|
1
|
|
|
<?php |
|
2
|
|
|
namespace Elgg; |
|
3
|
|
|
/** |
|
4
|
|
|
* \Elgg\PersistentLoginService |
|
5
|
|
|
* |
|
6
|
|
|
* If a user selects a persistent login, a long, random token is generated and stored in the cookie |
|
7
|
|
|
* called "elggperm", and a hash of the token is stored in the DB. If the user's PHP session expires, |
|
8
|
|
|
* the session boot sequence will try to log the user in via the token in the cookie. |
|
9
|
|
|
* |
|
10
|
|
|
* Before Elgg 1.9, the token hashes were stored as "code" in the users_entity table. |
|
11
|
|
|
* |
|
12
|
|
|
* In Elgg 1.9, the token hashes are stored as "code" in the users_remember_me_cookies |
|
13
|
|
|
* table, allowing multiple browsers to maintain persistent logins. |
|
14
|
|
|
* |
|
15
|
|
|
* @todo Rename the "code" DB column to "hash" |
|
16
|
|
|
* |
|
17
|
|
|
* Legacy notes: This feature used to be called "remember me"; confusingly, both the tokens and the |
|
18
|
|
|
* hashes were called "codes"; old tokens were hexadecimal and lower entropy; new tokens are |
|
19
|
|
|
* base64 URL and always begin with the letter "z"; the boot sequence replaces old tokens whenever |
|
20
|
|
|
* possible. |
|
21
|
|
|
* |
|
22
|
|
|
* @package Elgg.Core |
|
23
|
|
|
* |
|
24
|
|
|
* @access private |
|
25
|
|
|
*/ |
|
26
|
|
|
class PersistentLoginService { |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* Constructor |
|
30
|
|
|
* |
|
31
|
|
|
* @param Database $db The DB service |
|
32
|
|
|
* @param \ElggSession $session The Elgg session |
|
33
|
|
|
* @param \ElggCrypto $crypto The cryptography service |
|
34
|
|
|
* @param array $cookie_config The persistent login cookie settings |
|
35
|
|
|
* @param string $cookie_token The token from the request cookie |
|
36
|
|
|
* @param int $time The current time |
|
37
|
|
|
*/ |
|
38
|
4417 |
|
public function __construct( |
|
39
|
|
|
Database $db, |
|
40
|
|
|
\ElggSession $session, |
|
41
|
|
|
\ElggCrypto $crypto, |
|
42
|
|
|
array $cookie_config, |
|
43
|
|
|
$cookie_token, |
|
44
|
|
|
$time = null) { |
|
45
|
4417 |
|
$this->db = $db; |
|
46
|
4417 |
|
$this->session = $session; |
|
47
|
4417 |
|
$this->crypto = $crypto; |
|
48
|
4417 |
|
$this->cookie_config = $cookie_config; |
|
49
|
4417 |
|
$this->cookie_token = $cookie_token; |
|
50
|
|
|
|
|
51
|
4417 |
|
$prefix = $this->db->prefix; |
|
52
|
4417 |
|
$this->table = "{$prefix}users_remember_me_cookies"; |
|
53
|
4417 |
|
$this->time = is_numeric($time) ? (int) $time : time(); |
|
54
|
4417 |
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Make the user's login persistent |
|
58
|
|
|
* |
|
59
|
|
|
* @param \ElggUser $user The user who logged in |
|
60
|
|
|
* |
|
61
|
|
|
* @return void |
|
62
|
|
|
*/ |
|
63
|
3 |
|
public function makeLoginPersistent(\ElggUser $user) { |
|
64
|
3 |
|
$token = $this->generateToken(); |
|
65
|
3 |
|
$hash = $this->hashToken($token); |
|
66
|
|
|
|
|
67
|
3 |
|
$this->storeHash($user, $hash); |
|
68
|
3 |
|
$this->setCookie($token); |
|
69
|
3 |
|
$this->setSession($token); |
|
70
|
3 |
|
} |
|
71
|
|
|
|
|
72
|
|
|
/** |
|
73
|
|
|
* Remove the persisted login token from client and server |
|
74
|
|
|
* |
|
75
|
|
|
* @return void |
|
76
|
|
|
*/ |
|
77
|
2 |
|
public function removePersistentLogin() { |
|
78
|
2 |
|
if ($this->cookie_token) { |
|
79
|
1 |
|
$client_hash = $this->hashToken($this->cookie_token); |
|
80
|
1 |
|
$this->removeHash($client_hash); |
|
81
|
|
|
} |
|
82
|
|
|
|
|
83
|
2 |
|
$this->setCookie(""); |
|
84
|
2 |
|
$this->setSession(""); |
|
85
|
2 |
|
} |
|
86
|
|
|
|
|
87
|
|
|
/** |
|
88
|
|
|
* Handle a password change |
|
89
|
|
|
* |
|
90
|
|
|
* @param \ElggUser $subject The user whose password changed |
|
91
|
|
|
* @param \ElggUser $modifier The user who changed the password |
|
92
|
|
|
* |
|
93
|
|
|
* @return void |
|
94
|
|
|
*/ |
|
95
|
3 |
|
public function handlePasswordChange(\ElggUser $subject, \ElggUser $modifier = null) { |
|
96
|
3 |
|
$this->removeAllHashes($subject); |
|
97
|
3 |
|
if (!$modifier || ($modifier->guid !== $subject->guid) || !$this->cookie_token) { |
|
98
|
2 |
|
return; |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
1 |
|
$this->makeLoginPersistent($modifier); |
|
102
|
1 |
|
} |
|
103
|
|
|
|
|
104
|
|
|
/** |
|
105
|
|
|
* Boot the persistent login session, possibly returning the user who should be |
|
106
|
|
|
* silently logged in. |
|
107
|
|
|
* |
|
108
|
|
|
* @return \ElggUser|null |
|
109
|
|
|
*/ |
|
110
|
4777 |
|
public function bootSession() { |
|
111
|
4777 |
|
if (!$this->cookie_token) { |
|
112
|
4777 |
|
return null; |
|
113
|
|
|
} |
|
114
|
|
|
|
|
115
|
|
|
// is this token good? |
|
116
|
3 |
|
$cookie_hash = $this->hashToken($this->cookie_token); |
|
117
|
3 |
|
$user = $this->getUserFromHash($cookie_hash); |
|
|
|
|
|
|
118
|
3 |
|
if ($user) { |
|
119
|
1 |
|
$this->setSession($this->cookie_token); |
|
120
|
|
|
// note: if the token is legacy, we don't both replacing it here because |
|
121
|
|
|
// it will be replaced during the next request boot |
|
122
|
1 |
|
return $user; |
|
|
|
|
|
|
123
|
|
|
} else { |
|
124
|
2 |
|
if ($this->isLegacyToken($this->cookie_token)) { |
|
125
|
|
|
// may be attempt to brute force legacy low-entropy tokens |
|
126
|
1 |
|
call_user_func($this->_callable_sleep, 1); |
|
127
|
|
|
} |
|
128
|
2 |
|
$this->setCookie(''); |
|
129
|
|
|
} |
|
130
|
2 |
|
} |
|
131
|
|
|
|
|
132
|
|
|
/** |
|
133
|
|
|
* Replace the user's token if it's a legacy hexadecimal token |
|
134
|
|
|
* |
|
135
|
|
|
* @param \ElggUser $logged_in_user The logged in user |
|
136
|
|
|
* |
|
137
|
|
|
* @return void |
|
138
|
|
|
*/ |
|
139
|
3 |
|
public function replaceLegacyToken(\ElggUser $logged_in_user) { |
|
140
|
3 |
|
if (!$this->cookie_token || !$this->isLegacyToken($this->cookie_token)) { |
|
141
|
2 |
|
return; |
|
142
|
|
|
} |
|
143
|
|
|
|
|
144
|
|
|
// replace user's old weaker-entropy code with new one |
|
145
|
1 |
|
$this->removeHash($this->hashToken($this->cookie_token)); |
|
146
|
1 |
|
$this->makeLoginPersistent($logged_in_user); |
|
147
|
1 |
|
} |
|
148
|
|
|
|
|
149
|
|
|
/** |
|
150
|
|
|
* Find a user with the given hash |
|
151
|
|
|
* |
|
152
|
|
|
* @param string $hash The hashed token |
|
153
|
|
|
* |
|
154
|
|
|
* @return \ElggUser|null |
|
155
|
|
|
*/ |
|
156
|
6 |
|
public function getUserFromHash($hash) { |
|
157
|
6 |
|
if (!$hash) { |
|
158
|
|
|
return null; |
|
159
|
|
|
} |
|
160
|
|
|
|
|
161
|
6 |
|
$hash = $this->db->sanitizeString($hash); |
|
|
|
|
|
|
162
|
6 |
|
$query = "SELECT guid FROM {$this->table} WHERE code = '$hash'"; |
|
163
|
|
|
try { |
|
164
|
6 |
|
$user_row = $this->db->getDataRow($query); |
|
165
|
|
|
} catch (\DatabaseException $e) { |
|
166
|
|
|
return $this->handleDbException($e); |
|
|
|
|
|
|
167
|
|
|
} |
|
168
|
6 |
|
if (!$user_row) { |
|
|
|
|
|
|
169
|
3 |
|
return null; |
|
170
|
|
|
} |
|
171
|
|
|
|
|
172
|
3 |
|
$user = call_user_func($this->_callable_get_user, $user_row->guid); |
|
173
|
3 |
|
return $user ? $user : null; |
|
174
|
|
|
} |
|
175
|
|
|
|
|
176
|
|
|
/** |
|
177
|
|
|
* Store a hash in the DB |
|
178
|
|
|
* |
|
179
|
|
|
* @param \ElggUser $user The user for whom we're storing the hash |
|
180
|
|
|
* @param string $hash The hashed token |
|
181
|
|
|
* |
|
182
|
|
|
* @return void |
|
183
|
|
|
*/ |
|
184
|
3 |
|
protected function storeHash(\ElggUser $user, $hash) { |
|
185
|
|
|
// This prevents inserting the same hash twice, which seems to be happening in some rare cases |
|
186
|
|
|
// and for unknown reasons. See https://github.com/Elgg/Elgg/issues/8104 |
|
187
|
3 |
|
$this->removeHash($hash); |
|
188
|
|
|
|
|
189
|
3 |
|
$time = time(); |
|
190
|
3 |
|
$hash = $this->db->sanitizeString($hash); |
|
|
|
|
|
|
191
|
|
|
|
|
192
|
|
|
$query = " |
|
193
|
3 |
|
INSERT INTO {$this->table} (code, guid, timestamp) |
|
194
|
3 |
|
VALUES ('$hash', {$user->guid}, $time) |
|
195
|
|
|
"; |
|
196
|
|
|
try { |
|
197
|
3 |
|
$this->db->insertData($query); |
|
198
|
|
|
} catch (\DatabaseException $e) { |
|
199
|
|
|
$this->handleDbException($e); |
|
200
|
|
|
} |
|
201
|
3 |
|
} |
|
202
|
|
|
|
|
203
|
|
|
/** |
|
204
|
|
|
* Remove a hash from the DB |
|
205
|
|
|
* |
|
206
|
|
|
* @param string $hash The hashed token to remove (unused before 1.9) |
|
207
|
|
|
* @return void |
|
208
|
|
|
*/ |
|
209
|
4 |
|
protected function removeHash($hash) { |
|
210
|
4 |
|
$hash = $this->db->sanitizeString($hash); |
|
|
|
|
|
|
211
|
|
|
|
|
212
|
4 |
|
$query = "DELETE FROM {$this->table} WHERE code = '$hash'"; |
|
213
|
|
|
try { |
|
214
|
4 |
|
$this->db->deleteData($query); |
|
215
|
|
|
} catch (\DatabaseException $e) { |
|
216
|
|
|
$this->handleDbException($e); |
|
217
|
|
|
} |
|
218
|
4 |
|
} |
|
219
|
|
|
|
|
220
|
|
|
/** |
|
221
|
|
|
* Swallow a schema not upgraded exception, otherwise rethrow it |
|
222
|
|
|
* |
|
223
|
|
|
* @param \DatabaseException $exception The exception to handle |
|
224
|
|
|
* @param string $default The value to return if the table doesn't exist yet |
|
225
|
|
|
* |
|
226
|
|
|
* @return mixed |
|
227
|
|
|
* |
|
228
|
|
|
* @throws \DatabaseException |
|
229
|
|
|
*/ |
|
230
|
|
|
protected function handleDbException(\DatabaseException $exception, $default = null) { |
|
231
|
|
|
if (false !== strpos($exception->getMessage(), "users_remember_me_cookies' doesn't exist")) { |
|
232
|
|
|
// schema has not been updated so we swallow this exception |
|
233
|
|
|
return $default; |
|
234
|
|
|
} else { |
|
235
|
|
|
throw $exception; |
|
236
|
|
|
} |
|
237
|
|
|
} |
|
238
|
|
|
|
|
239
|
|
|
/** |
|
240
|
|
|
* Remove all the hashes associated with a user |
|
241
|
|
|
* |
|
242
|
|
|
* @param \ElggUser $user The user for whom we're removing hashes |
|
243
|
|
|
* |
|
244
|
|
|
* @return void |
|
245
|
|
|
*/ |
|
246
|
3 |
|
protected function removeAllHashes(\ElggUser $user) { |
|
247
|
3 |
|
$query = "DELETE FROM {$this->table} WHERE guid = '{$user->guid}'"; |
|
248
|
|
|
try { |
|
249
|
3 |
|
$this->db->deleteData($query); |
|
250
|
|
|
} catch (\DatabaseException $e) { |
|
251
|
|
|
$this->handleDbException($e); |
|
252
|
|
|
} |
|
253
|
3 |
|
} |
|
254
|
|
|
|
|
255
|
|
|
/** |
|
256
|
|
|
* Create a hash from the token |
|
257
|
|
|
* |
|
258
|
|
|
* @param string $token The token to hash |
|
259
|
|
|
* |
|
260
|
|
|
* @return string |
|
261
|
|
|
*/ |
|
262
|
7 |
|
protected function hashToken($token) { |
|
263
|
|
|
// note: with user passwords, you'd want legit password hashing, but since these are randomly |
|
264
|
|
|
// generated and long tokens, rainbow tables aren't any help. |
|
265
|
7 |
|
return md5($token); |
|
266
|
|
|
} |
|
267
|
|
|
|
|
268
|
|
|
/** |
|
269
|
|
|
* Store the token in the client cookie (or remove the cookie) |
|
270
|
|
|
* |
|
271
|
|
|
* @param string $token Empty string to remove cookie |
|
272
|
|
|
* |
|
273
|
|
|
* @return void |
|
274
|
|
|
*/ |
|
275
|
7 |
|
protected function setCookie($token) { |
|
276
|
7 |
|
$cookie = new \ElggCookie($this->cookie_config['name']); |
|
277
|
7 |
|
foreach (['expire', 'path', 'domain', 'secure', 'httponly'] as $key) { |
|
278
|
7 |
|
$cookie->$key = $this->cookie_config[$key]; |
|
279
|
|
|
} |
|
280
|
7 |
|
$cookie->value = $token; |
|
281
|
7 |
|
if (!$token) { |
|
282
|
4 |
|
$cookie->expire = $this->time - (86400 * 30); |
|
283
|
|
|
} |
|
284
|
7 |
|
call_user_func($this->_callable_elgg_set_cookie, $cookie); |
|
285
|
7 |
|
} |
|
286
|
|
|
|
|
287
|
|
|
/** |
|
288
|
|
|
* Store the token in the session (or remove it from the session) |
|
289
|
|
|
* |
|
290
|
|
|
* @param string $token The token to store in session. Empty string to remove. |
|
291
|
|
|
* |
|
292
|
|
|
* @return void |
|
293
|
|
|
*/ |
|
294
|
6 |
|
protected function setSession($token) { |
|
295
|
6 |
|
if ($token) { |
|
296
|
4 |
|
$this->session->set('code', $token); |
|
297
|
|
|
} else { |
|
298
|
2 |
|
$this->session->remove('code'); |
|
299
|
|
|
} |
|
300
|
6 |
|
} |
|
301
|
|
|
|
|
302
|
|
|
/** |
|
303
|
|
|
* Generate a random token (base 64 URL) |
|
304
|
|
|
* |
|
305
|
|
|
* The first char is always "z" to indicate the value has more entropy than the |
|
306
|
|
|
* previously generated ones. |
|
307
|
|
|
* |
|
308
|
|
|
* @return string |
|
309
|
|
|
*/ |
|
310
|
3 |
|
protected function generateToken() { |
|
311
|
3 |
|
return 'z' . $this->crypto->getRandomString(31); |
|
312
|
|
|
} |
|
313
|
|
|
|
|
314
|
|
|
/** |
|
315
|
|
|
* Is the given token a legacy MD5 hash? |
|
316
|
|
|
* |
|
317
|
|
|
* @param string $token The token to analyze |
|
318
|
|
|
* |
|
319
|
|
|
* @return bool |
|
320
|
|
|
*/ |
|
321
|
3 |
|
protected function isLegacyToken($token) { |
|
322
|
3 |
|
return (isset($token[0]) && $token[0] !== 'z'); |
|
323
|
|
|
} |
|
324
|
|
|
|
|
325
|
|
|
/** |
|
326
|
|
|
* @var Database |
|
327
|
|
|
*/ |
|
328
|
|
|
protected $db; |
|
329
|
|
|
|
|
330
|
|
|
/** |
|
331
|
|
|
* @var string |
|
332
|
|
|
*/ |
|
333
|
|
|
protected $table; |
|
334
|
|
|
|
|
335
|
|
|
/** |
|
336
|
|
|
* @var array |
|
337
|
|
|
*/ |
|
338
|
|
|
protected $cookie_config; |
|
339
|
|
|
|
|
340
|
|
|
/** |
|
341
|
|
|
* @var string |
|
342
|
|
|
*/ |
|
343
|
|
|
protected $cookie_token; |
|
344
|
|
|
|
|
345
|
|
|
/** |
|
346
|
|
|
* @var \ElggSession |
|
347
|
|
|
*/ |
|
348
|
|
|
protected $session; |
|
349
|
|
|
|
|
350
|
|
|
/** |
|
351
|
|
|
* @var \ElggCrypto |
|
352
|
|
|
*/ |
|
353
|
|
|
protected $crypto; |
|
354
|
|
|
|
|
355
|
|
|
/** |
|
356
|
|
|
* @var int |
|
357
|
|
|
*/ |
|
358
|
|
|
protected $time; |
|
359
|
|
|
|
|
360
|
|
|
/** |
|
361
|
|
|
* DO NOT USE. For unit test mocking |
|
362
|
|
|
* @access private |
|
363
|
|
|
*/ |
|
364
|
|
|
public $_callable_get_user = 'get_user'; |
|
365
|
|
|
|
|
366
|
|
|
/** |
|
367
|
|
|
* DO NOT USE. For unit test mocking |
|
368
|
|
|
* @access private |
|
369
|
|
|
*/ |
|
370
|
|
|
public $_callable_elgg_set_cookie = 'elgg_set_cookie'; |
|
371
|
|
|
|
|
372
|
|
|
/** |
|
373
|
|
|
* DO NOT USE. For unit test mocking |
|
374
|
|
|
* @access private |
|
375
|
|
|
*/ |
|
376
|
|
|
public $_callable_sleep = 'sleep'; |
|
377
|
|
|
} |
|
378
|
|
|
|
|
379
|
|
|
|
Elgg /
Elgg
Loading history...
This check looks for function or method calls that always return null and whose return value is assigned to a variable.
The method
getObject()can return nothing but null, so it makes no sense to assign that value to a variable.The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.