From c5d5cb3c864ca381e133a24a2a786604db7880ab Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 15 Jul 2013 13:12:19 +0200 Subject: Rework auto login for cli clients Only login when necessary. This also makes test_login() work properly (before the automatic login would have intercepted the failure and in case of a good login test_login() would test the credentials a second time. Signed-off-by: Florian Pritz --- application/controllers/file.php | 10 ++++++ application/models/muser.php | 73 ++++++++++++++++++++++------------------ 2 files changed, 51 insertions(+), 32 deletions(-) (limited to 'application') diff --git a/application/controllers/file.php b/application/controllers/file.php index fcb8717c5..d0884e3f7 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -521,6 +521,11 @@ class File extends CI_Controller { // Handle pastes function do_paste() { + // desktop clients get a cookie to claim the ID later + if (is_cli_client()) { + $this->muser->require_access(); + } + $content = $this->input->post("content"); $filesize = strlen($content); $filename = "stdin"; @@ -559,6 +564,11 @@ class File extends CI_Controller { // Handles uploaded files function do_upload() { + // desktop clients get a cookie to claim the ID later + if (is_cli_client()) { + $this->muser->require_access(); + } + $ids = array(); $extension = $this->input->post('extension'); diff --git a/application/models/muser.php b/application/models/muser.php index 720b4ee7e..639b5ee3a 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -21,28 +21,6 @@ class Muser extends CI_Model { $this->load->helper("filebin"); $this->load->driver("duser"); - - if (is_cli_client()) { - $username = $this->input->post("username"); - $password = $this->input->post("password"); - - // prefer post parameters if either (username or password) is set - if ($username === false && $password === false) { - if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { - $username = $_SERVER['PHP_AUTH_USER']; - $password = $_SERVER['PHP_AUTH_PW']; - } - } - - if ($username !== false && $password !== false) { - if (!$this->login($username, $password)) { - // TODO: better message - $this->output->set_status_header(401); - echo "login failed.\n"; - exit; - } - } - } } function has_session() @@ -85,6 +63,31 @@ class Muser extends CI_Model { return $this->duser->login($username, $password); } + private function login_cli_client() + { + $username = $this->input->post("username"); + $password = $this->input->post("password"); + + // prefer post parameters if either (username or password) is set + if ($username === false && $password === false) { + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + $username = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + } + } + + if ($username !== false && $password !== false) { + if ($this->login($username, $password)) { + return true; + } else { + // TODO: better message + $this->output->set_status_header(401); + echo "login failed.\n"; + exit; + } + } + } + function logout() { $this->require_session(); @@ -125,18 +128,24 @@ class Muser extends CI_Model { { if ($this->logged_in()) { return true; - } else { - if (is_cli_client()) { - echo "FileBin requires you to have an account, please go to the homepage for more information.\n"; - exit(); - } else { - $this->require_session(); - if (!$this->session->userdata("flash:new:uri")) { - $this->session->set_flashdata("uri", $this->uri->uri_string()); - } - redirect('user/login'); + } + + // handle cli clients + if (is_cli_client()) { + if ($this->login_cli_client()) { + return true; } + + echo "FileBin requires you to have an account, please go to the homepage for more information.\n"; + exit(); + } + + // desktop clients get redirected to the login form + $this->require_session(); + if (!$this->session->userdata("flash:new:uri")) { + $this->session->set_flashdata("uri", $this->uri->uri_string()); } + redirect('user/login'); exit(); } -- cgit v1.2.3-24-g4f1b