From dea897456a483a7aba7940e51da5e63509493222 Mon Sep 17 00:00:00 2001 From: flashwave Date: Tue, 12 Feb 2019 16:26:39 +0100 Subject: [PATCH] Merged auth cookies into one. --- misuzu.php | 54 +++++++++++++++++++++++++------------------ public/auth.php | 7 +++--- src/Users/session.php | 32 +++++++++++++++++++++++++ utility.php | 13 ----------- 4 files changed, 67 insertions(+), 39 deletions(-) diff --git a/misuzu.php b/misuzu.php index b8c963bf..48e3fb70 100644 --- a/misuzu.php +++ b/misuzu.php @@ -325,36 +325,46 @@ MIG; exit; } - if (isset($_COOKIE['msz_uid'], $_COOKIE['msz_sid']) - && user_session_start((int)$_COOKIE['msz_uid'], $_COOKIE['msz_sid'])) { - $mszUserId = (int)$_COOKIE['msz_uid']; + if (!empty($_COOKIE['msz_uid']) && !empty($_COOKIE['msz_sid']) + && ctype_digit($_COOKIE['msz_uid']) && ctype_xdigit($_COOKIE['msz_sid']) + && strlen($_COOKIE['msz_sid']) === 64) { + $_COOKIE['msz_auth'] = base64url_encode(user_session_cookie_pack($_COOKIE['msz_uid'], $_COOKIE['msz_sid'])); + setcookie('msz_auth', $_COOKIE['msz_auth'], strtotime('1 year'), '/', '', true, true); + setcookie('msz_uid', '', -3600, '/', '', true, true); + setcookie('msz_sid', '', -3600, '/', '', true, true); + } - user_bump_last_active($mszUserId); - user_session_bump_active(user_session_current('session_id')); + if (!empty($_COOKIE['msz_auth']) && is_string($_COOKIE['msz_auth'])) { + $cookieData = user_session_cookie_unpack(base64url_decode($_COOKIE['msz_auth'])); - $getUserDisplayInfo = db_prepare(' - SELECT - u.`user_id`, u.`username`, u.`user_background_settings`, - COALESCE(u.`user_colour`, r.`role_colour`) AS `user_colour` - FROM `msz_users` AS u - LEFT JOIN `msz_roles` AS r - ON u.`display_role` = r.`role_id` - WHERE `user_id` = :user_id - '); - $getUserDisplayInfo->bindValue('user_id', $mszUserId); - $userDisplayInfo = db_fetch($getUserDisplayInfo); + if (!empty($cookieData) && user_session_start($cookieData['user_id'], $cookieData['session_token'])) { + user_bump_last_active($cookieData['user_id']); + user_session_bump_active(user_session_current('session_id')); - if ($userDisplayInfo) { - $userDisplayInfo['general_perms'] = perms_get_user(MSZ_PERMS_GENERAL, $userDisplayInfo['user_id']); - $userDisplayInfo['comments_perms'] = perms_get_user(MSZ_PERMS_COMMENTS, $userDisplayInfo['user_id']); - $userDisplayInfo['ban_expiration'] = user_warning_check_expiration($userDisplayInfo['user_id'], MSZ_WARN_BAN); - $userDisplayInfo['silence_expiration'] = $userDisplayInfo['ban_expiration'] > 0 ? 0 : user_warning_check_expiration($userDisplayInfo['user_id'], MSZ_WARN_SILENCE); + $getUserDisplayInfo = db_prepare(' + SELECT + u.`user_id`, u.`username`, u.`user_background_settings`, + COALESCE(u.`user_colour`, r.`role_colour`) AS `user_colour` + FROM `msz_users` AS u + LEFT JOIN `msz_roles` AS r + ON u.`display_role` = r.`role_id` + WHERE `user_id` = :user_id + '); + $getUserDisplayInfo->bindValue('user_id', $cookieData['user_id']); + $userDisplayInfo = db_fetch($getUserDisplayInfo); + + if ($userDisplayInfo) { + $userDisplayInfo['general_perms'] = perms_get_user(MSZ_PERMS_GENERAL, $userDisplayInfo['user_id']); + $userDisplayInfo['comments_perms'] = perms_get_user(MSZ_PERMS_COMMENTS, $userDisplayInfo['user_id']); + $userDisplayInfo['ban_expiration'] = user_warning_check_expiration($userDisplayInfo['user_id'], MSZ_WARN_BAN); + $userDisplayInfo['silence_expiration'] = $userDisplayInfo['ban_expiration'] > 0 ? 0 : user_warning_check_expiration($userDisplayInfo['user_id'], MSZ_WARN_SILENCE); + } } } csrf_init( config_get_default('insecure', 'CSRF', 'secret_key'), - empty($userDisplayInfo) ? ip_remote_address() : $_COOKIE['msz_sid'] + empty($userDisplayInfo) ? ip_remote_address() : $cookieData['session_token'] ); if (!$misuzuBypassLockdown && boolval(config_get_default(false, 'Private', 'enabled'))) { diff --git a/public/auth.php b/public/auth.php index f97cc693..0558e17f 100644 --- a/public/auth.php +++ b/public/auth.php @@ -45,8 +45,7 @@ switch ($authMode) { } if (csrf_verify('logout', $_GET['s'] ?? '')) { - set_cookie_m('uid', '', -3600); - set_cookie_m('sid', '', -3600); + setcookie('msz_auth', '', -3600, '/', '', true, true); user_session_stop(true); header(sprintf('Location: %s', url('index'))); return; @@ -260,8 +259,8 @@ MSG; user_session_start($userData['user_id'], $sessionKey); $cookieLife = strtotime(user_session_current('session_expires')); - set_cookie_m('uid', $userData['user_id'], $cookieLife); - set_cookie_m('sid', $sessionKey, $cookieLife); + $cookieValue = base64_encode(user_session_cookie_pack($userData['user_id'], $sessionKey)); + setcookie('msz_auth', $cookieValue, $cookieLife, '/', '', true, true); if (!is_local_url($authRedirect)) { $authRedirect = url('index'); diff --git a/src/Users/session.php b/src/Users/session.php index 428f09b8..35113f39 100644 --- a/src/Users/session.php +++ b/src/Users/session.php @@ -174,3 +174,35 @@ function user_session_active(): bool return !empty($GLOBALS[MSZ_SESSION_DATA_STORE]) && time() < strtotime($GLOBALS[MSZ_SESSION_DATA_STORE]['session_expires']); } + +define('MSZ_SESSION_COOKIE_VERSION', 1); +// make sure to match this to the final fixed size of the cookie string +// it'll pad older tokens out for backwards compatibility +define('MSZ_SESSION_COOKIE_SIZE', 37); + +function user_session_cookie_pack(int $userId, string $sessionToken): ?string +{ + if (strlen($sessionToken) !== MSZ_SESSION_KEY_SIZE) { + return null; + } + + return pack('CNH64', MSZ_SESSION_COOKIE_VERSION, $userId, $sessionToken); +} + +function user_session_cookie_unpack(string $packed): array +{ + $packed = str_pad($packed, MSZ_SESSION_COOKIE_SIZE, "\x00"); + $unpacked = unpack('Cversion/Nuser/H64token', $packed); + + if ($unpacked['version'] < 1 || $unpacked['version'] > MSZ_SESSION_COOKIE_VERSION) { + return []; + } + + // Make sure this contains all fields with a default for version > 1 exclusive stuff + $data = [ + 'user_id' => $unpacked['user'], + 'session_token' => $unpacked['token'], + ]; + + return $data; +} diff --git a/utility.php b/utility.php index 3d6e1e28..669ca96b 100644 --- a/utility.php +++ b/utility.php @@ -1,17 +1,4 @@