diff options
Diffstat (limited to 'lib/private/Authentication/Token/DefaultTokenProvider.php')
| -rw-r--r-- | lib/private/Authentication/Token/DefaultTokenProvider.php | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index b0fbeb9b47e..af1d600e4c3 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -73,9 +73,10 @@ class DefaultTokenProvider implements IProvider { * @param string|null $password * @param string $name * @param int $type token type + * @param int $remember whether the session token should be used for remember-me * @return IToken */ - public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN) { + public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER) { $dbToken = new DefaultToken(); $dbToken->setUid($uid); $dbToken->setLoginName($loginName); @@ -85,6 +86,7 @@ class DefaultTokenProvider implements IProvider { $dbToken->setName($name); $dbToken->setToken($this->hashToken($token)); $dbToken->setType($type); + $dbToken->setRemember($remember); $dbToken->setLastActivity($this->time->getTime()); $this->mapper->insert($dbToken); @@ -152,6 +154,27 @@ class DefaultTokenProvider implements IProvider { } /** + * @param string $oldSessionId + * @param string $sessionId + */ + public function renewSessionToken($oldSessionId, $sessionId) { + $token = $this->getToken($oldSessionId); + + $newToken = new DefaultToken(); + $newToken->setUid($token->getUID()); + $newToken->setLoginName($token->getLoginName()); + if (!is_null($token->getPassword())) { + $password = $this->decryptPassword($token->getPassword(), $oldSessionId); + $newToken->setPassword($this->encryptPassword($password, $sessionId)); + } + $newToken->setName($token->getName()); + $newToken->setToken($this->hashToken($sessionId)); + $newToken->setType(IToken::TEMPORARY_TOKEN); + $newToken->setLastActivity($this->time->getTime()); + $this->mapper->insert($newToken); + } + + /** * @param IToken $savedToken * @param string $tokenId session token * @throws InvalidTokenException @@ -207,8 +230,11 @@ class DefaultTokenProvider implements IProvider { */ public function invalidateOldTokens() { $olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24); - $this->logger->info('Invalidating tokens older than ' . date('c', $olderThan)); - $this->mapper->invalidateOld($olderThan); + $this->logger->info('Invalidating session tokens older than ' . date('c', $olderThan)); + $this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER); + $rememberThreshold = $this->time->getTime() - (int) $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); + $this->logger->info('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold)); + $this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER); } /** |