mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-11-10 17:13:38 +08:00
Logout on account session errors
This commit is contained in:
djmaze
parent
f30d0263ac
commit
67e2a971ea
2 changed files with 23 additions and 32 deletions
|
|
@ -237,24 +237,25 @@ trait UserAuth
|
|||
* Server side control/kickout of logged in sessions
|
||||
* https://github.com/the-djmaze/snappymail/issues/151
|
||||
*/
|
||||
if (isset($_COOKIE[Utils::SESSION_TOKEN])) {
|
||||
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
|
||||
$this,
|
||||
$aData,
|
||||
$bThrowExceptionOnFalse
|
||||
);
|
||||
$sToken = Utils::GetSessionToken();
|
||||
if ($oMainAuthAccount && $this->StorageProvider()->Get($oMainAuthAccount, StorageType::SESSION, $sToken)) {
|
||||
$this->oMainAuthAccount = $oMainAuthAccount;
|
||||
} else {
|
||||
$oMainAuthAccount && $this->StorageProvider()->Clear($oMainAuthAccount, StorageType::SESSION, $sToken);
|
||||
Utils::ClearCookie(Utils::SESSION_TOKEN);
|
||||
$this->SetSpecLogoutCustomMgsWithDeletion('Session gone');
|
||||
$this->Logout(true);
|
||||
}
|
||||
} else {
|
||||
$this->SetSpecLogoutCustomMgsWithDeletion('Session undefined');
|
||||
if (!isset($_COOKIE[Utils::SESSION_TOKEN])) {
|
||||
// \MailSo\Base\Http::StatusHeader(401);
|
||||
$this->Logout(true);
|
||||
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined', true);
|
||||
}
|
||||
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
|
||||
$this,
|
||||
$aData,
|
||||
$bThrowExceptionOnFalse
|
||||
);
|
||||
$sToken = Utils::GetSessionToken();
|
||||
if ($oMainAuthAccount && $this->StorageProvider()->Get($oMainAuthAccount, StorageType::SESSION, $sToken)) {
|
||||
$this->oMainAuthAccount = $oMainAuthAccount;
|
||||
} else {
|
||||
$oMainAuthAccount && $this->StorageProvider()->Clear($oMainAuthAccount, StorageType::SESSION, $sToken);
|
||||
Utils::ClearCookie(Utils::SESSION_TOKEN);
|
||||
// \MailSo\Base\Http::StatusHeader(401);
|
||||
$this->Logout(true);
|
||||
throw new ClientException(Notifications::AuthError, null, 'Session gone', true);
|
||||
}
|
||||
} else {
|
||||
$oAccount = $this->GetAccountFromSignMeToken();
|
||||
|
|
@ -263,13 +264,11 @@ trait UserAuth
|
|||
}
|
||||
}
|
||||
|
||||
if ($bThrowExceptionOnFalse && !$this->oMainAuthAccount) {
|
||||
throw new ClientException(Notifications::AuthError);
|
||||
}
|
||||
|
||||
if ($this->oMainAuthAccount) {
|
||||
// Extend session cookie lifetime
|
||||
$this->StorageProvider()->Put($this->oMainAuthAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true');
|
||||
} else if ($bThrowExceptionOnFalse) {
|
||||
throw new ClientException(Notifications::AuthError);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -406,10 +406,6 @@ class ServiceActions
|
|||
{
|
||||
$sRawError = 'False result';
|
||||
}
|
||||
else
|
||||
{
|
||||
$sRawError = '';
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -423,13 +419,9 @@ class ServiceActions
|
|||
}
|
||||
catch (Exceptions\ClientException $oException)
|
||||
{
|
||||
$sRawError = 'Exception as result';
|
||||
switch ($oException->getCode())
|
||||
{
|
||||
case Notifications::AuthError:
|
||||
$sRawError = 'Authentication failed';
|
||||
break;
|
||||
}
|
||||
$sRawError = Notifications::AuthError == $oException->getCode()
|
||||
? 'Authentication failed'
|
||||
: 'Exception as result';
|
||||
}
|
||||
catch (\Throwable $oException)
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue