$sessionUser = self::$session->get('user_id');
$serverUser = $_SERVER['PHP_AUTH_USER'];
OC_Log::write('core',
- "Session user-id doesn't match PHP_AUTH_USER. SESSION[user_id]: $sessionUser; SERVER[PHP_AUTH_USER]: $serverUser.",
+ "Session user-id ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
OC_Log::WARN);
OC_User::logout();
}
elseif (OC::tryRememberLogin()) {
$error[] = 'invalidcookie';
}
- // Someone wants to log in :
+ // logon via web form
elseif (OC::tryFormLogin()) {
$error[] = 'invalidpassword';
}
/**
* @brief Try to login a user, assuming authentication
- * has already happened (e.g. via SSO).
+ * has already happened (e.g. via Single Sign On).
*
* Log in a user and regenerate a new session.
+ *
+ * @param \OCP\ApacheBackend $backend
+ * @return bool
*/
public static function loginWithApache(\OCP\ApacheBackend $backend) {
/**
* @brief Verify with Apache whether user is authenticated.
*
- * @return boolean|null true: authenticated - false: not authenticated
+ * @return boolean|null
+ * true: authenticated
+ * false: not authenticated
+ * null: not handled / no backend available
*/
public static function handleApacheAuth() {
foreach (self::$_usedBackends as $backend) {
}
/**
- * Supplies an attribute to the logout hyperlink. The default behaviuour
+ * Supplies an attribute to the logout hyperlink. The default behaviour
* is to return an href with '?logout=true' appended. However, it can
* supply any attribute(s) which are valid for <a>.
*
- * @return String with one or more HTML attributes.
+ * @return string with one or more HTML attributes.
*/
public static function getLogoutAttribute() {
foreach (self::$_usedBackends as $backend) {
projects / nextcloud-server.git / commitdiff