PHP OC\User Session::isLoggedIn Beispiele

Beispiel #1

Datei: TwoFactorMiddleware.php Projekt: GitHubUser4234/core

 /**
  * @param Controller $controller
  * @param string $methodName
  */
 public function beforeController($controller, $methodName)
 {
     if ($this->reflector->hasAnnotation('PublicPage')) {
         // Don't block public pages
         return;
     }
     if ($controller instanceof \OC\Core\Controller\LoginController && $methodName === 'logout') {
         // Don't block the logout page, to allow canceling the 2FA
         return;
     }
     if ($this->userSession->isLoggedIn()) {
         $user = $this->userSession->getUser();
         if ($this->twoFactorManager->isTwoFactorAuthenticated($user)) {
             $this->checkTwoFactor($controller, $methodName);
         } else {
             if ($controller instanceof TwoFactorChallengeController) {
                 // Allow access to the two-factor controllers only if two-factor authentication
                 // is in progress.
                 throw new UserAlreadyLoggedInException();
             }
         }
     }
     // TODO: dont check/enforce 2FA if a auth token is used
 }

Beispiel #2

Datei: LoginController.php Projekt: rchicoli/owncloud-core

 /**
  * @PublicPage
  * @UseSession
  *
  * @param string $user
  * @param string $password
  * @param string $redirect_url
  * @return RedirectResponse
  */
 public function tryLogin($user, $password, $redirect_url)
 {
     $originalUser = $user;
     // TODO: Add all the insane error handling
     /* @var $loginResult IUser */
     $loginResult = $this->userManager->checkPassword($user, $password);
     if ($loginResult === false) {
         $users = $this->userManager->getByEmail($user);
         // we only allow login by email if unique
         if (count($users) === 1) {
             $user = $users[0]->getUID();
             $loginResult = $this->userManager->checkPassword($user, $password);
         }
     }
     if ($loginResult === false) {
         $this->session->set('loginMessages', [['invalidpassword']]);
         // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
         $args = !is_null($user) ? ['user' => $originalUser] : [];
         return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
     }
     // TODO: remove password checks from above and let the user session handle failures
     // requires https://github.com/owncloud/core/pull/24616
     $this->userSession->login($user, $password);
     $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password);
     if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
         $this->twoFactorManager->prepareTwoFactorLogin($loginResult);
         if (!is_null($redirect_url)) {
             return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', ['redirect_url' => $redirect_url]));
         }
         return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
     }
     if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
         $location = $this->urlGenerator->getAbsoluteURL(urldecode($redirect_url));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             return new RedirectResponse($location);
         }
     }
     return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
 }

Beispiel #3

Datei: Auth.php Projekt: rchicoli/owncloud-core

 /**
  * @param RequestInterface $request
  * @param ResponseInterface $response
  * @return array
  * @throws NotAuthenticated
  */
 private function auth(RequestInterface $request, ResponseInterface $response)
 {
     $forcedLogout = false;
     if (!$this->request->passesCSRFCheck() && $this->requiresCSRFCheck()) {
         // In case of a fail with POST we need to recheck the credentials
         if ($this->request->getMethod() === 'POST') {
             $forcedLogout = true;
         } else {
             $response->setStatus(401);
             throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
         }
     }
     if ($forcedLogout) {
         $this->userSession->logout();
     } else {
         if ($this->twoFactorManager->needsSecondFactor()) {
             throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
         }
         if (\OC_User::handleApacheAuth() || $this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED)) || $this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) {
             $user = $this->userSession->getUser()->getUID();
             \OC_Util::setupFS($user);
             $this->currentUser = $user;
             $this->session->close();
             return [true, $this->principalPrefix . $user];
         }
     }
     if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
         // do not re-authenticate over ajax, use dummy auth name to prevent browser popup
         $response->addHeader('WWW-Authenticate', 'DummyBasic realm="' . $this->realm . '"');
         $response->setStatus(401);
         throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
     }
     $data = parent::check($request, $response);
     if ($data[0] === true) {
         $startPos = strrpos($data[1], '/') + 1;
         $user = $this->userSession->getUser()->getUID();
         $data[1] = substr_replace($data[1], $user, $startPos);
     }
     return $data;
 }