Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

added configuration to not use cookies if sessions are enabled.

develop
Raphael Jackstadt 10 years ago
parent
9afda70a7d
commit
3413b3bf0a
2 changed files with 114 additions and 67 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      application/config/aauth.php
  2. 180
      application/libraries/Aauth.php

1
application/config/aauth.php
Unescape View File

@ -68,6 +68,7 @@ $config['aauth']['max_login_attempt'] = 10;
$config['aauth']['verification'] = false; $config['aauth']['verification'] = false;
$config['aauth']['login_with_name'] = false; $config['aauth']['login_with_name'] = false;
$config['aauth']['use_cookies'] = false;
// system email. // system email.
$config['aauth']['email'] = 'admin@admin.com'; $config['aauth']['email'] = 'admin@admin.com';

180
application/libraries/Aauth.php
Unescape View File

@ -22,7 +22,6 @@
* https://github.com/emreakay/CodeIgniter-Aauth * https://github.com/emreakay/CodeIgniter-Aauth
* *
* @todo separate (on some level) the unvalidated users from the "banned" users * @todo separate (on some level) the unvalidated users from the "banned" users
* @todo add configuration to not use cookies if sessions are enabled.
*/ */
class Aauth { class Aauth {
@ -132,15 +131,17 @@ class Aauth {
*/ */
public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) { public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) {
// Remove cookies first if($this->config_vars['use_cookies'] == TRUE){
$cookie = array( // Remove cookies first
'name' => 'user', $cookie = array(
'value' => '', 'name' => 'user',
'expire' => time()-3600, 'value' => '',
'path' => '/', 'expire' => time()-3600,
); 'path' => '/',
);
$this->CI->input->set_cookie($cookie);
}
$this->CI->input->set_cookie($cookie);
if( $this->config_vars['login_with_name'] == TRUE){ if( $this->config_vars['login_with_name'] == TRUE){
if( !$identifier OR strlen($pass) < 5 OR strlen($pass) > $this->config_vars['max'] ) if( !$identifier OR strlen($pass) < 5 OR strlen($pass) > $this->config_vars['max'] )
@ -184,13 +185,17 @@ class Aauth {
$query = $this->aauth_db->get($this->config_vars['users']); $query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row(); $row = $query->row();
if($query->num_rows() > 0 && $this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $row->login_attempts >= $this->config_vars['recaptcha_login_attempts']){ if($query->num_rows() > 0 && $this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $row->login_attempts >= $this->config_vars['recaptcha_login_attempts']){
$reCAPTCHA_cookie = array( if($this->config_vars['use_cookies'] == TRUE){
'name' => 'reCAPTCHA', $reCAPTCHA_cookie = array(
'value' => 'true', 'name' => 'reCAPTCHA',
'expire' => time()+7200, 'value' => 'true',
'path' => '/', 'expire' => time()+7200,
); 'path' => '/',
$this->CI->input->set_cookie($reCAPTCHA_cookie); );
$this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->set_tempdata('reCAPTCHA', 'true', 7200);
}
} }
// if user is not verified // if user is not verified
@ -226,7 +231,7 @@ class Aauth {
$query = $this->aauth_db->get($this->config_vars['users']); $query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row(); $row = $query->row();
if($this->CI->input->cookie('reCAPTCHA', TRUE) == 'true'){ if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
$reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']); $reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']);
$resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") ); $resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") );
@ -304,24 +309,32 @@ class Aauth {
$random_string = random_string('alnum', 16); $random_string = random_string('alnum', 16);
$this->update_remember($row->id, $random_string, $remember_date ); $this->update_remember($row->id, $random_string, $remember_date );
$cookie = array( if($this->config_vars['use_cookies'] == TRUE){
'name' => 'user', $cookie = array(
'value' => $row->id . "-" . $random_string, 'name' => 'user',
'expire' => time() + 99*999*999, 'value' => $row->id . "-" . $random_string,
'path' => '/', 'expire' => time() + 99*999*999,
); 'path' => '/',
);
$this->CI->input->set_cookie($cookie);
$this->CI->input->set_cookie($cookie);
}else{
$this->CI->session->set_userdata('remember', $row->id . "-" . $random_string);
}
} }
if($this->config_vars['recaptcha_active']){ if($this->config_vars['recaptcha_active']){
$reCAPTCHA_cookie = array( if($this->config_vars['use_cookies'] == TRUE){
'name' => 'reCAPTCHA', $reCAPTCHA_cookie = array(
'value' => 'false', 'name' => 'reCAPTCHA',
'expire' => time()-3600, 'value' => 'false',
'path' => '/', 'expire' => time()-3600,
); 'path' => '/',
$this->CI->input->set_cookie($reCAPTCHA_cookie); );
$this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->unset_tempdata('reCAPTCHA');
}
} }
// update last login // update last login
@ -352,37 +365,67 @@ class Aauth {
// cookie control // cookie control
else { else {
if( ! $this->CI->input->cookie('user', TRUE) ){ if($this->config_vars['use_cookies'] == TRUE){
return FALSE; if( ! $this->CI->input->cookie('user', TRUE) ){
} else { return FALSE;
$cookie = explode('-', $this->CI->input->cookie('user', TRUE)); } else {
if(!is_numeric( $cookie[0] ) OR strlen($cookie[1]) < 13 ){return FALSE;} $cookie = explode('-', $this->CI->input->cookie('user', TRUE));
else{ if(!is_numeric( $cookie[0] ) OR strlen($cookie[1]) < 13 ){return FALSE;}
$query = $this->aauth_db->where('id', $cookie[0]); else{
$query = $this->aauth_db->where('remember_exp', $cookie[1]); $query = $this->aauth_db->where('id', $cookie[0]);
$query = $this->aauth_db->get($this->config_vars['users']); $query = $this->aauth_db->where('remember_exp', $cookie[1]);
$query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row();
$row = $query->row();
if ($query->num_rows() < 1) {
$this->update_remember($cookie[0]); if ($query->num_rows() < 1) {
return FALSE; $this->update_remember($cookie[0]);
}else{ return FALSE;
}else{
if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($cookie[0]); if(strtotime($row->remember_time) > strtotime("now") ){
return TRUE; $this->login_fast($cookie[0]);
return TRUE;
}
// if time is expired
else {
return FALSE;
}
} }
// if time is expired }
else { }
}else{
if(!$this->CI->session->has_userdata('remember')){
return FALSE;
}else{
$session = explode('-', $this->CI->session->userdata('remember'));
if(!is_numeric( $session[0] ) OR strlen($session[1]) < 13 ){return FALSE;}
else{
$query = $this->aauth_db->where('id', $session[0]);
$query = $this->aauth_db->where('remember_exp', $session[1]);
$query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row();
if ($query->num_rows() < 1) {
$this->update_remember($session[0]);
return FALSE; return FALSE;
}else{
if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($session[0]);
return TRUE;
}
// if time is expired
else {
return FALSE;
}
} }
} }
} }
} }
} }
return FALSE; return FALSE;
} }
@ -422,14 +465,15 @@ class Aauth {
*/ */
public function logout() { public function logout() {
$cookie = array( if($this->config_vars['use_cookies'] == TRUE){
'name' => 'user', $cookie = array(
'value' => '', 'name' => 'user',
'expire' => time()-3600, 'value' => '',
'path' => '/', 'expire' => time()-3600,
); 'path' => '/',
);
$this->CI->input->set_cookie($cookie); $this->CI->input->set_cookie($cookie);
}
return $this->CI->session->sess_destroy(); return $this->CI->session->sess_destroy();
} }
@ -2154,10 +2198,12 @@ class Aauth {
public function generate_recaptcha_field(){ public function generate_recaptcha_field(){
$content = ''; $content = '';
if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true'){ if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active']){
$content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>"; if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
$siteKey = $this->config_vars['recaptcha_siteKey']; $content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>";
$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>"; $siteKey = $this->config_vars['recaptcha_siteKey'];
$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>";
}
} }
return $content; return $content;
} }

Write Preview
Loading…
Cancel
Save