/** * perform login using the magic cookie (remember login) * * @param string $uid the username * @param string $currentToken * @return bool */ public function loginWithCookie($uid, $currentToken) { $this->session->regenerateId(); $this->manager->emit('\\OC\\User', 'preRememberedLogin', array($uid)); $user = $this->manager->get($uid); if (is_null($user)) { // user does not exist return false; } // get stored tokens $tokens = OC::$server->getConfig()->getUserKeys($uid, 'login_token'); // test cookies token against stored tokens if (!in_array($currentToken, $tokens, true)) { return false; } // replace successfully used token with a new one OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken); $newToken = OC::$server->getSecureRandom()->generate(32); OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time()); $this->setMagicInCookie($user->getUID(), $newToken); //login $this->setUser($user); $this->manager->emit('\\OC\\User', 'postRememberedLogin', array($user)); return true; }
/** * Wrapper around session_regenerate_id * * @param bool $deleteOldSession Whether to delete the old associated session file or not. * @return void */ public function regenerateId($deleteOldSession = true) { $this->session->regenerateId($deleteOldSession); }