diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 01:02:03 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 01:02:03 +0200 |
| commit | 6f2e8788ca7cc8edb677b8596f39c90c3f13be77 (patch) | |
| tree | e8db9173ff68a359d015349f0d744ab48c4f87c3 | |
| parent | f4142bd2a8508577ca0abc1f6d84b59dc6de26e5 (diff) | |
| download | nextcloud-server-6f2e8788ca7cc8edb677b8596f39c90c3f13be77.tar.gz nextcloud-server-6f2e8788ca7cc8edb677b8596f39c90c3f13be77.zip | |
Make enhanced auth time configurable
| -rw-r--r-- | config/config.sample.php | 3 | ||||
| -rw-r--r-- | lib/json.php | 3 | ||||
| -rw-r--r-- | lib/setup.php | 3 | ||||
| -rwxr-xr-x | lib/util.php | 7 |
4 files changed, 10 insertions, 6 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 09eb6053c24..762633c7832 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -30,6 +30,9 @@ $CONFIG = array( /* Force use of HTTPS connection (true = use HTTPS) */ "forcessl" => false, +/* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/ +"enhancedauthtime" => 15 * 60, + /* Theme to use for ownCloud */ "theme" => "", diff --git a/lib/json.php b/lib/json.php index 3e55f618430..b828f35f345 100644 --- a/lib/json.php +++ b/lib/json.php @@ -80,10 +80,9 @@ class OC_JSON{ } /** - * Check if the user verified the login with his password in the last 15 minutes + * Check if the user verified the login with his password */ public static function verifyUser() { - // Check if the user verified his password in the last 15 minutes if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); diff --git a/lib/setup.php b/lib/setup.php index 716b0ef063d..2ac91482e54 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -391,6 +391,9 @@ class OC_Setup { self::createHtaccess(); } + // Set the admin auth time + OC_Config::setValue('enhancedauthtime', 15 * 60); + //and we are done OC_Config::setValue('installed', true); } diff --git a/lib/util.php b/lib/util.php index ba2a02922a5..58d784057ac 100755 --- a/lib/util.php +++ b/lib/util.php @@ -394,11 +394,11 @@ class OC_Util { // Check password to set session if(isset($_POST['password'])) { if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { - $_SESSION['verifiedLogin']=time() + (15 * 60); + $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime'); } } - // Check if the user verified his password in the last 15 minutes + // Check if the user verified his password if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); exit(); @@ -406,11 +406,10 @@ class OC_Util { } /** - * Check if the user verified the login with his password in the last 15 minutes + * Check if the user verified the login with his password * @return bool */ public static function isUserVerified() { - // Check if the user verified his password in the last 15 minutes if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { return false; } |