authentication: manage the session only if the authentication page is required.
Do not set a session cookie if the user don't need to be authenticated git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@4260 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
@@ -84,6 +84,8 @@ class authentication
|
|||||||
*/
|
*/
|
||||||
public function logout ($url = "")
|
public function logout ($url = "")
|
||||||
{
|
{
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
if ($this->debug) echo "<pre>LOGOUT\n";
|
if ($this->debug) echo "<pre>LOGOUT\n";
|
||||||
$authsession = new \authsession ();
|
$authsession = new \authsession ();
|
||||||
$param = $authsession->getdetails ();
|
$param = $authsession->getdetails ();
|
||||||
@@ -112,6 +114,8 @@ class authentication
|
|||||||
public function pageHTML ($url = "")
|
public function pageHTML ($url = "")
|
||||||
{
|
{
|
||||||
// If the user is already connected, redirect to the main page of the site
|
// If the user is already connected, redirect to the main page of the site
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
$auth = new \auth ();
|
$auth = new \auth ();
|
||||||
$pre = new \authparams (array ("session"));
|
$pre = new \authparams (array ("session"));
|
||||||
if (isset ($_SESSION["domframework"]["authentication"]["message"]))
|
if (isset ($_SESSION["domframework"]["authentication"]["message"]))
|
||||||
@@ -134,6 +138,9 @@ class authentication
|
|||||||
*/
|
*/
|
||||||
public function verifAuthLoginPage ($url = "")
|
public function verifAuthLoginPage ($url = "")
|
||||||
{
|
{
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
|
if ($this->debug) echo "Call verifAuthLoginPage ($url) : Start\n";
|
||||||
// rate-limit the connections
|
// rate-limit the connections
|
||||||
$ratelimiter = new \ratelimitfile ();
|
$ratelimiter = new \ratelimitfile ();
|
||||||
// 3 connections by minutes
|
// 3 connections by minutes
|
||||||
@@ -145,6 +152,7 @@ class authentication
|
|||||||
$ipClient = $_SERVER["REMOTE_ADDR"];
|
$ipClient = $_SERVER["REMOTE_ADDR"];
|
||||||
if ($ratelimiter->set ("loggin-$ipClient") === false)
|
if ($ratelimiter->set ("loggin-$ipClient") === false)
|
||||||
{
|
{
|
||||||
|
if ($this->debug) echo "Call verifAuthLoginPage ($url) : Ratelimit\n";
|
||||||
call_user_func ($this->loggingFunc,
|
call_user_func ($this->loggingFunc,
|
||||||
LOG_WARNING,
|
LOG_WARNING,
|
||||||
"Ratelimiting for $ipClient");
|
"Ratelimiting for $ipClient");
|
||||||
@@ -163,6 +171,7 @@ class authentication
|
|||||||
$res = $this->verifAuth ($authparams->email, $authparams->password);
|
$res = $this->verifAuth ($authparams->email, $authparams->password);
|
||||||
if (! is_array ($res))
|
if (! is_array ($res))
|
||||||
{
|
{
|
||||||
|
if ($this->debug) echo "Call verifAuthLoginPage ($url) : ERROR\n";
|
||||||
// Authentication error
|
// Authentication error
|
||||||
// Redirect to login page after logout
|
// Redirect to login page after logout
|
||||||
call_user_func ($this->loggingFunc,
|
call_user_func ($this->loggingFunc,
|
||||||
@@ -183,6 +192,7 @@ class authentication
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Login OK : save in SESSION and go to main page
|
// Login OK : save in SESSION and go to main page
|
||||||
|
if ($this->debug) echo "Call verifAuthLoginPage ($url) : USER OK\n";
|
||||||
call_user_func ($this->loggingFunc,
|
call_user_func ($this->loggingFunc,
|
||||||
LOG_NOTICE,
|
LOG_NOTICE,
|
||||||
"Logging in for '$authparams->email'");
|
"Logging in for '$authparams->email'");
|
||||||
@@ -229,6 +239,8 @@ class authentication
|
|||||||
*/
|
*/
|
||||||
public function verifAuthHTML ()
|
public function verifAuthHTML ()
|
||||||
{
|
{
|
||||||
|
// Do not force the session_start ! We don't want the cookie on all the
|
||||||
|
// pages
|
||||||
if ($this->debug)
|
if ($this->debug)
|
||||||
echo "=== entering verifAuthHTML (htmlMethods=".
|
echo "=== entering verifAuthHTML (htmlMethods=".
|
||||||
print_r ($this->htmlMethods, true).")\n";
|
print_r ($this->htmlMethods, true).")\n";
|
||||||
@@ -353,6 +365,8 @@ class authentication
|
|||||||
$this->route
|
$this->route
|
||||||
->get ("authentication/logout({url})?", function ($url) use ($authObj)
|
->get ("authentication/logout({url})?", function ($url) use ($authObj)
|
||||||
{
|
{
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
$authObj->logout ($url);
|
$authObj->logout ($url);
|
||||||
})
|
})
|
||||||
|
|
||||||
@@ -363,12 +377,16 @@ class authentication
|
|||||||
|
|
||||||
->get ("authentication/({url})?", function ($url) use ($authObj)
|
->get ("authentication/({url})?", function ($url) use ($authObj)
|
||||||
{
|
{
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
$authObj->pageHTML ($url);
|
$authObj->pageHTML ($url);
|
||||||
exit;
|
exit;
|
||||||
})
|
})
|
||||||
|
|
||||||
->post ("authentication/({url})?", function ($url) use ($authObj)
|
->post ("authentication/({url})?", function ($url) use ($authObj)
|
||||||
{
|
{
|
||||||
|
if (! isset ($_SESSION))
|
||||||
|
session_start ();
|
||||||
$authObj->verifAuthLoginPage ($url);
|
$authObj->verifAuthLoginPage ($url);
|
||||||
exit;
|
exit;
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user