diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-10-15 16:14:24 +0200 |
|---|---|---|
| committer | Daniel Molkentin <daniel@molkentin.de> | 2012-10-15 17:42:38 +0200 |
| commit | d33bec09fe1da810f0a7f60d9b6a61e513ce0b2f (patch) | |
| tree | 5b801b95a64ca9b76abe6de76290d88ed30001e3 | |
| parent | 800fd5fd798567d899b1559ca3e91dc15212d027 (diff) | |
| download | nextcloud-server-d33bec09fe1da810f0a7f60d9b6a61e513ce0b2f.tar.gz nextcloud-server-d33bec09fe1da810f0a7f60d9b6a61e513ce0b2f.zip | |
Verify password page for users
| -rw-r--r-- | core/templates/verify.php | 18 | ||||
| -rwxr-xr-x | lib/util.php | 19 |
2 files changed, 37 insertions, 0 deletions
diff --git a/core/templates/verify.php b/core/templates/verify.php new file mode 100644 index 00000000000..7be0d69ed00 --- /dev/null +++ b/core/templates/verify.php @@ -0,0 +1,18 @@ +<form method="post"> + <fieldset> + <ul> + <li class="errors"> + <?php echo $l->t('Security Warning!'); ?><br> + <small><?php echo $l->t("Please verify your password. <br/>For security reasons you may be occasionally asked to enter your password again. "); ?></small> + </li> + </ul> + <p class="infield"> + <input type="text" value="<?php echo $_['username']; ?>" disabled="disabled" /> + </p> + <p class="infield"> + <label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label> + <input type="password" name="password" id="password" value="" required /> + </p> + <input type="submit" id="submit" class="login" value="<?php echo $l->t( 'Verify' ); ?>" /> + </fieldset> +</form> diff --git a/lib/util.php b/lib/util.php index 9a3bf162062..b92f97b0375 100755 --- a/lib/util.php +++ b/lib/util.php @@ -361,6 +361,7 @@ class OC_Util { public static function checkAdminUser() { // Check if we are a user self::checkLoggedIn(); + self::verifyUser(); if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); @@ -374,6 +375,7 @@ class OC_Util { public static function checkSubAdminUser() { // Check if we are a user self::checkLoggedIn(); + self::verifyUser(); if(OC_Group::inGroup(OC_User::getUser(),'admin')) { return true; } @@ -385,6 +387,23 @@ class OC_Util { } /** + * Check if the user verified the login with his password in the last 15 minutes + * If not, the user will be shown a password verification page + */ + public static function verifyUser() { + // Check password to set session + if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { + $_SESSION['verifiedLogin']=time() + (15 * 60); + } + + // Check if the user verified his password in the last 15 minutes + if($_SESSION['verifiedLogin'] < time() OR !isset($_SESSION['verifiedLogin'])) { + OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); + exit(); + } + } + + /** * Redirect to the user default page */ public static function redirectToDefaultPage() { |