summaryrefslogtreecommitdiff
path: root/app/Models/Auth.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Models/Auth.php')
-rw-r--r--app/Models/Auth.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 9c3e31952..513a9cb2f 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -28,13 +28,13 @@ class FreshRSS_Auth {
if (self::$login_ok) {
self::giveAccess();
- } elseif (self::accessControl()) {
- self::giveAccess();
+ } elseif (self::accessControl() && self::giveAccess()) {
FreshRSS_UserDAO::touch();
} else {
// Be sure all accesses are removed!
self::removeAccess();
}
+ return self::$login_ok;
}
/**
@@ -60,7 +60,7 @@ class FreshRSS_Auth {
return $current_user != '';
case 'http_auth':
$current_user = httpAuthUser();
- $login_ok = $current_user != '';
+ $login_ok = $current_user != '' && FreshRSS_UserDAO::exists($current_user);
if ($login_ok) {
Minz_Session::_param('currentUser', $current_user);
}
@@ -81,7 +81,7 @@ class FreshRSS_Auth {
$user_conf = get_user_configuration($current_user);
if ($user_conf == null) {
self::$login_ok = false;
- return;
+ return false;
}
$system_conf = Minz_Configuration::get('system');
@@ -102,6 +102,7 @@ class FreshRSS_Auth {
Minz_Session::_param('loginOk', self::$login_ok);
Minz_Session::_param('REMOTE_USER', httpAuthUser());
+ return self::$login_ok;
}
/**
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 14:06:03 +0000