Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

added configuration to not use cookies if sessions are enabled.

develop
Raphael Jackstadt 10 years ago
parent
9afda70a7d
commit
3413b3bf0a
2 changed files with 114 additions and 67 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      application/config/aauth.php
  2. 56
      application/libraries/Aauth.php

1
application/config/aauth.php
Unescape View File

@ -68,6 +68,7 @@ $config['aauth']['max_login_attempt'] = 10;
$config['aauth']['verification'] = false; $config['aauth']['verification'] = false;
$config['aauth']['login_with_name'] = false; $config['aauth']['login_with_name'] = false;
$config['aauth']['use_cookies'] = false;
// system email. // system email.
$config['aauth']['email'] = 'admin@admin.com'; $config['aauth']['email'] = 'admin@admin.com';

56
application/libraries/Aauth.php
Unescape View File

@ -22,7 +22,6 @@
* https://github.com/emreakay/CodeIgniter-Aauth * https://github.com/emreakay/CodeIgniter-Aauth
* *
* @todo separate (on some level) the unvalidated users from the "banned" users * @todo separate (on some level) the unvalidated users from the "banned" users
* @todo add configuration to not use cookies if sessions are enabled.
*/ */
class Aauth { class Aauth {
@ -132,6 +131,7 @@ class Aauth {
*/ */
public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) { public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) {
if($this->config_vars['use_cookies'] == TRUE){
// Remove cookies first // Remove cookies first
$cookie = array( $cookie = array(
'name' => 'user', 'name' => 'user',
@ -139,8 +139,9 @@ class Aauth {
'expire' => time()-3600, 'expire' => time()-3600,
'path' => '/', 'path' => '/',
); );
$this->CI->input->set_cookie($cookie); $this->CI->input->set_cookie($cookie);
}
if( $this->config_vars['login_with_name'] == TRUE){ if( $this->config_vars['login_with_name'] == TRUE){
if( !$identifier OR strlen($pass) < 5 OR strlen($pass) > $this->config_vars['max'] ) if( !$identifier OR strlen($pass) < 5 OR strlen($pass) > $this->config_vars['max'] )
@ -184,6 +185,7 @@ class Aauth {
$query = $this->aauth_db->get($this->config_vars['users']); $query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row(); $row = $query->row();
if($query->num_rows() > 0 && $this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $row->login_attempts >= $this->config_vars['recaptcha_login_attempts']){ if($query->num_rows() > 0 && $this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $row->login_attempts >= $this->config_vars['recaptcha_login_attempts']){
if($this->config_vars['use_cookies'] == TRUE){
$reCAPTCHA_cookie = array( $reCAPTCHA_cookie = array(
'name' => 'reCAPTCHA', 'name' => 'reCAPTCHA',
'value' => 'true', 'value' => 'true',
@ -191,6 +193,9 @@ class Aauth {
'path' => '/', 'path' => '/',
); );
$this->CI->input->set_cookie($reCAPTCHA_cookie); $this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->set_tempdata('reCAPTCHA', 'true', 7200);
}
} }
// if user is not verified // if user is not verified
@ -226,7 +231,7 @@ class Aauth {
$query = $this->aauth_db->get($this->config_vars['users']); $query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row(); $row = $query->row();
if($this->CI->input->cookie('reCAPTCHA', TRUE) == 'true'){ if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
$reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']); $reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']);
$resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") ); $resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") );
@ -304,6 +309,7 @@ class Aauth {
$random_string = random_string('alnum', 16); $random_string = random_string('alnum', 16);
$this->update_remember($row->id, $random_string, $remember_date ); $this->update_remember($row->id, $random_string, $remember_date );
if($this->config_vars['use_cookies'] == TRUE){
$cookie = array( $cookie = array(
'name' => 'user', 'name' => 'user',
'value' => $row->id . "-" . $random_string, 'value' => $row->id . "-" . $random_string,
@ -312,9 +318,13 @@ class Aauth {
); );
$this->CI->input->set_cookie($cookie); $this->CI->input->set_cookie($cookie);
}else{
$this->CI->session->set_userdata('remember', $row->id . "-" . $random_string);
}
} }
if($this->config_vars['recaptcha_active']){ if($this->config_vars['recaptcha_active']){
if($this->config_vars['use_cookies'] == TRUE){
$reCAPTCHA_cookie = array( $reCAPTCHA_cookie = array(
'name' => 'reCAPTCHA', 'name' => 'reCAPTCHA',
'value' => 'false', 'value' => 'false',
@ -322,6 +332,9 @@ class Aauth {
'path' => '/', 'path' => '/',
); );
$this->CI->input->set_cookie($reCAPTCHA_cookie); $this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->unset_tempdata('reCAPTCHA');
}
} }
// update last login // update last login
@ -352,6 +365,7 @@ class Aauth {
// cookie control // cookie control
else { else {
if($this->config_vars['use_cookies'] == TRUE){
if( ! $this->CI->input->cookie('user', TRUE) ){ if( ! $this->CI->input->cookie('user', TRUE) ){
return FALSE; return FALSE;
} else { } else {
@ -379,10 +393,39 @@ class Aauth {
} }
} }
} }
}
}else{
if(!$this->CI->session->has_userdata('remember')){
return FALSE;
}else{
$session = explode('-', $this->CI->session->userdata('remember'));
if(!is_numeric( $session[0] ) OR strlen($session[1]) < 13 ){return FALSE;}
else{
$query = $this->aauth_db->where('id', $session[0]);
$query = $this->aauth_db->where('remember_exp', $session[1]);
$query = $this->aauth_db->get($this->config_vars['users']);
$row = $query->row();
if ($query->num_rows() < 1) {
$this->update_remember($session[0]);
return FALSE;
}else{
if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($session[0]);
return TRUE;
}
// if time is expired
else {
return FALSE;
}
}
} }
} }
}
}
return FALSE; return FALSE;
} }
@ -422,14 +465,15 @@ class Aauth {
*/ */
public function logout() { public function logout() {
if($this->config_vars['use_cookies'] == TRUE){
$cookie = array( $cookie = array(
'name' => 'user', 'name' => 'user',
'value' => '', 'value' => '',
'expire' => time()-3600, 'expire' => time()-3600,
'path' => '/', 'path' => '/',
); );
$this->CI->input->set_cookie($cookie); $this->CI->input->set_cookie($cookie);
}
return $this->CI->session->sess_destroy(); return $this->CI->session->sess_destroy();
} }
@ -2154,11 +2198,13 @@ class Aauth {
public function generate_recaptcha_field(){ public function generate_recaptcha_field(){
$content = ''; $content = '';
if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true'){ if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active']){
if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
$content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>"; $content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>";
$siteKey = $this->config_vars['recaptcha_siteKey']; $siteKey = $this->config_vars['recaptcha_siteKey'];
$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>"; $content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>";
} }
}
return $content; return $content;
} }

Write Preview
Loading…
Cancel
Save