Cleanup more rlspecauth/AuthAccountHash related code

This commit is contained in:
djmaze 2021-04-28 21:33:03 +02:00
parent 146b2c1001
commit a36a8113bb
7 changed files with 59 additions and 93 deletions

View file

@ -28,7 +28,6 @@ export class AbstractApp {
logoutReload(close = false) {
const url = logoutLink();
rl.hash.clear();
close && window.close && window.close();
if (location.href !== url) {

View file

@ -38,7 +38,7 @@ export function logoutLink() {
*/
export function serverRequestRaw(type, hash, customSpecSuffix) {
return SERVER_PREFIX + '/Raw/' + SUB_QUERY_PREFIX + '/'
+ (null == customSpecSuffix ? rl.hash.get() : customSpecSuffix) + '/'
+ (null == customSpecSuffix ? '0' : customSpecSuffix) + '/'
+ (type
? type + '/' + (hash ? SUB_QUERY_PREFIX + '/' + hash : '')
: '')
@ -59,7 +59,7 @@ export function attachmentDownload(download, customSpecSuffix) {
* @returns {string}
*/
export function serverRequest(type) {
return SERVER_PREFIX + '/' + type + '/' + SUB_QUERY_PREFIX + '/' + rl.hash.get() + '/';
return SERVER_PREFIX + '/' + type + '/' + SUB_QUERY_PREFIX + '/0/';
}
/**

View file

@ -24,9 +24,8 @@ checkResponseError = data => {
) {
++iJsonErrorCount;
}
if (data.ClearAuth || data.Logout || 7 < iJsonErrorCount) {
rl.hash.clear();
data.ClearAuth || rl.logoutReload();
if (data.Logout || 7 < iJsonErrorCount) {
rl.logoutReload();
}
}
},

View file

@ -85,14 +85,9 @@ doc.documentElement.classList.toggle('rl-mobile', 'mobile' === layout || (!layou
let pStep = 0,
progress = eId('progressjs'),
rlspecauth = '',
RL_APP_DATA = {};
win.rl = {
hash: {
get: () => rlspecauth || '0',
clear: () => rlspecauth = ''
},
data: () => RL_APP_DATA,
adminArea: () => admin,
settings: {
@ -114,7 +109,6 @@ win.rl = {
initData: appData => {
RL_APP_DATA = appData;
rlspecauth = appData['AuthAccountHash'];
if (appData) {
loadScript(appData.StaticLibJsLink)
@ -137,7 +131,7 @@ Storage('local');
eId('app-css').href = eId('app-css').dataset.href;
loadScript(`./?/${admin ? 'Admin' : ''}AppData/${rl.hash.get()}/${Math.random().toString().substr(2)}/`)
loadScript(`./?/${admin ? 'Admin' : ''}AppData/0/${Math.random().toString().substr(2)}/`)
.then(() => {});
})(this);

View file

@ -296,7 +296,7 @@ class Actions
}
}
public function ParseQueryAuthString(): string
public function ParseQueryString(): string
{
$sQuery = \trim($this->Http()->GetQueryString());
@ -318,16 +318,33 @@ class Actions
}
}
if ('' === $this->GetSpecAuthToken()) {
$aPaths = \explode('/', $sQuery);
if (!empty($aPaths[0]) && !empty($aPaths[1]) && '_' === substr($aPaths[1], 0, 1)) {
$this->SetSpecAuthToken($aPaths[1]);
}
}
return $sQuery;
}
// rlspecauth / AuthAccountHash
public function getAuthAccountHash() : string
{
if ('' === $this->sSpecAuthToken && !\strlen($this->GetSpecAuthLogoutTokenWithDeletion())) {
$sAuthAccountHash = $this->GetSpecAuthTokenCookie() ?: $this->GetSpecAuthToken();
if (empty($sAuthAccountHash)) {
$oAccount = $this->GetAccountFromSignMeToken();
if ($oAccount) try
{
$this->CheckMailConnection($oAccount);
$this->AuthToken($oAccount);
$sAuthAccountHash = $this->GetSpecAuthToken();
}
catch (\Throwable $oException)
{
$oException = null;
$this->ClearSignMeData($oAccount);
}
}
$this->SetSpecAuthToken($sAuthAccountHash);
}
return $this->GetSpecAuthToken();
}
private function compileLogParams(string $sLine, ?Model\Account $oAccount = null, bool $bUrlEncode = false, array $aAdditionalParams = array()): string
{
$aClear = array();
@ -343,7 +360,7 @@ class Actions
if (false !== \strpos($sLine, '{imap:') || false !== \strpos($sLine, '{smtp:')) {
if (!$oAccount) {
$this->ParseQueryAuthString();
$this->getAuthAccountHash();
$oAccount = $this->getAccountFromToken(false);
}
@ -397,7 +414,7 @@ class Actions
if (\preg_match('/\{user:(email|login|domain)\}/i', $sLine)) {
if (!$oAccount) {
$this->ParseQueryAuthString();
$this->getAuthAccountHash();
$oAccount = $this->getAccountFromToken(false);
}
@ -991,14 +1008,14 @@ class Actions
) : array());
}
public function AppData(bool $bAdmin, string $sAuthAccountHash): array
public function AppData(bool $bAdmin): array
{
$oAccount = null;
$oConfig = $this->Config();
/*
required by Index.html and rl.js:
PluginsLink AuthAccountHash
PluginsLink
*/
$value = \ini_get('upload_max_filesize');
@ -1013,7 +1030,6 @@ class Actions
'Auth' => false,
'AccountHash' => '',
'AccountSignMe' => false,
'AuthAccountHash' => '',
'MailToEmail' => '',
'Email' => '',
'DevEmail' => '',
@ -1060,10 +1076,6 @@ class Actions
'UserBackgroundHash' => ''
);
if (\strlen($sAuthAccountHash) && !\preg_match('/[^_\-\.a-zA-Z0-9]/', $sAuthAccountHash)) {
$aResult['AuthAccountHash'] = $sAuthAccountHash;
}
$oSettings = null;
$passfile = APP_PRIVATE_DATA.'admin_password.txt';

View file

@ -25,7 +25,24 @@ class Service
$this->oActions = Api::Actions();
$this->oServiceActions = new ServiceActions($this->oHttp, $this->oActions);
}
/**
* @staticvar bool $bOne
*/
public static function Handle() : bool
{
static $bOne = null;
if (null === $bOne)
{
$bOne = (new self)->RunResult();
}
return $bOne;
}
public function RunResult() : bool
{
if ($this->oActions->Config()->Get('debug', 'enable', false))
{
\error_reporting(E_ALL);
@ -64,36 +81,11 @@ class Service
exit(0);
}
$this->localHandle();
}
public function RunResult() : bool
{
return true;
}
/**
* @staticvar bool $bOne
*/
public static function Handle() : bool
{
static $bOne = null;
if (null === $bOne)
{
$bOne = (new self)->RunResult();
}
return $bOne;
}
private function localHandle() : self
{
$sResult = '';
$sQuery = $this->oActions->ParseQueryAuthString();
$sQuery = $this->oActions->ParseQueryString();
$this->oActions->Plugins()->RunHook('filter.http-query', array(&$sQuery));
$aPaths = \explode('/', $sQuery);
// unset($aPaths[1]); // was the rlspecauth/AuthAccountHash token
$this->oActions->Plugins()->RunHook('filter.http-paths', array(&$aPaths));
$bAdmin = false;
@ -109,6 +101,8 @@ class Service
$bAdmin = true;
}
$bAdmin || $this->oActions->getAuthAccountHash();
if ($this->oHttp->IsPost())
{
$this->oHttp->ServerNoCache();
@ -124,6 +118,7 @@ class Service
}
$bIndex = true;
$sResult = '';
if (0 < \count($aPaths) && !empty($aPaths[0]) && !$bAdmin && 'index' !== \strtolower($aPaths[0]))
{
$bIndex = false;
@ -157,7 +152,6 @@ class Service
return $this;
}
$this->oServiceActions->getAuthAccountHash($bAdmin);
$sLanguage = $this->oActions->GetLanguage($bAdmin);
$aTemplateParameters = $this->indexTemplateParameters($bAdmin);
@ -193,7 +187,8 @@ class Service
unset($sResult);
$this->oActions->BootEnd();
return $this;
return true;
}
private function staticPath(string $sPath) : string

View file

@ -168,11 +168,6 @@ class ServiceActions
if (\is_array($aResponseItem) && $oException instanceof Exceptions\ClientException)
{
if ('Folders' === $sAction)
{
$aResponseItem['ClearAuth'] = true;
}
if ($oException->getLogoutOnException())
{
$aResponseItem['Logout'] = true;
@ -875,7 +870,7 @@ class ServiceActions
$this->oHttp->ServerNoCache();
$sResult = 'rl.initData('
.\json_encode($this->oActions->AppData($bAdmin, $this->getAuthAccountHash($bAdmin)))
.\json_encode($this->oActions->AppData($bAdmin))
.');';
$this->Logger()->Write($sResult, \MailSo\Log\Enumerations\Type::INFO, 'APPDATA');
@ -883,34 +878,6 @@ class ServiceActions
return $sResult;
}
// rlspecauth / AuthAccountHash
public function getAuthAccountHash(bool $bAdmin) : string
{
static $sAuthAccountHash = null;
if (null === $sAuthAccountHash) {
$sAuthAccountHash = '';
if (!$bAdmin && 0 === \strlen($this->oActions->GetSpecAuthLogoutTokenWithDeletion())) {
$sAuthAccountHash = $this->oActions->GetSpecAuthTokenCookie() ?: $this->oActions->GetSpecAuthToken();
if (empty($sAuthAccountHash)) {
$oAccount = $this->oActions->GetAccountFromSignMeToken();
if ($oAccount) try
{
$this->oActions->CheckMailConnection($oAccount);
$this->oActions->AuthToken($oAccount);
$sAuthAccountHash = $this->oActions->GetSpecAuthToken();
}
catch (\Throwable $oException)
{
$oException = null;
$this->oActions->ClearSignMeData($oAccount);
}
}
$this->oActions->SetSpecAuthToken($sAuthAccountHash);
}
}
return $sAuthAccountHash;
}
public function compileTemplates(bool $bAdmin = false, bool $bJsOutput = true) : string
{
$aTemplates = array();