Rewrite of session management
This commit is contained in:
Frederic Guillot
@@ -45,11 +45,11 @@ class Authentication extends Base
|
||||
|
||||
// Check if the user session match an existing user
|
||||
$userNotFound = ! $this->user->exists($this->userSession->getId());
|
||||
$reverseProxyWrongUser = REVERSE_PROXY_AUTH && $this->backend('reverseProxy')->getUsername() !== $_SESSION['user']['username'];
|
||||
$reverseProxyWrongUser = REVERSE_PROXY_AUTH && $this->backend('reverseProxy')->getUsername() !== $this->userSession->getUsername();
|
||||
|
||||
if ($userNotFound || $reverseProxyWrongUser) {
|
||||
$this->backend('rememberMe')->destroy($this->userSession->getId());
|
||||
$this->session->close();
|
||||
$this->sessionManager->close();
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -176,8 +176,12 @@ class Authentication extends Base
|
||||
public function validateFormCaptcha(array $values)
|
||||
{
|
||||
if ($this->hasCaptcha($values['username'])) {
|
||||
if (! isset($this->sessionStorage->captcha)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$builder = new CaptchaBuilder;
|
||||
$builder->setPhrase($this->session['captcha']);
|
||||
$builder->setPhrase($this->sessionStorage->captcha);
|
||||
return $builder->testPhrase(isset($values['captcha']) ? $values['captcha'] : '');
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ namespace Kanboard\Model;
|
||||
|
||||
use Kanboard\Core\Translator;
|
||||
use Kanboard\Core\Security\Token;
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Core\Session\SessionManager;
|
||||
|
||||
/**
|
||||
* Config model
|
||||
@@ -145,8 +145,8 @@ class Config extends Setting
|
||||
*/
|
||||
public function getCurrentLanguage()
|
||||
{
|
||||
if ($this->userSession->isLogged() && ! empty($this->session['user']['language'])) {
|
||||
return $this->session['user']['language'];
|
||||
if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['language'])) {
|
||||
return $this->sessionStorage->user['language'];
|
||||
}
|
||||
|
||||
return $this->get('application_language', 'en_US');
|
||||
@@ -162,17 +162,17 @@ class Config extends Setting
|
||||
*/
|
||||
public function get($name, $default_value = '')
|
||||
{
|
||||
if (! Session::isOpen()) {
|
||||
if (! SessionManager::isOpen()) {
|
||||
return $this->getOption($name, $default_value);
|
||||
}
|
||||
|
||||
// Cache config in session
|
||||
if (! isset($this->session['config'][$name])) {
|
||||
$this->session['config'] = $this->getAll();
|
||||
if (! isset($this->sessionStorage->config[$name])) {
|
||||
$this->sessionStorage->config = $this->getAll();
|
||||
}
|
||||
|
||||
if (! empty($this->session['config'][$name])) {
|
||||
return $this->session['config'][$name];
|
||||
if (! empty($this->sessionStorage->config[$name])) {
|
||||
return $this->sessionStorage->config[$name];
|
||||
}
|
||||
|
||||
return $default_value;
|
||||
@@ -185,7 +185,7 @@ class Config extends Setting
|
||||
*/
|
||||
public function reload()
|
||||
{
|
||||
$this->session['config'] = $this->getAll();
|
||||
$this->sessionStorage->config = $this->getAll();
|
||||
$this->setupTranslations();
|
||||
}
|
||||
|
||||
@@ -207,8 +207,8 @@ class Config extends Setting
|
||||
*/
|
||||
public function getCurrentTimezone()
|
||||
{
|
||||
if ($this->userSession->isLogged() && ! empty($this->session['user']['timezone'])) {
|
||||
return $this->session['user']['timezone'];
|
||||
if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['timezone'])) {
|
||||
return $this->sessionStorage->user['timezone'];
|
||||
}
|
||||
|
||||
return $this->get('application_timezone', 'UTC');
|
||||
|
||||
@@ -5,7 +5,7 @@ namespace Kanboard\Model;
|
||||
use PicoDb\Database;
|
||||
use SimpleValidator\Validator;
|
||||
use SimpleValidator\Validators;
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Core\Session\SessionManager;
|
||||
use Kanboard\Core\Security\Token;
|
||||
|
||||
/**
|
||||
@@ -320,8 +320,8 @@ class User extends Base
|
||||
$result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values);
|
||||
|
||||
// If the user is connected refresh his session
|
||||
if (Session::isOpen() && $this->userSession->getId() == $values['id']) {
|
||||
$this->userSession->refresh();
|
||||
if (SessionManager::isOpen() && $this->userSession->getId() == $values['id']) {
|
||||
$this->userSession->initialize($this->getById($this->userSession->getId()));
|
||||
}
|
||||
|
||||
return $result;
|
||||
@@ -587,7 +587,7 @@ class User extends Base
|
||||
if ($v->execute()) {
|
||||
|
||||
// Check password
|
||||
if ($this->authentication->authenticate($this->session['user']['username'], $values['current_password'])) {
|
||||
if ($this->authentication->authenticate($this->userSession->getUsername(), $values['current_password'])) {
|
||||
return array(true, array());
|
||||
} else {
|
||||
return array(false, array('current_password' => array(t('Wrong password'))));
|
||||
|
||||
@@ -11,17 +11,13 @@ namespace Kanboard\Model;
|
||||
class UserSession extends Base
|
||||
{
|
||||
/**
|
||||
* Update user session information
|
||||
* Update user session
|
||||
*
|
||||
* @access public
|
||||
* @param array $user User data
|
||||
* @param array $user
|
||||
*/
|
||||
public function refresh(array $user = array())
|
||||
public function initialize(array $user)
|
||||
{
|
||||
if (empty($user)) {
|
||||
$user = $this->user->getById($this->userSession->getId());
|
||||
}
|
||||
|
||||
if (isset($user['password'])) {
|
||||
unset($user['password']);
|
||||
}
|
||||
@@ -31,12 +27,13 @@ class UserSession extends Base
|
||||
}
|
||||
|
||||
$user['id'] = (int) $user['id'];
|
||||
$user['is_admin'] = (bool) $user['is_admin'];
|
||||
$user['is_project_admin'] = (bool) $user['is_project_admin'];
|
||||
$user['is_ldap_user'] = (bool) $user['is_ldap_user'];
|
||||
$user['twofactor_activated'] = (bool) $user['twofactor_activated'];
|
||||
$user['is_admin'] = isset($user['is_admin']) ? (bool) $user['is_admin'] : false;
|
||||
$user['is_project_admin'] = isset($user['is_project_admin']) ? (bool) $user['is_project_admin'] : false;
|
||||
$user['is_ldap_user'] = isset($user['is_ldap_user']) ? (bool) $user['is_ldap_user'] : false;
|
||||
$user['twofactor_activated'] = isset($user['twofactor_activated']) ? (bool) $user['twofactor_activated'] : false;
|
||||
|
||||
$this->session['user'] = $user;
|
||||
$this->sessionStorage->user = $user;
|
||||
$this->sessionStorage->postAuth = array('validated' => false);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -47,7 +44,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function check2FA()
|
||||
{
|
||||
return isset($this->session['2fa_validated']) && $this->session['2fa_validated'] === true;
|
||||
return isset($this->sessionStorage->postAuth['validated']) && $this->sessionStorage->postAuth['validated'] === true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -58,7 +55,17 @@ class UserSession extends Base
|
||||
*/
|
||||
public function has2FA()
|
||||
{
|
||||
return isset($this->session['user']['twofactor_activated']) && $this->session['user']['twofactor_activated'] === true;
|
||||
return isset($this->sessionStorage->user['twofactor_activated']) && $this->sessionStorage->user['twofactor_activated'] === true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Disable 2FA for the current session
|
||||
*
|
||||
* @access public
|
||||
*/
|
||||
public function disable2FA()
|
||||
{
|
||||
$this->sessionStorage->user['twofactor_activated'] = false;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -69,7 +76,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function isAdmin()
|
||||
{
|
||||
return isset($this->session['user']['is_admin']) && $this->session['user']['is_admin'] === true;
|
||||
return isset($this->sessionStorage->user['is_admin']) && $this->sessionStorage->user['is_admin'] === true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -80,7 +87,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function isProjectAdmin()
|
||||
{
|
||||
return isset($this->session['user']['is_project_admin']) && $this->session['user']['is_project_admin'] === true;
|
||||
return isset($this->sessionStorage->user['is_project_admin']) && $this->sessionStorage->user['is_project_admin'] === true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -91,7 +98,18 @@ class UserSession extends Base
|
||||
*/
|
||||
public function getId()
|
||||
{
|
||||
return isset($this->session['user']['id']) ? (int) $this->session['user']['id'] : 0;
|
||||
return isset($this->sessionStorage->user['id']) ? (int) $this->sessionStorage->user['id'] : 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get username
|
||||
*
|
||||
* @access public
|
||||
* @return integer
|
||||
*/
|
||||
public function getUsername()
|
||||
{
|
||||
return isset($this->sessionStorage->user['username']) ? $this->sessionStorage->user['username'] : '';
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -102,7 +120,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function isLogged()
|
||||
{
|
||||
return ! empty($this->session['user']);
|
||||
return isset($this->sessionStorage->user) && ! empty($this->sessionStorage->user);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -114,7 +132,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function getFilters($project_id)
|
||||
{
|
||||
return ! empty($_SESSION['filters'][$project_id]) ? $_SESSION['filters'][$project_id] : 'status:open';
|
||||
return ! empty($this->sessionStorage->filters[$project_id]) ? $this->sessionStorage->filters[$project_id] : 'status:open';
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -126,7 +144,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function setFilters($project_id, $filters)
|
||||
{
|
||||
$_SESSION['filters'][$project_id] = $filters;
|
||||
$this->sessionStorage->filters[$project_id] = $filters;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -138,7 +156,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function isBoardCollapsed($project_id)
|
||||
{
|
||||
return ! empty($_SESSION['board_collapsed'][$project_id]) ? $_SESSION['board_collapsed'][$project_id] : false;
|
||||
return ! empty($this->sessionStorage->boardCollapsed[$project_id]) ? $this->sessionStorage->boardCollapsed[$project_id] : false;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -146,11 +164,11 @@ class UserSession extends Base
|
||||
*
|
||||
* @access public
|
||||
* @param integer $project_id
|
||||
* @param boolean $collapsed
|
||||
* @param boolean $is_collapsed
|
||||
*/
|
||||
public function setBoardDisplayMode($project_id, $collapsed)
|
||||
public function setBoardDisplayMode($project_id, $is_collapsed)
|
||||
{
|
||||
$_SESSION['board_collapsed'][$project_id] = $collapsed;
|
||||
$this->sessionStorage->boardCollapsed[$project_id] = $is_collapsed;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -161,7 +179,7 @@ class UserSession extends Base
|
||||
*/
|
||||
public function setCommentSorting($order)
|
||||
{
|
||||
$this->session['comment_sorting'] = $order;
|
||||
$this->sessionStorage->commentSorting = $order;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -172,6 +190,6 @@ class UserSession extends Base
|
||||
*/
|
||||
public function getCommentSorting()
|
||||
{
|
||||
return $this->session['comment_sorting'] ?: 'ASC';
|
||||
return empty($this->sessionStorage->commentSorting) ? 'ASC' : $this->sessionStorage->commentSorting;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user