the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2025-09-10 23:24:15 +08:00
Code Issues Projects Releases Packages Wiki Activity

Prevent nextcloud impersonate plugin to login #561

Browse source
This commit is contained in:
the-djmaze 2022-10-31 14:56:42 +01:00
parent 6e4be76664
commit 1dbf2e909f
3 changed files with 14 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
integrations/nextcloud/snappymail/lib/AppInfo/Application.php
View file

@ -79,7 +79,9 @@ class Application extends App implements IBootstrap
]; ];
}); });
*/ */
$userSession = \OC::$server->getUserSession(); $userSession = \OC::$server->getUserSession();
// $userSession->listen('\OC\User', 'postRememberedLogin', function($loginName, $password) {
$userSession->listen('\OC\User', 'postLogin', function($user, $loginName, $password, $isTokenLogin) { $userSession->listen('\OC\User', 'postLogin', function($user, $loginName, $password, $isTokenLogin) {
$config = \OC::$server->getConfig(); $config = \OC::$server->getConfig();
$sEmail = ''; $sEmail = '';
@ -91,6 +93,7 @@ class Application extends App implements IBootstrap
$sEmail = $config->getUserValue($user->getUID(), 'settings', 'email', ''); $sEmail = $config->getUserValue($user->getUID(), 'settings', 'email', '');
} }
if ($sEmail) { if ($sEmail) {
\OC::$server->getSession()['snappymail-email'] = $sEmail;
\OC::$server->getSession()['snappymail-password'] = SnappyMailHelper::encodePassword($password, \md5($sEmail)); \OC::$server->getSession()['snappymail-password'] = SnappyMailHelper::encodePassword($password, \md5($sEmail));
} }
}); });

12
integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
View file

@ -106,9 +106,13 @@ class SnappyMailHelper
\RainLoop\Utils::SetCookie('smadmin', $sToken); \RainLoop\Utils::SetCookie('smadmin', $sToken);
} }
} }
} else if (!$oActions->getMainAccountFromToken(false)) { } else {
$aCredentials = SnappyMailHelper::getLoginCredentials(); $aCredentials = SnappyMailHelper::getLoginCredentials();
if ($aCredentials[0] && $aCredentials[1]) { if ($oActions->getMainAccountFromToken(false)) {
if (!$aCredentials[0] || !$aCredentials[1]) {
$oActions->Logout(true);
}
} else if ($aCredentials[0] && $aCredentials[1]) {
$oActions->Logger()->AddSecret($aCredentials[1]); $oActions->Logger()->AddSecret($aCredentials[1]);
$oAccount = $oActions->LoginProcess($aCredentials[0], $aCredentials[1], false); $oAccount = $oActions->LoginProcess($aCredentials[0], $aCredentials[1], false);
if ($oAccount) { if ($oAccount) {
@ -143,6 +147,10 @@ class SnappyMailHelper
$sEmail = $config->getUserValue($sUID, 'settings', 'email', ''); $sEmail = $config->getUserValue($sUID, 'settings', 'email', '');
$sPassword = \OC::$server->getSession()['snappymail-password']; $sPassword = \OC::$server->getSession()['snappymail-password'];
} }
if (\OC::$server->getSession()['snappymail-email'] != $sEmail) {
$sPassword = '';
}
// If the user has set credentials for SnappyMail in their personal // If the user has set credentials for SnappyMail in their personal
// settings, override everything before and use those instead. // settings, override everything before and use those instead.
$sCustomEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email', ''); $sCustomEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email', '');

2
snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php
View file

@ -429,7 +429,7 @@ trait UserAuth
Utils::SetCookie(self::AUTH_SPEC_LOGOUT_CUSTOM_MSG_KEY, $sMessage); Utils::SetCookie(self::AUTH_SPEC_LOGOUT_CUSTOM_MSG_KEY, $sMessage);
} }
protected function Logout(bool $bMain) : void public function Logout(bool $bMain) : void
{ {
Utils::ClearCookie(self::AUTH_ADDITIONAL_TOKEN_KEY); Utils::ClearCookie(self::AUTH_ADDITIONAL_TOKEN_KEY);
$bMain && Utils::ClearCookie(self::AUTH_SPEC_TOKEN_KEY); $bMain && Utils::ClearCookie(self::AUTH_SPEC_TOKEN_KEY);