mirror_html/filegator
1
0
Fork 0
mirror of https://github.com/filegator/filegator.git synced 2025-08-05 05:17:33 +02:00
Code Issues Projects Releases Wiki Activity

invalidate sessions when the password is changed - json auth adapter

Browse Source
This commit is contained in:
Milos Stojanovic
2021-07-05 14:49:12 +02:00
parent f237bd4aa8
commit 0de9e6c895
3 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
backend/Services/Auth/Adapters/JsonFile.php
View File

@@ -22,6 +22,7 @@ class JsonFile implements Service, AuthInterface
use PasswordHash; use PasswordHash;
const SESSION_KEY = 'json_auth'; const SESSION_KEY = 'json_auth';
const SESSION_HASH = 'json_auth_hash';
const GUEST_USERNAME = 'guest'; const GUEST_USERNAME = 'guest';
@@ -45,7 +46,20 @@ class JsonFile implements Service, AuthInterface
public function user(): ?User public function user(): ?User
{ {
return $this->session ? $this->session->get(self::SESSION_KEY, null) : null; if (! $this->session) return null;
$user = $this->session->get(self::SESSION_KEY, null);
$hash = $this->session->get(self::SESSION_HASH, null);
if ($user) {
foreach ($this->getUsers() as $u) {
if ($u['username'] == $user->getUsername() && $hash == $u['password']) {
return $user;
}
}
}
return null;
} }
public function authenticate($username, $password): bool public function authenticate($username, $password): bool
@@ -56,6 +70,7 @@ class JsonFile implements Service, AuthInterface
if ($u['username'] == $username && $this->verifyPassword($password, $u['password'])) { if ($u['username'] == $username && $this->verifyPassword($password, $u['password'])) {
$user = $this->mapToUserObject($u); $user = $this->mapToUserObject($u);
$this->store($user); $this->store($user);
$this->session->set(self::SESSION_HASH, $u['password']);
return true; return true;
} }

1
frontend/views/partials/Profile.vue
View File

@@ -52,6 +52,7 @@ export default {
type: 'is-success', type: 'is-success',
}) })
this.$parent.close() this.$parent.close()
this.$router.go()
}) })
.catch(errors => { .catch(errors => {
if (typeof errors.response.data.data != 'object') { if (typeof errors.response.data.data != 'object') {

7
tests/backend/MockUsers.php
View File

@@ -34,6 +34,12 @@ class MockUsers extends JsonFile implements Service, AuthInterface
return $this->users_array = $users; return $this->users_array = $users;
} }
public function user(): ?User
{
return $this->session ? $this->session->get(self::SESSION_KEY, null) : null;
}
private function addMockUsers() private function addMockUsers()
{ {
$guest = new User(); $guest = new User();
@@ -69,4 +75,5 @@ class MockUsers extends JsonFile implements Service, AuthInterface
$this->add($john, 'john123'); $this->add($john, 'john123');
$this->add($jane, 'jane123'); $this->add($jane, 'jane123');
} }
} }