From bcd7920b817b60df9b1b266118419e44c39900db Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 13:59:59 +0100 Subject: generalize authentication handling Signed-off-by: Florian Pritz --- application/models/muser.php | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'application/models/muser.php') diff --git a/application/models/muser.php b/application/models/muser.php index ffcc5f6b3..fb8abad8b 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -160,14 +160,14 @@ class Muser extends CI_Model { $have = array_search($session_level, $this->access_levels); if ($wanted === false || $have === false) { - show_error("Failed to determine access level"); + throw new \exceptions\PublicApiException("api/invalid-accesslevel", "Failed to determine access level"); } if ($have >= $wanted) { - return true; + return; } - show_error("Access denied: Access level too low", 403); + throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low"); } function require_access($wanted_level = "full") @@ -184,17 +184,15 @@ class Muser extends CI_Model { return $this->check_access_level($wanted_level); } - if (!stateful_client()) { - show_error("Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.\n", 401); + if (stateful_client()) { + // desktop clients get redirected to the login form + $this->require_session(); + if (!$this->session->userdata("flash:new:uri")) { + $this->session->set_flashdata("uri", $this->uri->uri_string()); + } } - // desktop clients get redirected to the login form - $this->require_session(); - if (!$this->session->userdata("flash:new:uri")) { - $this->session->set_flashdata("uri", $this->uri->uri_string()); - } - redirect('user/login'); - exit(); + throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information."); } function username_exists($username) -- cgit v1.2.3-24-g4f1b From 08dbb3590d64a5c1bf8981f275e47aef84acb4e0 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 14:00:56 +0100 Subject: use function instead of variable Signed-off-by: Florian Pritz --- application/models/muser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/models/muser.php') diff --git a/application/models/muser.php b/application/models/muser.php index fb8abad8b..398253c6a 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -156,8 +156,8 @@ class Muser extends CI_Model { { $session_level = $this->session->userdata("access_level"); - $wanted = array_search($wanted_level, $this->access_levels); - $have = array_search($session_level, $this->access_levels); + $wanted = array_search($wanted_level, $this->get_access_levels()); + $have = array_search($session_level, $this->get_access_levels()); if ($wanted === false || $have === false) { throw new \exceptions\PublicApiException("api/invalid-accesslevel", "Failed to determine access level"); -- cgit v1.2.3-24-g4f1b From a842392c30e9ef1d1d2bd9b4eb271c3fd23b853f Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 17:17:27 +0100 Subject: Use exceptions instead of show_error Signed-off-by: Florian Pritz --- application/models/muser.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/models/muser.php') diff --git a/application/models/muser.php b/application/models/muser.php index 398253c6a..6f6129ca2 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -83,7 +83,7 @@ class Muser extends CI_Model { if ($this->login($username, $password)) { return true; } else { - show_error("Login failed", 401); + throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed"); } } @@ -112,7 +112,7 @@ class Muser extends CI_Model { return true; } - show_error("API key login failed", 401); + throw new \exceptions\NotAuthenticatedException("user/api-login-failed", "API key login failed"); } function logout() @@ -208,7 +208,7 @@ class Muser extends CI_Model { ->get()->row_array(); if (!isset($query["key"]) || $key != $query["key"]) { - show_error("Invalid action key"); + throw new \exceptions\ApiException("user/get_action/invalid-action", "Invalid action key"); } return $query; -- cgit v1.2.3-24-g4f1b