Skip to content

Commit cfca4c8

Browse files
ChristophWurstChristophWurst
committed
bring back old remember-me code
1 parent 8767e95 commit cfca4c8

File tree

4 files changed

+26
-16
lines changed

4 files changed

+26
-16
lines changed

core/Controller/LoginController.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -236,6 +236,12 @@ public function tryLogin($user, $password, $redirect_url) {
236236
$this->userSession->login($user, $password);
237237
$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password);
238238

239+
if (true) {
240+
$token = \OC::$server->getSecureRandom()->generate(32);
241+
$this->config->setUserValue($originalUser, 'login_token', $token, time());
242+
$this->userSession->setMagicInCookie($originalUser, $token);
243+
}
244+
239245
// User has successfully logged in, now remove the password reset link, when it is available
240246
$this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
241247

lib/base.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1039,6 +1039,9 @@ static function handleLogin(OCP\IRequest $request) {
10391039
if ($userSession->tryTokenLogin($request)) {
10401040
return true;
10411041
}
1042+
if ($userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'])) {
1043+
return true;
1044+
}
10421045
if ($userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
10431046
return true;
10441047
}

lib/private/User/Session.php

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -691,15 +691,15 @@ public function loginWithCookie($uid, $currentToken) {
691691
}
692692

693693
// get stored tokens
694-
$tokens = OC::$server->getConfig()->getUserKeys($uid, 'login_token');
694+
$tokens = $this->config->getUserKeys($uid, 'login_token');
695695
// test cookies token against stored tokens
696696
if (!in_array($currentToken, $tokens, true)) {
697697
return false;
698698
}
699699
// replace successfully used token with a new one
700-
OC::$server->getConfig()->deleteUserValue($uid, 'login_token', $currentToken);
700+
$this->config->deleteUserValue($uid, 'login_token', $currentToken);
701701
$newToken = OC::$server->getSecureRandom()->generate(32);
702-
OC::$server->getConfig()->setUserValue($uid, 'login_token', $newToken, time());
702+
$this->config->setUserValue($uid, 'login_token', $newToken, time());
703703
$this->setMagicInCookie($user->getUID(), $newToken);
704704

705705
//login
@@ -736,9 +736,9 @@ public function logout() {
736736
public function setMagicInCookie($username, $token) {
737737
$secureCookie = OC::$server->getRequest()->getServerProtocol() === 'https';
738738
$expires = time() + OC::$server->getConfig()->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
739-
setcookie('oc_username', $username, $expires, OC::$WEBROOT, '', $secureCookie, true);
740-
setcookie('oc_token', $token, $expires, OC::$WEBROOT, '', $secureCookie, true);
741-
setcookie('oc_remember_login', '1', $expires, OC::$WEBROOT, '', $secureCookie, true);
739+
setcookie('nc_username', $username, $expires, OC::$WEBROOT, '', $secureCookie, true);
740+
setcookie('nc_token', $token, $expires, OC::$WEBROOT, '', $secureCookie, true);
741+
setcookie('nc_remember_login', '1', $expires, OC::$WEBROOT, '', $secureCookie, true);
742742
}
743743

744744
/**
@@ -748,17 +748,17 @@ public function unsetMagicInCookie() {
748748
//TODO: DI for cookies and IRequest
749749
$secureCookie = OC::$server->getRequest()->getServerProtocol() === 'https';
750750

751-
unset($_COOKIE['oc_username']); //TODO: DI
752-
unset($_COOKIE['oc_token']);
753-
unset($_COOKIE['oc_remember_login']);
754-
setcookie('oc_username', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
755-
setcookie('oc_token', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
756-
setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
751+
unset($_COOKIE['nc_username']); //TODO: DI
752+
unset($_COOKIE['nc_token']);
753+
unset($_COOKIE['nc_remember_login']);
754+
setcookie('nc_username', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
755+
setcookie('nc_token', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
756+
setcookie('nc_remember_login', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
757757
// old cookies might be stored under /webroot/ instead of /webroot
758758
// and Firefox doesn't like it!
759-
setcookie('oc_username', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
760-
setcookie('oc_token', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
761-
setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
759+
setcookie('nc_username', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
760+
setcookie('nc_token', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
761+
setcookie('nc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
762762
}
763763

764764
/**
@@ -778,4 +778,5 @@ public function updateSessionTokenPassword($password) {
778778
}
779779
}
780780

781+
781782
}

lib/public/IRequest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -145,7 +145,7 @@ public function getEnv($key);
145145
* Shortcut for getting cookie variables
146146
*
147147
* @param string $key the key that will be taken from the $_COOKIE array
148-
* @return string the value in the $_COOKIE element
148+
* @return string|null the value in the $_COOKIE element
149149
* @since 6.0.0
150150
*/
151151
public function getCookie($key);

0 commit comments

Comments
 (0)