YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

[fix] Refresh ldap info before loading page that requires it, fixes #633

Browse source
This commit is contained in:
Julien Malik 2016-11-15 15:49:53 +01:00 committed by opi
parent 0823062e30
commit fd3338de99
1 changed files with 26 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
helpers.lua
View file

@ -274,12 +274,25 @@ function authenticate(user, password)
end end
end end
function delete_user_info_cache(user)
cache:delete(user.."-"..conf["ldap_identifier"])
local i = 2
while cache:get(user.."-mail|"..i) do
cache:delete(user.."-mail|"..i)
i = i + 1
end
local i = 2
while cache:get(user.."-maildrop|"..i) do
cache:delete(user.."-maildrop|"..i)
i = i + 1
end
end
-- Set the authentication headers in order to pass credentials to the -- Set the authentication headers in order to pass credentials to the
-- application underneath. -- application underneath.
function set_headers(user) function set_headers(user)
-- We definetly don't want to pass credential on a non-encrypted -- We definitely don't want to pass credentials on a non-encrypted
-- connection. -- connection.
if ngx.var.scheme ~= "https" then if ngx.var.scheme ~= "https" then
return redirect("https://"..ngx.var.host..ngx.var.uri..uri_args_string()) return redirect("https://"..ngx.var.host..ngx.var.uri..uri_args_string())
@ -287,7 +300,7 @@ function set_headers(user)
local user = user or authUser local user = user or authUser
-- If the password is not in cache of if the cache has expired, ask for -- If the password is not in cache or if the cache has expired, ask for
-- logging. -- logging.
if not cache:get(user.."-password") then if not cache:get(user.."-password") then
flash("info", t("please_login")) flash("info", t("please_login"))
@ -471,6 +484,16 @@ function get_data_for(view)
or view == "edit.html" or view == "edit.html"
or view == "password.html" or view == "password.html"
or view == "ynhpanel.json" then or view == "ynhpanel.json" then
-- Invalidate cache before loading these views.
-- Needed if the LDAP db is changed outside ssowat (from the cli for example).
-- Not doing it for ynhpanel.json only for performance reasons,
-- so the panel could show wrong first name, last name or main email address
if view ~= "ynhpanel.json" then
delete_user_info_cache(user)
end
-- Be sure cache is loaded
set_headers(user) set_headers(user)
local mails = get_mails(user) local mails = get_mails(user)
@ -738,21 +761,7 @@ function edit_user()
mail = mails, mail = mails,
maildrop = drops }) maildrop = drops })
then then
delete_user_info_cache(user)
-- Then delete the cached information for the specific
-- user.
cache:delete(user.."-"..conf["ldap_identifier"])
local i = 2
while cache:get(user.."-mail|"..i) do
cache:delete(user.."-mail|"..i)
i = i + 1
end
local i = 2
while cache:get(user.."-maildrop|"..i) do
cache:delete(user.."-maildrop|"..i)
i = i + 1
end
-- Ugly trick to force cache reloading -- Ugly trick to force cache reloading
set_headers(user) set_headers(user)
flash("win", t("information_updated")) flash("win", t("information_updated"))