deon/khosb
Archived
1
0
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Wiki Activity

Some enhancements to token logins

Browse Source
This commit is contained in:
Deon George
2011-10-12 14:52:04 +11:00
parent 718c42be65
commit c419b50bac
3 changed files with 121 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
application/classes/auth/osb.php
View File

@@ -146,31 +146,58 @@ class Auth_OSB extends Auth_ORM {
* @return mixed The user
*/
private function _get_token_user($token) {
// This has been implemented, as we sometimes we seem to come here twice
static $user = NULL;
if (! is_null($user))
return $user;
$mmto = ORM::factory('module_method_token',array('token'=>$token));
$user = FALSE;
if ($mmto->loaded()) {
if ($mmto->date_expire < time()) {
if (! is_null($mmto->date_expire) AND $mmto->date_expire < time()) {
SystemMessage::add(array(
'title'=>_('Token Not Valid'),
'type'=>'warning',
'body'=>_('Token expired')));
// @todo Log the token deletion
Session::instance()->delete('token');
$mmto->delete();
} elseif (! is_null($mmto->uses) AND $mmto->uses < 1) {
SystemMessage::add(array(
'title'=>_('Token Not Valid'),
'type'=>'warning',
'body'=>_('Token expired')));
// @todo Log the token deletion
Session::instance()->delete('token');
$mmto->delete();
} else {
// Check that the token is for this URI
$mo = ORM::factory('module',array('name'=>Request::current()->controller()));
$mmo = ORM::factory('module_method',
array('name'=>Request::current()->directory() ? sprintf('%s_%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action()));
$mmo = ORM::factory('module_method',array(
'module_id'=>$mo->id,
'name'=>Request::current()->directory() ? sprintf('%s_%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action()
));
// Ignore the token if this is not the right method.
if ($mmo->id == $mmto->method_id) {
// @todo Implement single use tokens
// If this is a usage count token, reduce the count.
if (! is_null($mmto->uses))
$mmto->uses -= 1;
// Record the date this token was used
$mmto->date_last = time();
$mmto->save();
Session::instance()->set('token',$token);
$user = ORM::factory('account',$mmto->account_id);
$user->log(sprintf('Token %s used for method %s',$mmto->token,$mmto->method_id));
}
}
}