From 9504500e5fe80094c6b98393c05b9360590e0b48 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Wed, 4 May 2016 07:50:24 +0200 Subject: Move \OC\User to PSR-4 --- lib/private/user/session.php | 322 ------------------------------------------- 1 file changed, 322 deletions(-) delete mode 100644 lib/private/user/session.php (limited to 'lib/private/user/session.php') diff --git a/lib/private/user/session.php b/lib/private/user/session.php deleted file mode 100644 index c7f8a6920de..00000000000 --- a/lib/private/user/session.php +++ /dev/null @@ -1,322 +0,0 @@ - - * @author Bernhard Posselt - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Roeland Jago Douma - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OC\User; - -use OC\Hooks\Emitter; -use OCP\ISession; -use OCP\IUserManager; -use OCP\IUserSession; - -/** - * Class Session - * - * Hooks available in scope \OC\User: - * - preSetPassword(\OC\User\User $user, string $password, string $recoverPassword) - * - postSetPassword(\OC\User\User $user, string $password, string $recoverPassword) - * - preDelete(\OC\User\User $user) - * - postDelete(\OC\User\User $user) - * - preCreateUser(string $uid, string $password) - * - postCreateUser(\OC\User\User $user) - * - preLogin(string $user, string $password) - * - postLogin(\OC\User\User $user, string $password) - * - preRememberedLogin(string $uid) - * - postRememberedLogin(\OC\User\User $user) - * - logout() - * - * @package OC\User - */ -class Session implements IUserSession, Emitter { - /** @var \OC\User\Manager $manager */ - private $manager; - - /** @var \OC\Session\Session $session */ - private $session; - - /** @var \OC\User\User $activeUser */ - protected $activeUser; - - /** - * @param IUserManager $manager - * @param ISession $session - */ - public function __construct(IUserManager $manager, ISession $session) { - $this->manager = $manager; - $this->session = $session; - } - - /** - * @param string $scope - * @param string $method - * @param callable $callback - */ - public function listen($scope, $method, callable $callback) { - $this->manager->listen($scope, $method, $callback); - } - - /** - * @param string $scope optional - * @param string $method optional - * @param callable $callback optional - */ - public function removeListener($scope = null, $method = null, callable $callback = null) { - $this->manager->removeListener($scope, $method, $callback); - } - - /** - * get the manager object - * - * @return \OC\User\Manager - */ - public function getManager() { - return $this->manager; - } - - /** - * get the session object - * - * @return ISession - */ - public function getSession() { - return $this->session; - } - - /** - * set the session object - * - * @param ISession $session - */ - public function setSession(ISession $session) { - if ($this->session instanceof ISession) { - $this->session->close(); - } - $this->session = $session; - $this->activeUser = null; - } - - /** - * set the currently active user - * - * @param \OC\User\User|null $user - */ - public function setUser($user) { - if (is_null($user)) { - $this->session->remove('user_id'); - } else { - $this->session->set('user_id', $user->getUID()); - } - $this->activeUser = $user; - } - - /** - * get the current active user - * - * @return \OCP\IUser|null Current user, otherwise null - */ - public function getUser() { - // FIXME: This is a quick'n dirty work-around for the incognito mode as - // described at https://github.com/owncloud/core/pull/12912#issuecomment-67391155 - if (\OC_User::isIncognitoMode()) { - return null; - } - if ($this->activeUser) { - return $this->activeUser; - } else { - $uid = $this->session->get('user_id'); - if ($uid !== null) { - $this->activeUser = $this->manager->get($uid); - return $this->activeUser; - } else { - return null; - } - } - } - - /** - * Checks whether the user is logged in - * - * @return bool if logged in - */ - public function isLoggedIn() { - $user = $this->getUser(); - if (is_null($user)) { - return false; - } - - return $user->isEnabled(); - } - - /** - * set the login name - * - * @param string|null $loginName for the logged in user - */ - public function setLoginName($loginName) { - if (is_null($loginName)) { - $this->session->remove('loginname'); - } else { - $this->session->set('loginname', $loginName); - } - } - - /** - * get the login name of the current user - * - * @return string - */ - public function getLoginName() { - if ($this->activeUser) { - return $this->session->get('loginname'); - } else { - $uid = $this->session->get('user_id'); - if ($uid) { - $this->activeUser = $this->manager->get($uid); - return $this->session->get('loginname'); - } else { - return null; - } - } - } - - /** - * try to login with the provided credentials - * - * @param string $uid - * @param string $password - * @return boolean|null - * @throws LoginException - */ - public function login($uid, $password) { - $this->session->regenerateId(); - $this->manager->emit('\OC\User', 'preLogin', array($uid, $password)); - $user = $this->manager->checkPassword($uid, $password); - if ($user !== false) { - if (!is_null($user)) { - if ($user->isEnabled()) { - $this->setUser($user); - $this->setLoginName($uid); - $this->manager->emit('\OC\User', 'postLogin', array($user, $password)); - if ($this->isLoggedIn()) { - return true; - } else { - // injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory - $message = \OC::$server->getL10N('lib')->t('Login canceled by app'); - throw new LoginException($message); - } - } else { - // injecting l10n does not work - there is a circular dependency between session and \OCP\L10N\IFactory - $message = \OC::$server->getL10N('lib')->t('User disabled'); - throw new LoginException($message); - } - } - } - return false; - } - - /** - * perform login using the magic cookie (remember login) - * - * @param string $uid the username - * @param string $currentToken - * @return bool - */ - public function loginWithCookie($uid, $currentToken) { - $this->session->regenerateId(); - $this->manager->emit('\OC\User', 'preRememberedLogin', array($uid)); - $user = $this->manager->get($uid); - if (is_null($user)) { - // user does not exist - return false; - } - - // get stored tokens - $tokens = \OC::$server->getConfig()->getUserKeys($uid, 'login_token'); - // test cookies token against stored tokens - if (!in_array($currentToken, $tokens, true)) { - return false; - } - // replace successfully used token with a new one - \OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken); - $newToken = \OC::$server->getSecureRandom()->generate(32); - \OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time()); - $this->setMagicInCookie($user->getUID(), $newToken); - - //login - $this->setUser($user); - $this->manager->emit('\OC\User', 'postRememberedLogin', array($user)); - return true; - } - - /** - * logout the user from the session - */ - public function logout() { - $this->manager->emit('\OC\User', 'logout'); - $this->setUser(null); - $this->setLoginName(null); - $this->unsetMagicInCookie(); - $this->session->clear(); - } - - /** - * Set cookie value to use in next page load - * - * @param string $username username to be set - * @param string $token - */ - public function setMagicInCookie($username, $token) { - $secureCookie = \OC::$server->getRequest()->getServerProtocol() === 'https'; - $expires = time() + \OC::$server->getConfig()->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); - setcookie("oc_username", $username, $expires, \OC::$WEBROOT, '', $secureCookie, true); - setcookie("oc_token", $token, $expires, \OC::$WEBROOT, '', $secureCookie, true); - setcookie("oc_remember_login", "1", $expires, \OC::$WEBROOT, '', $secureCookie, true); - } - - /** - * Remove cookie for "remember username" - */ - public function unsetMagicInCookie() { - //TODO: DI for cookies and IRequest - $secureCookie = \OC::$server->getRequest()->getServerProtocol() === 'https'; - - unset($_COOKIE["oc_username"]); //TODO: DI - unset($_COOKIE["oc_token"]); - unset($_COOKIE["oc_remember_login"]); - setcookie('oc_username', '', time() - 3600, \OC::$WEBROOT, '',$secureCookie, true); - setcookie('oc_token', '', time() - 3600, \OC::$WEBROOT, '', $secureCookie, true); - setcookie('oc_remember_login', '', time() - 3600, \OC::$WEBROOT, '', $secureCookie, true); - // old cookies might be stored under /webroot/ instead of /webroot - // and Firefox doesn't like it! - setcookie('oc_username', '', time() - 3600, \OC::$WEBROOT . '/', '', $secureCookie, true); - setcookie('oc_token', '', time() - 3600, \OC::$WEBROOT . '/', '', $secureCookie, true); - setcookie('oc_remember_login', '', time() - 3600, \OC::$WEBROOT . '/', '', $secureCookie, true); - } -} -- cgit v1.2.3