diff options
| author |  Alexis Degrugillier <aledeg@users.noreply.github.com>
| 2020-12-28 10:44:32 -0500 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-12-28 16:44:32 +0100 |
| commit | 465b40f52d758a959747d4d6d6671cb776784e2c (patch) | |
| tree | e63dbe668d51f863bf56f8d1219454145a315f49 /app/Models/Auth.php | |
| parent | e1ee58816ba76734e4115fc12898b13de665b220 (diff) | |
Add a file for each Auth class (#3298)
It's a follow-up of what was started in #3297.
Diffstat (limited to 'app/Models/Auth.php')
| -rw-r--r-- | app/Models/Auth.php | 94 |
1 files changed, 0 insertions, 94 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php index fbce4c48b..9b18b8259 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -235,97 +235,3 @@ class FreshRSS_Auth { return $token != '' && $token === $csrf; } } - - -class FreshRSS_FormAuth { - public static function checkCredentials($username, $hash, $nonce, $challenge) { - if (!FreshRSS_user_Controller::checkUsername($username) || - !ctype_graph($hash) || - !ctype_graph($challenge) || - !ctype_alnum($nonce)) { - Minz_Log::debug('Invalid credential parameters:' . - ' user=' . $username . - ' challenge=' . $challenge . - ' nonce=' . $nonce); - return false; - } - - return password_verify($nonce . $hash, $challenge); - } - - public static function getCredentialsFromCookie() { - $token = Minz_Session::getLongTermCookie('FreshRSS_login'); - if (!ctype_alnum($token)) { - return array(); - } - - $token_file = DATA_PATH . '/tokens/' . $token . '.txt'; - $mtime = @filemtime($token_file); - $conf = Minz_Configuration::get('system'); - $limits = $conf->limits; - $cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration']; - if ($mtime + $cookie_duration < time()) { - // Token has expired (> cookie_duration) or does not exist. - @unlink($token_file); - return array(); - } - - $credentials = @file_get_contents($token_file); - if ($credentials !== false && self::renewCookie($token)) { - return explode("\t", $credentials, 2); - } - return []; - } - - private static function renewCookie($token) { - $token_file = DATA_PATH . '/tokens/' . $token . '.txt'; - if (touch($token_file)) { - $conf = Minz_Configuration::get('system'); - $limits = $conf->limits; - $cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration']; - $expire = time() + $cookie_duration; - Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire); - return $token; - } - return false; - } - - public static function makeCookie($username, $password_hash) { - $conf = Minz_Configuration::get('system'); - do { - $token = sha1($conf->salt . $username . uniqid(mt_rand(), true)); - $token_file = DATA_PATH . '/tokens/' . $token . '.txt'; - } while (file_exists($token_file)); - - if (@file_put_contents($token_file, $username . "\t" . $password_hash) === false) { - return false; - } - - return self::renewCookie($token); - } - - public static function deleteCookie() { - $token = Minz_Session::getLongTermCookie('FreshRSS_login'); - if (ctype_alnum($token)) { - Minz_Session::deleteLongTermCookie('FreshRSS_login'); - @unlink(DATA_PATH . '/tokens/' . $token . '.txt'); - } - - if (rand(0, 10) === 1) { - self::purgeTokens(); - } - } - - public static function purgeTokens() { - $conf = Minz_Configuration::get('system'); - $limits = $conf->limits; - $cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration']; - $oldest = time() - $cookie_duration; - foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) { - $extension = $file_info->getExtension(); - if ($extension === 'txt' && $file_info->getMTime() < $oldest) { - @unlink($file_info->getPathname()); - } - } - } -} |