From eab6d7eb23f66ac4a662a036336b292138e4484c Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Mon, 14 Jan 2013 21:39:49 +0100
Subject: Enhanced auth is totally unmaintained and broken
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Let's remove it, it's also not secure anymore with the introduction of
our API etc...
(And doesn't work with ldap etc…)
---
 lib/json.php | 13 -------------
 lib/util.php | 34 ----------------------------------
 2 files changed, 47 deletions(-)

(limited to 'lib')

diff --git a/lib/json.php b/lib/json.php
index 5ab877540d4..c87de3e200b 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -74,19 +74,6 @@ class OC_JSON{
 			exit();
 		}
 	}
-
-	/**
-	* Check if the user verified the login with his password
-	*/
-	public static function verifyUser() {
-		if(OC_Config::getValue('enhancedauth', false) === true) {
-			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
-				$l = OC_L10N::get('lib');
-				self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
-				exit();
-			}
-		}
-	}
 	
 	/**
 	* Send json error msg
diff --git a/lib/util.php b/lib/util.php
index 06ae37176c1..a8576fc1057 100755
--- a/lib/util.php
+++ b/lib/util.php
@@ -360,40 +360,6 @@ class OC_Util {
 		return true;
 	}
 
-	/**
-	 * Check if the user verified the login with his password in the last 15 minutes
-	 * If not, the user will be shown a password verification page
-	 */
-	public static function verifyUser() {
-		if(OC_Config::getValue('enhancedauth', false) === true) {
-			// Check password to set session
-			if(isset($_POST['password'])) {
-				if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) {
-					$_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60);
-				}
-			}
-
-			// Check if the user verified his password
-			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
-				OC_Template::printGuestPage("", "verify",  array('username' => OC_User::getUser()));
-				exit();
-			}
-		}
-	}
-
-	/**
-	 * Check if the user verified the login with his password
-	 * @return bool
-	 */
-	public static function isUserVerified() {
-		if(OC_Config::getValue('enhancedauth', false) === true) {
-			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
-				return false;
-			}
-		}
-		return true;
-	}
-
 	/**
 	 * Redirect to the user default page
 	 */
-- 
cgit v1.2.3