diff options
Diffstat (limited to 'app/Model')
| -rw-r--r-- | app/Model/Authentication.php | 10 | ||||
| -rw-r--r-- | app/Model/Config.php | 22 | ||||
| -rw-r--r-- | app/Model/User.php | 8 | ||||
| -rw-r--r-- | app/Model/UserSession.php | 70 |
4 files changed, 66 insertions, 44 deletions
diff --git a/app/Model/Authentication.php b/app/Model/Authentication.php index 11e32313..83d85433 100644 --- a/app/Model/Authentication.php +++ b/app/Model/Authentication.php @@ -45,11 +45,11 @@ class Authentication extends Base // Check if the user session match an existing user $userNotFound = ! $this->user->exists($this->userSession->getId()); - $reverseProxyWrongUser = REVERSE_PROXY_AUTH && $this->backend('reverseProxy')->getUsername() !== $_SESSION['user']['username']; + $reverseProxyWrongUser = REVERSE_PROXY_AUTH && $this->backend('reverseProxy')->getUsername() !== $this->userSession->getUsername(); if ($userNotFound || $reverseProxyWrongUser) { $this->backend('rememberMe')->destroy($this->userSession->getId()); - $this->session->close(); + $this->sessionManager->close(); return false; } @@ -176,8 +176,12 @@ class Authentication extends Base public function validateFormCaptcha(array $values) { if ($this->hasCaptcha($values['username'])) { + if (! isset($this->sessionStorage->captcha)) { + return false; + } + $builder = new CaptchaBuilder; - $builder->setPhrase($this->session['captcha']); + $builder->setPhrase($this->sessionStorage->captcha); return $builder->testPhrase(isset($values['captcha']) ? $values['captcha'] : ''); } diff --git a/app/Model/Config.php b/app/Model/Config.php index 84a968e3..6a6f8a5a 100644 --- a/app/Model/Config.php +++ b/app/Model/Config.php @@ -4,7 +4,7 @@ namespace Kanboard\Model; use Kanboard\Core\Translator; use Kanboard\Core\Security\Token; -use Kanboard\Core\Session; +use Kanboard\Core\Session\SessionManager; /** * Config model @@ -145,8 +145,8 @@ class Config extends Setting */ public function getCurrentLanguage() { - if ($this->userSession->isLogged() && ! empty($this->session['user']['language'])) { - return $this->session['user']['language']; + if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['language'])) { + return $this->sessionStorage->user['language']; } return $this->get('application_language', 'en_US'); @@ -162,17 +162,17 @@ class Config extends Setting */ public function get($name, $default_value = '') { - if (! Session::isOpen()) { + if (! SessionManager::isOpen()) { return $this->getOption($name, $default_value); } // Cache config in session - if (! isset($this->session['config'][$name])) { - $this->session['config'] = $this->getAll(); + if (! isset($this->sessionStorage->config[$name])) { + $this->sessionStorage->config = $this->getAll(); } - if (! empty($this->session['config'][$name])) { - return $this->session['config'][$name]; + if (! empty($this->sessionStorage->config[$name])) { + return $this->sessionStorage->config[$name]; } return $default_value; @@ -185,7 +185,7 @@ class Config extends Setting */ public function reload() { - $this->session['config'] = $this->getAll(); + $this->sessionStorage->config = $this->getAll(); $this->setupTranslations(); } @@ -207,8 +207,8 @@ class Config extends Setting */ public function getCurrentTimezone() { - if ($this->userSession->isLogged() && ! empty($this->session['user']['timezone'])) { - return $this->session['user']['timezone']; + if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['timezone'])) { + return $this->sessionStorage->user['timezone']; } return $this->get('application_timezone', 'UTC'); diff --git a/app/Model/User.php b/app/Model/User.php index dc00c0c5..88361ce8 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -5,7 +5,7 @@ namespace Kanboard\Model; use PicoDb\Database; use SimpleValidator\Validator; use SimpleValidator\Validators; -use Kanboard\Core\Session; +use Kanboard\Core\Session\SessionManager; use Kanboard\Core\Security\Token; /** @@ -320,8 +320,8 @@ class User extends Base $result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values); // If the user is connected refresh his session - if (Session::isOpen() && $this->userSession->getId() == $values['id']) { - $this->userSession->refresh(); + if (SessionManager::isOpen() && $this->userSession->getId() == $values['id']) { + $this->userSession->initialize($this->getById($this->userSession->getId())); } return $result; @@ -587,7 +587,7 @@ class User extends Base if ($v->execute()) { // Check password - if ($this->authentication->authenticate($this->session['user']['username'], $values['current_password'])) { + if ($this->authentication->authenticate($this->userSession->getUsername(), $values['current_password'])) { return array(true, array()); } else { return array(false, array('current_password' => array(t('Wrong password')))); diff --git a/app/Model/UserSession.php b/app/Model/UserSession.php index 1778114e..a687952b 100644 --- a/app/Model/UserSession.php +++ b/app/Model/UserSession.php @@ -11,17 +11,13 @@ namespace Kanboard\Model; class UserSession extends Base { /** - * Update user session information + * Update user session * * @access public - * @param array $user User data + * @param array $user */ - public function refresh(array $user = array()) + public function initialize(array $user) { - if (empty($user)) { - $user = $this->user->getById($this->userSession->getId()); - } - if (isset($user['password'])) { unset($user['password']); } @@ -31,12 +27,13 @@ class UserSession extends Base } $user['id'] = (int) $user['id']; - $user['is_admin'] = (bool) $user['is_admin']; - $user['is_project_admin'] = (bool) $user['is_project_admin']; - $user['is_ldap_user'] = (bool) $user['is_ldap_user']; - $user['twofactor_activated'] = (bool) $user['twofactor_activated']; + $user['is_admin'] = isset($user['is_admin']) ? (bool) $user['is_admin'] : false; + $user['is_project_admin'] = isset($user['is_project_admin']) ? (bool) $user['is_project_admin'] : false; + $user['is_ldap_user'] = isset($user['is_ldap_user']) ? (bool) $user['is_ldap_user'] : false; + $user['twofactor_activated'] = isset($user['twofactor_activated']) ? (bool) $user['twofactor_activated'] : false; - $this->session['user'] = $user; + $this->sessionStorage->user = $user; + $this->sessionStorage->postAuth = array('validated' => false); } /** @@ -47,7 +44,7 @@ class UserSession extends Base */ public function check2FA() { - return isset($this->session['2fa_validated']) && $this->session['2fa_validated'] === true; + return isset($this->sessionStorage->postAuth['validated']) && $this->sessionStorage->postAuth['validated'] === true; } /** @@ -58,7 +55,17 @@ class UserSession extends Base */ public function has2FA() { - return isset($this->session['user']['twofactor_activated']) && $this->session['user']['twofactor_activated'] === true; + return isset($this->sessionStorage->user['twofactor_activated']) && $this->sessionStorage->user['twofactor_activated'] === true; + } + + /** + * Disable 2FA for the current session + * + * @access public + */ + public function disable2FA() + { + $this->sessionStorage->user['twofactor_activated'] = false; } /** @@ -69,7 +76,7 @@ class UserSession extends Base */ public function isAdmin() { - return isset($this->session['user']['is_admin']) && $this->session['user']['is_admin'] === true; + return isset($this->sessionStorage->user['is_admin']) && $this->sessionStorage->user['is_admin'] === true; } /** @@ -80,7 +87,7 @@ class UserSession extends Base */ public function isProjectAdmin() { - return isset($this->session['user']['is_project_admin']) && $this->session['user']['is_project_admin'] === true; + return isset($this->sessionStorage->user['is_project_admin']) && $this->sessionStorage->user['is_project_admin'] === true; } /** @@ -91,7 +98,18 @@ class UserSession extends Base */ public function getId() { - return isset($this->session['user']['id']) ? (int) $this->session['user']['id'] : 0; + return isset($this->sessionStorage->user['id']) ? (int) $this->sessionStorage->user['id'] : 0; + } + + /** + * Get username + * + * @access public + * @return integer + */ + public function getUsername() + { + return isset($this->sessionStorage->user['username']) ? $this->sessionStorage->user['username'] : ''; } /** @@ -102,7 +120,7 @@ class UserSession extends Base */ public function isLogged() { - return ! empty($this->session['user']); + return isset($this->sessionStorage->user) && ! empty($this->sessionStorage->user); } /** @@ -114,7 +132,7 @@ class UserSession extends Base */ public function getFilters($project_id) { - return ! empty($_SESSION['filters'][$project_id]) ? $_SESSION['filters'][$project_id] : 'status:open'; + return ! empty($this->sessionStorage->filters[$project_id]) ? $this->sessionStorage->filters[$project_id] : 'status:open'; } /** @@ -126,7 +144,7 @@ class UserSession extends Base */ public function setFilters($project_id, $filters) { - $_SESSION['filters'][$project_id] = $filters; + $this->sessionStorage->filters[$project_id] = $filters; } /** @@ -138,7 +156,7 @@ class UserSession extends Base */ public function isBoardCollapsed($project_id) { - return ! empty($_SESSION['board_collapsed'][$project_id]) ? $_SESSION['board_collapsed'][$project_id] : false; + return ! empty($this->sessionStorage->boardCollapsed[$project_id]) ? $this->sessionStorage->boardCollapsed[$project_id] : false; } /** @@ -146,11 +164,11 @@ class UserSession extends Base * * @access public * @param integer $project_id - * @param boolean $collapsed + * @param boolean $is_collapsed */ - public function setBoardDisplayMode($project_id, $collapsed) + public function setBoardDisplayMode($project_id, $is_collapsed) { - $_SESSION['board_collapsed'][$project_id] = $collapsed; + $this->sessionStorage->boardCollapsed[$project_id] = $is_collapsed; } /** @@ -161,7 +179,7 @@ class UserSession extends Base */ public function setCommentSorting($order) { - $this->session['comment_sorting'] = $order; + $this->sessionStorage->commentSorting = $order; } /** @@ -172,6 +190,6 @@ class UserSession extends Base */ public function getCommentSorting() { - return $this->session['comment_sorting'] ?: 'ASC'; + return empty($this->sessionStorage->commentSorting) ? 'ASC' : $this->sessionStorage->commentSorting; } } |