Domů Procházet Nápověda
Přihlásit se
LBP
/
FressRSS
zrcadlo https://github.com/FreshRSS/FreshRSS.git
4
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Procházet zdrojové kódy

Multi-utilisateur fonctionnel avec Mozilla Persona

Il faut ré-enregistrer l'adresse courriel une fois dans l'interface de
FreshRSS pour créer le fichier nécessaire.
+ Comparaison sans tenir compte de la casse pour les noms d'utilisateur.
Contribue à https://github.com/marienfressinaud/FreshRSS/issues/126
ll faudra tester la sécurité
Alexandre Alapetite před 12 roky
rodič
1ac09e7fe4
revize
5c9a32329a
9 změnil soubory, kde provedl 128 přidání a 18 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 29 3
      app/Controllers/indexController.php
  2. 26 11
      app/Controllers/usersController.php
  3. 14 4
      app/FreshRSS.php
  4. 13 0
      data/cache/index.html
  5. 13 0
      data/favicons/index.html
  6. 13 0
      data/log/index.html
  7. 1 0
      data/persona/.gitignore
  8. 13 0
      data/persona/index.html
  9. 6 0
      p/i/install.php

+ 29 - 3
app/Controllers/indexController.php
Zobrazit soubor 

@@ -249,14 +249,40 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 
 		curl_close ($ch);
 
 
 		$res = json_decode ($result, true);
 
-		if ($res['status'] === 'okay' && $res['email'] === $this->view->conf->mail_login) {
 
-			Minz_Session::_param ('mail', $res['email']);
 
+
 
+		$loginOk = false;
 
+		$reason = '';
 
+		if ($res['status'] === 'okay') {
 
+			$email = filter_var($res['email'], FILTER_VALIDATE_EMAIL);
 
+			if ($email != '') {
 
+				$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
 
+				if (($currentUser = @file_get_contents($personaFile)) !== false) {
 
+					$currentUser = trim($currentUser);
 
+					if (ctype_alnum($currentUser)) {
 
+						try {
 
+							$this->conf = new FreshRSS_Configuration($currentUser);
 
+							$loginOk = strcasecmp($email, $this->conf->mail_login) === 0;
 
+						} catch (Minz_Exception $e) {
 
+							$reason = 'Invalid configuration for user [' . $currentUser . ']! ' . $e->getMessage();	//Permission denied or conf file does not exist
 
+						}
 
+					} else {
 
+						$reason = 'Invalid username format [' . $currentUser . ']!';
 
+					}
 
+				}
 
+			} else {
 
+				$reason = 'Invalid email format [' . $res['email'] . ']!';
 
+			}
 
+		}
 
+		if ($loginOk) {
 
+			Minz_Session::_param('currentUser', $currentUser);
 
+			Minz_Session::_param ('mail', $email);
 
 			$this->view->loginOk = true;
 
 			invalidateHttpCache();
 
 		} else {
 
 			$res = array ();
 
 			$res['status'] = 'failure';
 
-			$res['reason'] = Minz_Translate::t ('invalid_login');
 
+			$res['reason'] = $reason == '' ? Minz_Translate::t ('invalid_login') : $reason;
 
+			Minz_Log::record ('Persona: ' . $res['reason'], Minz_Log::WARNING);
 
 		}
 
 
 		header('Content-Type: application/json; charset=UTF-8');

+ 26 - 11
app/Controllers/usersController.php
Zobrazit soubor 

@@ -17,7 +17,14 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 
 			$this->view->conf->_mail_login($mail);
 
 			$ok &= $this->view->conf->save();
 
 
-			Minz_Session::_param('mail', $this->view->conf->mail_login);
 
+			$email = $this->view->conf->mail_login;
 
+			Minz_Session::_param('mail', $email);
 
+
 
+			if ($email != '') {
 
+				$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
 
+				@unlink($personaFile);
 
+				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
 
+			}
 
 
 			//TODO: use $ok
 
 			$notif = array(
 
@@ -38,8 +45,6 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 
 			$this->view->conf->_token($token);
 
 			$ok &= $this->view->conf->save();
 
 
-			Minz_Session::_param('mail', $this->view->conf->mail_login);
 
-
 
 			$anon = Minz_Request::param('anon_access', false);
 
 			$anon = ((bool)$anon) && ($anon !== 'no');
 
 			$auth_type = Minz_Request::param('auth_type', 'none');
 
@@ -69,18 +74,27 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 
 			}
 
 
 			$new_user_name = Minz_Request::param('new_user_name');
 
-			$ok = ctype_alnum($new_user_name);
 
-
 
-			$new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL);
 
-			if (empty($new_user_email)) {
 
-				$new_user_email = '';
 
-				$ok &= Minz_Configuration::authType() !== 'persona';
 
-			}
 
+			$ok = ($new_user_name != '') && ctype_alnum($new_user_name);
 
 
 			if ($ok) {
 
+				$ok &= (strcasecmp($new_user_name, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to alter the default user
 
+
 
+				$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers()));	//Not an existing user, case-insensitive
 
+
 
 				$configPath = DATA_PATH . '/' . $new_user_name . '_user.php';
 
 				$ok &= !file_exists($configPath);
 
 			}
 
+			if ($ok) {
 
+				$new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL);
 
+				if (empty($new_user_email)) {
 
+					$new_user_email = '';
 
+					$ok &= Minz_Configuration::authType() !== 'persona';
 
+				} else {
 
+					$personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt';
 
+					@unlink($personaFile);
 
+					$ok &= (file_put_contents($personaFile, $new_user_name) !== false);
 
+				}
 
+			}
 
 			if ($ok) {
 
 				$config_array = array(
 
 					'language' => $new_user_language,
 
@@ -110,7 +124,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 
 			$ok = ctype_alnum($username);
 
 
 			if ($ok) {
 
-				$ok &= ($username !== Minz_Configuration::defaultUser());	//It is forbidden to delete the default user
 
+				$ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to delete the default user
 
 			}
 
 			if ($ok) {
 
 				$configPath = DATA_PATH . '/' . $username . '_user.php';
 
@@ -120,6 +134,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 
 				$userDAO = new FreshRSS_UserDAO();
 
 				$ok &= $userDAO->deleteUser($username);
 
 				$ok &= unlink($configPath);
 
+				//TODO: delete Persona file
 
 			}
 
 			$notif = array(
 
 				'type' => $ok ? 'good' : 'bad',

+ 14 - 4
app/FreshRSS.php
Zobrazit soubor 

@@ -18,8 +18,18 @@ class FreshRSS extends Minz_FrontController {
 
 					$loginOk = $currentUser != '';
 
 					break;
 
 				case 'persona':
 
-					$currentUser = Minz_Configuration::defaultUser();	//TODO: Make Persona compatible with multi-user
 
-					$loginOk = Minz_Session::param('mail') != '';
 
+					$loginOk = false;
 
+					$email = filter_var(Minz_Session::param('mail'), FILTER_VALIDATE_EMAIL);
 
+					if ($email != '') {	//TODO: Remove redundancy with indexController
 
+						$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
 
+						if (($currentUser = @file_get_contents($personaFile)) !== false) {
 
+							$currentUser = trim($currentUser);
 
+							$loginOk = true;
 
+						}
 
+					}
 
+					if (!$loginOk) {
 
+						$currentUser = Minz_Configuration::defaultUser();
 
+					}
 
 					break;
 
 				case 'none':
 
 					$currentUser = Minz_Configuration::defaultUser();
 
@@ -51,10 +61,10 @@ class FreshRSS extends Minz_FrontController {
 
 		if ($loginOk) {
 
 			switch (Minz_Configuration::authType()) {
 
 				case 'http_auth':
 
-					$loginOk = $currentUser === httpAuthUser();
 
+					$loginOk = strcasecmp($currentUser, httpAuthUser()) === 0;
 
 					break;
 
 				case 'persona':
 
-					$loginOk = Minz_Session::param('mail') === $this->conf->mail_login;
 
+					$loginOk = strcasecmp(Minz_Session::param('mail'), $this->conf->mail_login) === 0;
 
 					break;
 
 				case 'none':
 
 					$loginOk = true;

+ 13 - 0
data/cache/index.html
Zobrazit soubor 

@@ -0,0 +1,13 @@
 
+<!DOCTYPE html>
 
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
 
+<head>
 
+<meta charset="UTF-8" />
 
+<meta http-equiv="Refresh" content="0; url=/" />
 
+<title>Redirection</title>
 
+<meta name="robots" content="noindex" />
 
+</head>
 
+
 
+<body>
 
+<p><a href="/">Redirection</a></p>
 
+</body>
 
+</html>

+ 13 - 0
data/favicons/index.html
Zobrazit soubor 

@@ -0,0 +1,13 @@
 
+<!DOCTYPE html>
 
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
 
+<head>
 
+<meta charset="UTF-8" />
 
+<meta http-equiv="Refresh" content="0; url=/" />
 
+<title>Redirection</title>
 
+<meta name="robots" content="noindex" />
 
+</head>
 
+
 
+<body>
 
+<p><a href="/">Redirection</a></p>
 
+</body>
 
+</html>

+ 13 - 0
data/log/index.html
Zobrazit soubor 

@@ -0,0 +1,13 @@
 
+<!DOCTYPE html>
 
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
 
+<head>
 
+<meta charset="UTF-8" />
 
+<meta http-equiv="Refresh" content="0; url=/" />
 
+<title>Redirection</title>
 
+<meta name="robots" content="noindex" />
 
+</head>
 
+
 
+<body>
 
+<p><a href="/">Redirection</a></p>
 
+</body>
 
+</html>

+ 1 - 0
data/persona/.gitignore
Zobrazit soubor 

@@ -0,0 +1 @@
 
+*.txt

+ 13 - 0
data/persona/index.html
Zobrazit soubor 

@@ -0,0 +1,13 @@
 
+<!DOCTYPE html>
 
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
 
+<head>
 
+<meta charset="UTF-8" />
 
+<meta http-equiv="Refresh" content="0; url=/" />
 
+<title>Redirection</title>
 
+<meta name="robots" content="noindex" />
 
+</head>
 
+
 
+<body>
 
+<p><a href="/">Redirection</a></p>
 
+</body>
 
+</html>

+ 6 - 0
p/i/install.php
Zobrazit soubor 

@@ -178,6 +178,12 @@ function saveStep2 () {
 
 		@unlink($configPath);	//To avoid access-rights problems
 
 		file_put_contents($configPath, "<?php\n return " . var_export($config_array, true) . ';');
 
 
+		if ($_SESSION['mail_login'] != '') {
 
+			$personaFile = DATA_PATH . '/persona/' . $_SESSION['mail_login'] . '.txt';
 
+			@unlink($personaFile);
 
+			file_put_contents($personaFile, $_SESSION['default_user']);
 
+		}
 
+
 
 		header ('Location: index.php?step=3');
 
 	}
 
 }