otp.php 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Allow one-time password login
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category Login
  23. * @package StatusNet
  24. * @author Evan Prodromou <evan@status.net>
  25. * @copyright 2010 StatusNet, Inc.
  26. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
  27. * @link http://status.net/
  28. */
  29. if (!defined('STATUSNET')) {
  30. exit(1);
  31. }
  32. /**
  33. * Allow one-time password login
  34. *
  35. * This action will automatically log in the user identified by the user_id
  36. * parameter. A login_token record must be constructed beforehand, typically
  37. * by code where the user is already authenticated.
  38. *
  39. * @category Login
  40. * @package StatusNet
  41. * @author Evan Prodromou <evan@status.net>
  42. * @copyright 2010 StatusNet, Inc.
  43. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
  44. * @link http://status.net/
  45. */
  46. class OtpAction extends Action
  47. {
  48. var $user;
  49. var $token;
  50. var $rememberme;
  51. var $returnto;
  52. var $lt;
  53. function prepare(array $args = array())
  54. {
  55. parent::prepare($args);
  56. if (common_is_real_login()) {
  57. // TRANS: Client error displayed trying to use "one time password login" when already logged in.
  58. $this->clientError(_('Already logged in.'));
  59. }
  60. $id = $this->trimmed('user_id');
  61. if (empty($id)) {
  62. // TRANS: Client error displayed trying to use "one time password login" without specifying a user.
  63. $this->clientError(_('No user ID specified.'));
  64. }
  65. $this->user = User::getKV('id', $id);
  66. if (empty($this->user)) {
  67. // TRANS: Client error displayed trying to use "one time password login" without using an existing user.
  68. $this->clientError(_('No such user.'));
  69. }
  70. $this->token = $this->trimmed('token');
  71. if (empty($this->token)) {
  72. // TRANS: Client error displayed trying to use "one time password login" without specifying a login token.
  73. $this->clientError(_('No login token specified.'));
  74. }
  75. $this->lt = Login_token::getKV('user_id', $id);
  76. if (empty($this->lt)) {
  77. // TRANS: Client error displayed trying to use "one time password login" without requesting a login token.
  78. $this->clientError(_('No login token requested.'));
  79. }
  80. if ($this->lt->token != $this->token) {
  81. // TRANS: Client error displayed trying to use "one time password login" while specifying an invalid login token.
  82. $this->clientError(_('Invalid login token specified.'));
  83. }
  84. if ($this->lt->modified > time() + Login_token::TIMEOUT) {
  85. //token has expired
  86. //delete the token as it is useless
  87. $this->lt->delete();
  88. $this->lt = null;
  89. // TRANS: Client error displayed trying to use "one time password login" while specifying an expired login token.
  90. $this->clientError(_('Login token expired.'));
  91. }
  92. $this->rememberme = $this->boolean('rememberme');
  93. $this->returnto = $this->trimmed('returnto');
  94. return true;
  95. }
  96. function handle()
  97. {
  98. parent::handle();
  99. // success!
  100. if (!common_set_user($this->user)) {
  101. // TRANS: Server error displayed when a user object could not be created trying to login using "one time password login".
  102. $this->serverError(_('Error setting user. You are probably not authorized.'));
  103. }
  104. // We're now logged in; disable the lt
  105. $this->lt->delete();
  106. $this->lt = null;
  107. common_real_login(true);
  108. if ($this->rememberme) {
  109. common_rememberme($this->user);
  110. }
  111. if (!empty($this->returnto)) {
  112. $url = $this->returnto;
  113. // We don't have to return to it again
  114. common_set_returnto(null);
  115. } else {
  116. $url = common_local_url('all',
  117. array('nickname' =>
  118. $this->user->nickname));
  119. }
  120. common_redirect($url, 303);
  121. }
  122. }