diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2019-01-06 12:19:26 +0100 |
|---|---|---|
| committer | Alexandre Alapetite <alexandre@alapetite.fr>
| 2019-01-06 12:19:26 +0100 |
| commit | a26eff8a2084a779959f5bef96a4bc72c7ec6ab7 (patch) | |
| tree | 03e7f8ebef3fcfc67018e19034fbbb841d9dc6bf /app/Models/Auth.php | |
| parent | 30327efecd4fa7f4131cd0d7a5ac80b460af95d1 (diff) | |
| parent | 15d74d934708896706278574af159a9dcb3a4313 (diff) | |
Merge branch 'FreshRSS/dev' into FreshRSS/dev-1.14.0
Diffstat (limited to 'app/Models/Auth.php')
| -rw-r--r-- | app/Models/Auth.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 9c3e31952..513a9cb2f 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -28,13 +28,13 @@ class FreshRSS_Auth { if (self::$login_ok) { self::giveAccess(); - } elseif (self::accessControl()) { - self::giveAccess(); + } elseif (self::accessControl() && self::giveAccess()) { FreshRSS_UserDAO::touch(); } else { // Be sure all accesses are removed! self::removeAccess(); } + return self::$login_ok; } /** @@ -60,7 +60,7 @@ class FreshRSS_Auth { return $current_user != ''; case 'http_auth': $current_user = httpAuthUser(); - $login_ok = $current_user != ''; + $login_ok = $current_user != '' && FreshRSS_UserDAO::exists($current_user); if ($login_ok) { Minz_Session::_param('currentUser', $current_user); } @@ -81,7 +81,7 @@ class FreshRSS_Auth { $user_conf = get_user_configuration($current_user); if ($user_conf == null) { self::$login_ok = false; - return; + return false; } $system_conf = Minz_Configuration::get('system'); @@ -102,6 +102,7 @@ class FreshRSS_Auth { Minz_Session::_param('loginOk', self::$login_ok); Minz_Session::_param('REMOTE_USER', httpAuthUser()); + return self::$login_ok; } /** |