flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed session authentication.

Browse source
This commit is contained in:
flash 2019-12-14 20:01:06 +01:00
parent 7ef2a4d3a5
commit 5c3747ecb6
1 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/Http/Handlers/SockChatHandler.php
View file

@ -2,6 +2,7 @@
namespace Misuzu\Http\Handlers; namespace Misuzu\Http\Handlers;
use Exception; use Exception;
use Misuzu\Base64;
use Misuzu\Config; use Misuzu\Config;
use Misuzu\DB; use Misuzu\DB;
use Misuzu\Emoticon; use Misuzu\Emoticon;
@ -202,15 +203,23 @@ final class SockChatHandler extends Handler {
$authMethod = mb_substr($authInfo->token, 0, 5); $authMethod = mb_substr($authInfo->token, 0, 5);
if($authMethod === 'PASS:') { // DEPRECATE THIS if($authMethod === 'PASS:') {
if(time() > 1577750400) if(time() > 1577750400)
return ['success' => false, 'reason' => 'unsupported']; return ['success' => false, 'reason' => 'unsupported'];
if(user_password_verify_db($authInfo->user_id, mb_substr($authInfo->token, 5))) if(user_password_verify_db($authInfo->user_id, mb_substr($authInfo->token, 5)))
$userId = $authInfo->user_id; $userId = $authInfo->user_id;
} elseif($authMethod === 'SESS:') { // IMPROVE THIS } elseif($authMethod === 'SESS:') {
$tokenData = user_session_cookie_unpack(mb_substr($authInfo->token, 5), true); $sessionToken = mb_substr($authInfo->token, 5);
user_session_start($authInfo->user_id, $tokenData['token']); $tokenData = user_session_cookie_unpack(
Base64::decode($sessionToken, true),
true
);
if(isset($tokenData['session_token']))
$sessionToken = $tokenData['session_token'];
user_session_start($authInfo->user_id, $sessionToken);
if(user_session_active()) if(user_session_active())
$userId = user_session_current('user_id'); $userId = user_session_current('user_id');