diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 01:08:05 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 01:08:05 +0200 |
| commit | e299c241df23770efbb6f5c833d77edcdeed7410 (patch) | |
| tree | 078ed78eb927b4b05d80b8b06f318d4b306e9596 /lib | |
| parent | c85c35dfae8fa7135d42c905f955ff71af849b6a (diff) | |
| download | nextcloud-server-e299c241df23770efbb6f5c833d77edcdeed7410.tar.gz nextcloud-server-e299c241df23770efbb6f5c833d77edcdeed7410.zip | |
Make enhanced auth configurable
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/json.php | 10 | ||||
| -rwxr-xr-x | lib/util.php | 26 |
2 files changed, 21 insertions, 15 deletions
diff --git a/lib/json.php b/lib/json.php index b828f35f345..cc504907261 100644 --- a/lib/json.php +++ b/lib/json.php @@ -83,10 +83,12 @@ class OC_JSON{ * Check if the user verified the login with his password */ public static function verifyUser() { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - $l = OC_L10N::get('lib'); - self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); - exit(); + if(OC_Config::getValue('enhancedauth', true) === true) { + if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { + $l = OC_L10N::get('lib'); + self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); + exit(); + } } } diff --git a/lib/util.php b/lib/util.php index 873562cbc1f..5771b89f265 100755 --- a/lib/util.php +++ b/lib/util.php @@ -391,17 +391,19 @@ class OC_Util { * If not, the user will be shown a password verification page */ public static function verifyUser() { - // Check password to set session - if(isset($_POST['password'])) { - if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { - $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60); + if(OC_Config::getValue('enhancedauth', true) === true) { + // Check password to set session + if(isset($_POST['password'])) { + if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { + $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60); + } } - } // Check if the user verified his password - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); - exit(); + if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { + OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); + exit(); + } } } @@ -410,10 +412,12 @@ class OC_Util { * @return bool */ public static function isUserVerified() { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - return false; + if(OC_Config::getValue('enhancedauth', true) === true) { + if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { + return false; + } + return true; } - return true; } /** |