit
aa19a8a5aa
2 changed files with 48 additions and 2 deletions
|
|
@ -399,6 +399,10 @@ function ban_canLogin()
|
|||
return true; // User is not banned.
|
||||
}
|
||||
|
||||
/*
|
||||
* Don't use the default Shaarli login mechanism.
|
||||
* Rely on Yunohost SSO providing auth credentials to identify logged in users
|
||||
*
|
||||
// ------------------------------------------------------------------------------------------
|
||||
// Process login form: Check if login/password is correct.
|
||||
if (isset($_POST['login']))
|
||||
|
|
@ -442,6 +446,48 @@ if (isset($_POST['login']))
|
|||
exit;
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
/*
|
||||
* If user initiated its session while logged in SSO,
|
||||
* then loggued out of SSO, then log out from Shaarli too
|
||||
*/
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']))
|
||||
{
|
||||
logout();
|
||||
}
|
||||
|
||||
/*
|
||||
* If user initiated its session while logged in SSO,
|
||||
* then loggued out of SSO,
|
||||
* and a different user loggued in to SSO,
|
||||
* then reset session
|
||||
*/
|
||||
if (isLoggedIn() && isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['username'])
|
||||
{
|
||||
logout();
|
||||
}
|
||||
|
||||
/*
|
||||
* If user is not yet loggued in to Shaarli, but loggued in to SSO,
|
||||
* then initiate a Shaarli session
|
||||
* TODO : longlastingsession not handled yet
|
||||
*/
|
||||
if (!isLoggedIn() && isset($_SERVER['PHP_AUTH_USER']))
|
||||
{
|
||||
// Standard session expiration (=when browser closes)
|
||||
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
|
||||
session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
|
||||
session_regenerate_id(true);
|
||||
|
||||
// Login/password is correct.
|
||||
$_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // generate unique random number (different than phpsessionid)
|
||||
$_SESSION['ip'] = allIPs(); // We store IP address(es) of the client to make sure session is not hijacked.
|
||||
$_SESSION['username'] = $_SERVER['PHP_AUTH_USER'];
|
||||
$_SESSION['level'] = $GLOBALS['level'][$_SESSION['username']];
|
||||
$_SESSION['email'] = $GLOBALS['email'][$_SESSION['username']];
|
||||
$_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration.
|
||||
}
|
||||
|
||||
// ------------------------------------------------------------------------------------------
|
||||
// Misc utility functions:
|
||||
|
|
|
|||
|
|
@ -9,11 +9,11 @@
|
|||
{else}
|
||||
<a href="?" class="nomobile">Home</a>
|
||||
{if="isLoggedIn()"}
|
||||
<a href="?do=logout">Logout <i>({$currentUser})</i></a><a href="?do=tools">Tools</a><a href="?do=addlink"><b>Add link</b></a>
|
||||
<a href="?">Logged in as <i>{$currentUser}</i></a><a href="?do=tools">Tools</a><a href="?do=addlink"><b>Add link</b></a>
|
||||
{elseif="$GLOBALS['config']['OPEN_SHAARLI']"}
|
||||
<a href="?do=tools">Tools</a><a href="?do=addlink"><b>Add link</b></a>
|
||||
{else}
|
||||
<a href="?do=login">Login</a>
|
||||
<!-- <a href="?do=login">Login</a> -->
|
||||
{/if}
|
||||
<a href="{$feedurl}?do=rss{$searchcrits}" class="nomobile">RSS Feed</a>
|
||||
<a href="{$feedurl}?do=atom{$searchcrits}" style="padding-left:10px;" class="nomobile">ATOM Feed</a>
|
||||
|
|
|
|||
Loading…
Reference in a new issue