From 81f31399929361d19fb3260a43aa35f9b6cf5105 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 21 Feb 2024 22:13:23 +0300 Subject: add HOOK_VALIDATE_SESSION --- classes/Plugin.php | 7 +++++++ classes/PluginHost.php | 3 +++ include/sessions.php | 15 +++++++++++++++ 3 files changed, 25 insertions(+) diff --git a/classes/Plugin.php b/classes/Plugin.php index d941a1616..cc50ae75e 100644 --- a/classes/Plugin.php +++ b/classes/Plugin.php @@ -706,4 +706,11 @@ abstract class Plugin { function hook_loginform_additional_buttons() { user_error("Dummy method invoked.", E_USER_ERROR); } + + /** Returns false if session is considered invalid, true cascades to next handler */ + function hook_validate_session(): bool { + user_error("Dummy method invoked.", E_USER_ERROR); + return false; + } + } diff --git a/classes/PluginHost.php b/classes/PluginHost.php index c2d0407d4..e39273672 100644 --- a/classes/PluginHost.php +++ b/classes/PluginHost.php @@ -199,6 +199,9 @@ class PluginHost { /** @see Plugin::hook_loginform_additional_buttons() */ const HOOK_LOGINFORM_ADDITIONAL_BUTTONS = "hook_loginform_additional_buttons"; + /** @see Plugin::hook_validate_session() */ + const HOOK_VALIDATE_SESSION = "hook_validate_session"; + const KIND_ALL = 1; const KIND_SYSTEM = 2; const KIND_USER = 3; diff --git a/include/sessions.php b/include/sessions.php index 605ca9325..c863a4f2c 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -49,6 +49,21 @@ $_SESSION["login_error_msg"] = __("Session failed to validate (account is disabled)"); return false; } + + // default to true because there might not be any hooks and this is our last check + $hook_result = true; + + \PluginHost::getInstance()->chain_hooks_callback(\PluginHost::HOOK_VALIDATE_SESSION, + function ($result) use (&$hook_result) { + $hook_result = $result; + + if (!$result) { + return true; + } + }); + + return $hook_result; + } else { $_SESSION["login_error_msg"] = __("Session failed to validate (user not found)"); return false; -- cgit v1.2.3