diff options
| author | fox <[email protected]> | 2022-09-03 08:28:56 +0300 |
|---|---|---|
| committer | fox <[email protected]> | 2022-09-03 08:28:56 +0300 |
| commit | d47b8c8494ed41c8a72c21b238dde74e606c5f0e (patch) | |
| tree | 77f2d119e1d76b52077bf073771bcffb4d24f9cd | |
| parent | 5fea1a7ea90796ef061c7ad991265b6d28fde3fe (diff) | |
| parent | 96595ca4c5800b392ee73d14eaa34f4d847a5577 (diff) | |
Merge pull request 'Set user related sessions for single user mode' (#82) from powerivq/tt-rss:language-session into master
Reviewed-on: https://dev.tt-rss.org/fox/tt-rss/pulls/82
| -rw-r--r-- | backend.php | 2 | ||||
| -rwxr-xr-x | classes/handler/public.php | 4 | ||||
| -rw-r--r-- | classes/userhelper.php | 26 |
3 files changed, 15 insertions, 17 deletions
diff --git a/backend.php b/backend.php index 59f3982c5..e246ea088 100644 --- a/backend.php +++ b/backend.php @@ -39,7 +39,7 @@ header("Content-Type: text/json; charset=utf-8"); if (Config::get(Config::SINGLE_USER_MODE)) { - UserHelper::authenticate( "admin", null); + UserHelper::authenticate("admin", null); } if (!empty($_SESSION["uid"])) { diff --git a/classes/handler/public.php b/classes/handler/public.php index ea0972f6b..5c2f2bd02 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -394,10 +394,6 @@ class Handler_Public extends Handler { if (UserHelper::authenticate($login, $password)) { $_POST["password"] = ""; - if (Config::get_schema_version() >= 120) { - $_SESSION["language"] = get_pref(Prefs::USER_LANGUAGE, $_SESSION["uid"]); - } - $_SESSION["ref_schema_version"] = Config::get_schema_version(); $_SESSION["bw_limit"] = !!clean($_POST["bw_limit"] ?? false); $_SESSION["safe_mode"] = $safe_mode; diff --git a/classes/userhelper.php b/classes/userhelper.php index e613465b9..4d9f30548 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -83,19 +83,15 @@ class UserHelper { $user = ORM::for_table('ttrss_users')->find_one($user_id); if ($user && $user->access_level != self::ACCESS_LEVEL_DISABLED) { - $_SESSION["uid"] = $user_id; + self::set_session_for_user($user_id); $_SESSION["auth_module"] = $auth_module; $_SESSION["name"] = $user->login; $_SESSION["access_level"] = $user->access_level; - $_SESSION["csrf_token"] = bin2hex(get_random_bytes(16)); - $_SESSION["ip_address"] = UserHelper::get_user_ip(); $_SESSION["pwd_hash"] = $user->pwd_hash; $user->last_login = Db::NOW(); $user->save(); - $_SESSION["last_login_update"] = time(); - return true; } @@ -108,8 +104,7 @@ class UserHelper { return false; } else { - - $_SESSION["uid"] = 1; + self::set_session_for_user(1); $_SESSION["name"] = "admin"; $_SESSION["access_level"] = self::ACCESS_LEVEL_ADMIN; @@ -118,13 +113,20 @@ class UserHelper { $_SESSION["auth_module"] = false; - if (empty($_SESSION["csrf_token"])) - $_SESSION["csrf_token"] = bin2hex(get_random_bytes(16)); + return true; + } + } - $_SESSION["ip_address"] = UserHelper::get_user_ip(); - $_SESSION["last_login_update"] = time(); + static function set_session_for_user(int $owner_uid): void { + $_SESSION["uid"] = $owner_uid; + $_SESSION["last_login_update"] = time(); + $_SESSION["ip_address"] = UserHelper::get_user_ip(); - return true; + if (empty($_SESSION["csrf_token"])) + $_SESSION["csrf_token"] = bin2hex(get_random_bytes(16)); + + if (Config::get_schema_version() >= 120) { + $_SESSION["language"] = get_pref(Prefs::USER_LANGUAGE, $owner_uid); } } |